From b1564909d79b79e5e33b355a803d25bc3dc8bafa Mon Sep 17 00:00:00 2001 From: Pali Rohár Date: Sun, 19 Oct 2014 20:17:06 +0200 Subject: nolo: Fix size of snprintf buffer --- src/nolo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/nolo.c') diff --git a/src/nolo.c b/src/nolo.c index 238336d..e247698 100644 --- a/src/nolo.c +++ b/src/nolo.c @@ -311,7 +311,7 @@ static int nolo_send_image(struct usb_device_info * dev, struct image * image, i if ( bufs ) { memset(buf, 0, sizeof(buf)); - snprintf(buf, 8, "%d", dev->hwrev); + snprintf(buf, 8+1, "%d", dev->hwrev); for ( i = 0; bufs[i]; ++i ) { len = ((uint8_t*)bufs[i])[0]; @@ -763,7 +763,7 @@ int nolo_set_hwrev(struct usb_device_info * dev, int16_t hwrev) { char buf[9]; memset(buf, 0, sizeof(buf)); - snprintf(buf, 8, "%d", hwrev); + snprintf(buf, sizeof(buf), "%d", hwrev); printf("Setting HW revision to: %s\n", buf); return nolo_set_string(dev, "hw_rev", buf); -- cgit v1.2.3 From 9a1f63c5aed6e197033747e64d85e471aea3402f Mon Sep 17 00:00:00 2001 From: Pali Rohár Date: Sun, 19 Oct 2014 20:17:29 +0200 Subject: nolo: Check return value of sprintf --- src/nolo.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/nolo.c') diff --git a/src/nolo.c b/src/nolo.c index e247698..9ba5a06 100644 --- a/src/nolo.c +++ b/src/nolo.c @@ -176,7 +176,8 @@ static int nolo_get_version_string(struct usb_device_info * dev, const char * st if ( strlen(str) > 500 ) return -1; - sprintf(buf, "version:%s", str); + if ( sprintf(buf, "version:%s", str) <= 0 ) + return -1; ret = nolo_get_string(dev, buf, out, size); -- cgit v1.2.3 From f0712d5b23073fcb7d73085132ef72748fa31ae8 Mon Sep 17 00:00:00 2001 From: Pali Rohár Date: Sun, 19 Oct 2014 20:23:21 +0200 Subject: all: Replace strlen() call on const string with sizeof()-1 --- src/fiasco.c | 2 +- src/local.c | 14 +++++++------- src/nolo.c | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) (limited to 'src/nolo.c') diff --git a/src/fiasco.c b/src/fiasco.c index 0c404bc..74d089f 100644 --- a/src/fiasco.c +++ b/src/fiasco.c @@ -495,7 +495,7 @@ int fiasco_unpack(struct fiasco * fiasco, const char * dir) { if ( image->layout ) { - layout_name = calloc(1, strlen(name) + strlen(".layout") + 1); + layout_name = calloc(1, strlen(name) + sizeof(".layout")-1 + 1); if ( ! layout_name ) { free(name); ALLOC_ERROR_RETURN(-1); diff --git a/src/local.c b/src/local.c index 86d3b78..c7f3ad1 100644 --- a/src/local.c +++ b/src/local.c @@ -127,9 +127,9 @@ int local_init(void) { while ( fgets(buf, sizeof(buf), file) ) { - if ( strncmp(buf, "Hardware", strlen("Hardware")) == 0 ) { + if ( strncmp(buf, "Hardware", sizeof("Hardware")-1) == 0 ) { - ptr = buf + strlen("Hardware"); + ptr = buf + sizeof("Hardware")-1; while ( ptr < buf + sizeof(buf) && *ptr > 0 && *ptr <= 32 ) ++ptr; @@ -328,7 +328,7 @@ int local_dump_image(enum image_type image, const char * file) { buf[0] = 0; close(fd); - if ( strncmp(buf, "internal", strlen("internal")) != 0 ) + if ( strncmp(buf, "internal", sizeof("internal")-1) != 0 ) continue; if ( snprintf(buf, sizeof(buf), "/sys/class/mmc_host/%s/%s:0001/", dirent->d_name, dirent->d_name) <= 0 ) @@ -340,7 +340,7 @@ int local_dump_image(enum image_type image, const char * file) { while ( ( dirent2 = readdir(dir2) ) ) { - if ( strncmp(dirent2->d_name, "block:mmcblk", strlen("block:mmcblk")) != 0 ) + if ( strncmp(dirent2->d_name, "block:mmcblk", sizeof("block:mmcblk")-1) != 0 ) continue; if ( snprintf(buf, sizeof(buf), "/sys/class/mmc_host/%s/%s:0001/%s/dev", dirent->d_name, dirent->d_name, dirent2->d_name) <= 0 ) @@ -540,7 +540,7 @@ int local_set_usb_host_mode(int enable) { int local_get_rd_mode(void) { - if ( strncmp(rd_mode, "master", strlen("master")) == 0 ) + if ( strncmp(rd_mode, "master", sizeof("master")-1) == 0 ) return 1; else return 0; @@ -559,8 +559,8 @@ int local_get_rd_flags(char * flags, size_t size) { const char * ptr; - if ( strncmp(rd_mode, "master", strlen("master")) == 0 ) - ptr = rd_mode + strlen("master"); + if ( strncmp(rd_mode, "master", sizeof("master")-1) == 0 ) + ptr = rd_mode + sizeof("master")-1; else ptr = rd_mode; diff --git a/src/nolo.c b/src/nolo.c index 9ba5a06..77d49e9 100644 --- a/src/nolo.c +++ b/src/nolo.c @@ -464,7 +464,7 @@ int nolo_flash_image(struct usb_device_info * dev, struct image * image) { if ( nolo_get_string(dev, "cmt:status", buf, sizeof(buf)) < 0 ) NOLO_ERROR_RETURN("cmt:status failed", -1); - if ( strncmp(buf, "idle", strlen("idle")) == 0 ) + if ( strncmp(buf, "idle", sizeof("idle")-1) == 0 ) state = 4; else printf("Erasing CMT...