[PATCH] libosmocore[master]: contrib: add script to find unterminated value_string arrays

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Neels Hofmeyr gerrit-no-reply at lists.osmocom.org
Wed Mar 1 15:12:27 UTC 2017


Hello Jenkins Builder,

I'd like you to reexamine a change.  Please visit

    https://gerrit.osmocom.org/1940

to look at the new patch set (#3).

contrib: add script to find unterminated value_string arrays

Unterminated value_string arrays are dangerous since get_value_string() and
get_string_value() need to know where the struct ends. If the terminator is
missing, they might run through and return arbitrary memory locations.

Employ some regexes to find such unterminated value string arrays and return
nonzero if any are found.

This can be used in our jenkins build jobs to avoid committing unterminated
value_string arrays. In fact I've found one in current libosmocore:
gsm0808_bssap_names in gsm/gsm0808.c, fixed in a separate patch.

Change-Id: I2bc93ab4781487e7685cfb63091a489cd126b1a8
---
A contrib/verify_value_string_arrays_are_terminated.py
1 file changed, 33 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/40/1940/3

diff --git a/contrib/verify_value_string_arrays_are_terminated.py b/contrib/verify_value_string_arrays_are_terminated.py
new file mode 100755
index 0000000..020bb4d
--- /dev/null
+++ b/contrib/verify_value_string_arrays_are_terminated.py
@@ -0,0 +1,33 @@
+#!/usr/bin/env python3
+# vim: expandtab tabstop=2 shiftwidth=2 nocin
+
+'''
+Usage:
+  verify_value_string_arrays_are_terminated.py PATH [PATH [...]]
+
+e.g.
+libosmocore/contrib/verify_value_string_arrays_are_terminated.py $(find . -name "*.[hc]")
+'''
+
+import re
+import sys
+import codecs
+
+value_string_array_re = re.compile(
+  r'((\bstruct\s+value_string\b[^{;]*?)\s*=[^{;]*{[^;]*}\s*;)',
+  re.MULTILINE | re.DOTALL)
+
+members = r'(\.(value|str)\s*=\s*)?'
+terminator_re = re.compile('{\s*' + members + '(0|NULL)\s*,'
+                           '\s*' + members + '(0|NULL)\s*}')
+errors_found = 0
+
+for f in sys.argv[1:]:
+  arrays = value_string_array_re.findall(codecs.open(f, "r", "utf-8").read())
+  for array_def, name in arrays:
+    if not terminator_re.search(array_def):
+      print('ERROR: file contains unterminated value_string %r: %r'
+            % (name, f))
+      errors_found += 1
+
+sys.exit(errors_found)

-- 
To view, visit https://gerrit.osmocom.org/1940
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I2bc93ab4781487e7685cfb63091a489cd126b1a8
Gerrit-PatchSet: 3
Gerrit-Project: libosmocore
Gerrit-Branch: master
Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: Neels Hofmeyr <nhofmeyr at sysmocom.de>



More information about the gerrit-log mailing list