FreeCalypso > hg > freecalypso-tools

changeset 921:74d284add54d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fc-fsio: guard against bogus readdir results from the target If the FFS being operated on contains SE K2x0 extended filenames, readdir will return strings that are bad for printing. We need to guard against this possibility, and also against possible other bogosity that could be sent by other alien firmwares.
author Mychaela Falconia <falcon@freecalypso.org>
date Sat, 31 Dec 2022 22:55:23 +0000
parents 0306449ba467
children 3152e23399a2
files rvinterf/etmsync/fileio.c rvinterf/etmsync/fsbasics.c rvinterf/etmsync/fsread.c
diffstat 3 files changed, 44 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/rvinterf/etmsync/fileio.c	Sat Dec 31 21:08:05 2022 +0000
+++ b/rvinterf/etmsync/fileio.c	Sat Dec 31 22:55:23 2022 +0000
@@ -300,7 +300,7 @@
 	if (rvi_msg[5] != 4)
 		goto malformed;
 	slen = rvi_msg[10];
-	if (slen < 2 || rvi_msg_len != slen + 12)
+	if (slen < 2 || rvi_msg_len != slen + 12 || !rvi_msg[11])
 		goto malformed;
 	if (slen > namebuflen) {
 		printf("error: readdir response exceeds provided buffer\n");
--- a/rvinterf/etmsync/fsbasics.c	Sat Dec 31 21:08:05 2022 +0000
+++ b/rvinterf/etmsync/fsbasics.c	Sat Dec 31 22:55:23 2022 +0000
@@ -41,6 +41,26 @@
 	return(0);
 }
 
+void
+safe_print_ls_name(name)
+	char *name;
+{
+	char *p;
+	int c;
+
+	p = name;
+	while (c = *p++) {
+		if (c == '\\') {
+			putchar('\\');
+			putchar('\\');
+		} else if (c >= ' ' && c <= '~')
+			putchar(c);
+		else
+			printf("\\x%02X", c);
+	}
+	putchar('\n');
+}
+
 do_ls_short(lsarg)
 	char *lsarg;
 {
@@ -59,7 +79,7 @@
 		rc = do_readdir(state, namebuf, sizeof namebuf);
 		if (rc)
 			return(rc);
-		printf("%s\n", namebuf);
+		safe_print_ls_name(namebuf);
 	}
 	return(0);
 }
--- a/rvinterf/etmsync/fsread.c	Sat Dec 31 21:08:05 2022 +0000
+++ b/rvinterf/etmsync/fsread.c	Sat Dec 31 22:55:23 2022 +0000
@@ -50,6 +50,20 @@
 	}
 }
 
+ls_is_sane(name)
+	char *name;
+{
+	char *cp;
+	int c;
+
+	cp = name;
+	while (c = *cp++) {
+		if (c < '!' || c > '~')
+			return(0);
+	}
+	return(1);
+}
+
 do_ls_long(lsarg)
 	char *lsarg;
 {
@@ -87,6 +101,10 @@
 			printf("error: readdir result contains a slash\n");
 			return(ERROR_TARGET);
 		}
+		if (!ls_is_sane(rdbuf)) {
+		printf("error: readdir result contains non-printable chars\n");
+			return(ERROR_TARGET);
+		}
 		strcpy(childp, rdbuf);
 		rc = do_xlstat(childpath, &stat);
 		if (rc) {
@@ -235,6 +253,10 @@
 			printf("error: readdir result contains a slash\n");
 			return(ERROR_TARGET);
 		}
+		if (!ls_is_sane(rdbuf)) {
+		printf("error: readdir result contains non-printable chars\n");
+			return(ERROR_TARGET);
+		}
 		strcpy(childp, rdbuf);
 		if (rdbuf[0] == '.') {
 			printf("skipping %s\n", ffspath_child);