\n"); @@ -476,7 +476,7 @@ int nolo_flash_image(struct usb_device_info * dev, struct image * image) { NOLO_ERROR_RETURN("cmt:status failed", -1); } - if ( strncmp(buf, "finished", strlen("finished")) == 0 ) { + if ( strncmp(buf, "finished", sizeof("finished")-1) == 0 ) { if ( state <= 0 ) { printf_progressbar(last_total, last_total); @@ -537,9 +537,9 @@ int nolo_boot_device(struct usb_device_info * dev, const char * cmdline) { int size = 0; int mode = NOLO_BOOT_MODE_NORMAL; - if ( cmdline && strncmp(cmdline, "update", strlen("update")) == 0 && cmdline[strlen("update")] <= 32 ) { + if ( cmdline && strncmp(cmdline, "update", sizeof("update")-1) == 0 && cmdline[sizeof("update")-1] <= 32 ) { mode = NOLO_BOOT_MODE_UPDATE; - cmdline += strlen("update"); + cmdline += sizeof("update")-1; if ( *cmdline ) ++cmdline; while ( *cmdline && *cmdline <= 32 ) ++cmdline; -- cgit v1.2.3 From 26b6f86f84f04c1b1461e257bb843881a58ff057 Mon Sep 17 00:00:00 2001 From: Pali Rohár Date: Tue, 18 Nov 2014 18:07:59 +0100 Subject: nolo: Fix parsing cmt status Now flashing cmt images should work without problems --- src/nolo.c | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) (limited to 'src/nolo.c') diff --git a/src/nolo.c b/src/nolo.c index 77d49e9..86a39eb 100644 --- a/src/nolo.c +++ b/src/nolo.c @@ -419,8 +419,8 @@ int nolo_flash_image(struct usb_device_info * dev, struct image * image) { unsigned long long int part; unsigned long long int total; unsigned long long int last_total; - char status[20]; char buf[128]; + char * ptr; if ( image->type == IMAGE_ROOTFS ) flash = 1; @@ -491,18 +491,29 @@ int nolo_flash_image(struct usb_device_info * dev, struct image * image) { state = 4; + } else if ( strncmp(buf, "error", sizeof("error")-1) == 0 ) { + + PRINTF_ERROR_RETURN("cmt:status error", -1); + } else { - if ( sscanf(buf, "%s:%llu/%llu", status, &part, &total) != 3 ) + ptr = strchr(buf, ':'); + if ( ! ptr ) + PRINTF_ERROR_RETURN("cmt:status unknown", -1); + + *ptr = 0; + ptr++; + + if ( sscanf(ptr, "%llu/%llu", &part, &total) != 2 ) PRINTF_ERROR_RETURN("cmt:status unknown", -1); - if ( strcmp(status, "program") == 0 && state <= 0 ) { + if ( strcmp(buf, "program") == 0 && state <= 0 ) { printf_progressbar(last_total, last_total); printf("Done\n"); state = 1; } - if ( strcmp(status, "program") == 0 && state <= 1 ) { + if ( strcmp(buf, "program") == 0 && state <= 1 ) { printf("Programming CMT...\n"); state = 2; } @@ -510,12 +521,12 @@ int nolo_flash_image(struct usb_device_info * dev, struct image * image) { printf_progressbar(part, total); last_total = total; - if ( strcmp(status, "erase") == 0 && state <= 0 && part == total ) { + if ( strcmp(buf, "erase") == 0 && state <= 0 && part == total ) { printf("Done\n"); state = 1; } - if ( strcmp(status, "program") == 0 && state <= 2 && part == total ) { + if ( strcmp(buf, "program") == 0 && state <= 2 && part == total ) { printf("Done\n"); state = 3; } -- cgit v1.2.3 From 8c788bad62ff31f1034e92144ccfc19b0883121e Mon Sep 17 00:00:00 2001 From: Pali Rohár Date: Tue, 18 Nov 2014 20:15:14 +0100 Subject: nolo: Do not call NOLO_ERROR_LOG when not needed --- src/nolo.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'src/nolo.c') diff --git a/src/nolo.c b/src/nolo.c index 86a39eb..e437ef7 100644 --- a/src/nolo.c +++ b/src/nolo.c @@ -84,12 +84,14 @@ static void nolo_error_log(struct usb_device_info * dev, int only_clear) { char buf[2048]; size_t i, count; + int ret; for ( count = 0; count < 20; ++count ) { memset(buf, 0, sizeof(buf)); - if ( usb_control_msg(dev->udev, NOLO_QUERY, NOLO_ERROR_LOG, 0, 0, buf, sizeof(buf), 2000) <= 0 ) + ret = usb_control_msg(dev->udev, NOLO_QUERY, NOLO_ERROR_LOG, 0, 0, buf, sizeof(buf), 2000); + if ( ret < 0 ) break; if ( ! only_clear ) { @@ -103,6 +105,9 @@ static void nolo_error_log(struct usb_device_info * dev, int only_clear) { } + if ( (size_t)ret < sizeof(buf) ) + break; + } } @@ -180,11 +185,10 @@ static int nolo_get_version_string(struct usb_device_info * dev, const char * st return -1; ret = nolo_get_string(dev, buf, out, size); - - nolo_error_log(dev, 1); - - if ( ret < 0 ) + if ( ret < 0 ) { + nolo_error_log(dev, 1); return ret; + } if ( ! out[0] ) return -1; -- cgit v1.2.3