summaryrefslogtreecommitdiffstats
path: root/src/vlib/unix
diff options
context:
space:
mode:
authorChris Luke <chrisy@flirble.org>2017-09-18 08:51:22 -0400
committerFlorin Coras <florin.coras@gmail.com>2017-09-18 18:26:04 +0000
commitb2bcad6238b7e8a669ae29c74079eb9bb9fbb694 (patch)
treea8657766e3ae782ed8dacc4ac1ea559a0e60ae86 /src/vlib/unix
parent2019748a0ef815852281aae0a603f0e970fa9d91 (diff)
Fixes for issues Coverity has reported (VPP-972)
177117: fstat() returns -1 on error; the code is checking for any positive value instead 175142: final return could never be reached; simple refactoring 175235,175236: Warning suppressed with an explicit cast to (void) 174817: Final return couldn't be reached; is is_in_order is 0 then 'rv' is already returned above 172095,172093: If is_is_set does not get set to 1, then return 0 has already been invoked 174405: Re-kill this (nothing sets rv) 171136: Looks like a cmd line flag to set test_bytes was missing; added it, and refactored the argc/argv processing to avoid two other potential segv's 176813: Add range checking for term width/height. First stab at a reasonable range is 1-512 for both. 175350: Fix implicit casting in shift operation 174272: Not a c+p error; try using a coverity annotation to ignore it 174273,175320: Annotated FORWARD_NULL Change-Id: I58d0f860fc2209f59f8d1b6b344d631b8d429ace Signed-off-by: Chris Luke <chrisy@flirble.org>
Diffstat (limited to 'src/vlib/unix')
-rw-r--r--src/vlib/unix/cli.c30
1 files changed, 30 insertions, 0 deletions
diff --git a/src/vlib/unix/cli.c b/src/vlib/unix/cli.c
index 1567cc2ac0a..1624ce387fb 100644
--- a/src/vlib/unix/cli.c
+++ b/src/vlib/unix/cli.c
@@ -91,6 +91,15 @@
* protocol message. This is a saftey measure. */
#define UNIX_CLI_MAX_DEPTH_TELNET 24
+/** Minimum terminal width we will accept */
+#define UNIX_CLI_MIN_TERMINAL_WIDTH 1
+/** Maximum terminal width we will accept */
+#define UNIX_CLI_MAX_TERMINAL_WIDTH 512
+/** Minimum terminal height we will accept */
+#define UNIX_CLI_MIN_TERMINAL_HEIGHT 1
+/** Maximum terminal height we will accept */
+#define UNIX_CLI_MAX_TERMINAL_HEIGHT 512
+
/** Unix standard in */
#define UNIX_CLI_STDIN_FD 0
@@ -1164,10 +1173,21 @@ unix_cli_process_telnet (unix_main_t * um,
/* Window size */
if (i != 8) /* check message is correct size */
break;
+
cf->width =
clib_net_to_host_u16 (*((u16 *) (input_vector + 3)));
+ if (cf->width > UNIX_CLI_MAX_TERMINAL_WIDTH)
+ cf->width = UNIX_CLI_MAX_TERMINAL_WIDTH;
+ if (cf->width < UNIX_CLI_MIN_TERMINAL_WIDTH)
+ cf->width = UNIX_CLI_MIN_TERMINAL_WIDTH;
+
cf->height =
clib_net_to_host_u16 (*((u16 *) (input_vector + 5)));
+ if (cf->height > UNIX_CLI_MAX_TERMINAL_HEIGHT)
+ cf->height = UNIX_CLI_MAX_TERMINAL_HEIGHT;
+ if (cf->height < UNIX_CLI_MIN_TERMINAL_HEIGHT)
+ cf->height = UNIX_CLI_MIN_TERMINAL_HEIGHT;
+
/* reindex pager buffer */
unix_cli_pager_reindex (cf);
/* redraw page */
@@ -2539,8 +2559,18 @@ unix_cli_resize_interrupt (int signum)
/* We can't trust ws.XXX... */
return;
}
+
cf->width = ws.ws_col;
+ if (cf->width > UNIX_CLI_MAX_TERMINAL_WIDTH)
+ cf->width = UNIX_CLI_MAX_TERMINAL_WIDTH;
+ if (cf->width < UNIX_CLI_MIN_TERMINAL_WIDTH)
+ cf->width = UNIX_CLI_MIN_TERMINAL_WIDTH;
+
cf->height = ws.ws_row;
+ if (cf->height > UNIX_CLI_MAX_TERMINAL_HEIGHT)
+ cf->height = UNIX_CLI_MAX_TERMINAL_HEIGHT;
+ if (cf->height < UNIX_CLI_MIN_TERMINAL_HEIGHT)
+ cf->height = UNIX_CLI_MIN_TERMINAL_HEIGHT;
/* Reindex the pager buffer */
unix_cli_pager_reindex (cf);