mtd-utils: tests: jittertest: reject overlong file names

plotJittervsFill copies the -f argument into a 250-byte buffer with strncpy(..., sizeof(LogFile)). A 250-byte file name leaves the buffer unterminated, and the subsequent fopen() reads past the end of LogFile. JitterTest uses the same fixed-size file name pattern for -r, while -c still silently truncates overlong names and -f already rejects them. Validate jittertest file name arguments before copying them so these options all reject overlong input instead of truncating it or reading past the end of fixed-size buffers. Add a shell regression test that exercises the accepted and rejected boundary lengths for plotJittervsFill and JitterTest during make check. Signed-off-by: Aviv Daum <aviv.daum@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
author: Aviv Daum <aviv.daum@gmail.com> 2026-03-19 00:53:32 +0200
committer: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2026-04-13 08:42:56 +0200
commit: 514063a6d7a628e358894b6a6a6cb089c264fc09 (patch)
tree: d817461ddd1133a03e08a6bd555c5b6356f1f000 /tests/jittertest/JitterTest.c
parent: 5f7dd327a813c83f97f4a6128bb82c021ed870d8 (diff)
1 files changed, 36 insertions, 16 deletions
diff --git a/tests/jittertest/JitterTest.c b/tests/jittertest/JitterTest.c
index 2bee0b0..a3e3764 100644
--- a/tests/jittertest/JitterTest.c
+++ b/tests/jittertest/JitterTest.c
@@ -205,6 +205,7 @@ static int RunAsRTTask = FALSE; /* default action unless priority is
 
 /********************* Local Function Prototypes **********************/
 void HandleCmdLineArgs(int argc, char *argv[]);
+static void SaveFileName(char *pDest, size_t destSize, const char *pFileName);
 void SetFileName(char * pFileName);
 void SetInterruptPeriod(char * pASCIIInterruptPeriodMilliSec);
 void SetSchedulerPriority(char * pASCIISchedulerPriority);
@@ -830,9 +831,14 @@ void HandleCmdLineArgs(
                      (strcmp(argv[argNum],"-r")       == STRINGS_EQUAL)) {
                 /* Set the file to read*/
                 ++argNum;
-
-                strncpy(ReadFile, argv[argNum], sizeof(ReadFile));
-                DoRead = TRUE;
+                if (argNum < argc) {
+                    SaveFileName(ReadFile, sizeof(ReadFile), argv[argNum]);
+                    DoRead = TRUE;
+                }
+                else {
+                    printf("*** Read file name not specified. ***\n");
+                    exit(0);
+                }
             }
 
             else if ((strcmp(argv[argNum],"--write_bytes") ==
@@ -858,9 +864,13 @@ void HandleCmdLineArgs(
                      (strcmp(argv[argNum],"-c")       == STRINGS_EQUAL)) {
 	      /* Set the file to log console log on. */
 	      ++argNum;
-
-	      strncpy(LogFile, argv[argNum], sizeof(LogFile) - 1);
-	      LogFile[sizeof(LogFile) - 1] = '\0';
+	      if (argNum < argc) {
+	          SaveFileName(LogFile, sizeof(LogFile), argv[argNum]);
+	      }
+	      else {
+	          printf("*** Console log file name not specified. ***\n");
+	          exit(0);
+	      }
             }
 
             else if ((strcmp(argv[argNum],"--grab_kprofile") ==
@@ -913,27 +923,37 @@ void HandleCmdLineArgs(
 
 
 /***********************************************************************
- *                                SetFileName
- *  This function sets the output file name.
+ *                              SaveFileName
+ *  This function validates and saves a file name.
  *  output: N/A
  ***********************************************************************/
-void SetFileName(
-    char * pFileName)               /* ptr to desired output file name  */
+static void SaveFileName(
+    char *pDest,                    /* ptr to destination buffer        */
+    size_t destSize,                /* destination buffer size          */
+    const char *pFileName)          /* ptr to desired file name         */
 {
     size_t fileNameLen;             /* file name length (bytes)         */
 
-    /* Check file name length. */
     fileNameLen = strlen(pFileName);
-    if (fileNameLen > (size_t) MAX_FILE_NAME_LEN) {
+    if (fileNameLen > destSize - 1) {
         printf("File name %s exceeds maximum length %d.\n",
-               pFileName, MAX_FILE_NAME_LEN);
+               pFileName, (int)(destSize - 1));
         exit(0);
     }
 
-    /* File name length is OK so save the file name. */
-    strcpy(OutFileName, pFileName);
+    strcpy(pDest, pFileName);
+}
 
-    return;
+
+/***********************************************************************
+ *                                SetFileName
+ *  This function sets the output file name.
+ *  output: N/A
+ ***********************************************************************/
+void SetFileName(
+    char * pFileName)               /* ptr to desired output file name  */
+{
+    SaveFileName(OutFileName, sizeof(OutFileName), pFileName);
 }
author	Aviv Daum <aviv.daum@gmail.com>	2026-03-19 00:53:32 +0200
committer	David Oberhollenzer <david.oberhollenzer@sigma-star.at>	2026-04-13 08:42:56 +0200
commit	514063a6d7a628e358894b6a6a6cb089c264fc09 (patch)
tree	d817461ddd1133a03e08a6bd555c5b6356f1f000 /tests/jittertest/JitterTest.c
parent	5f7dd327a813c83f97f4a6128bb82c021ed870d8 (diff)