diff options
| author | Aviv Daum <aviv.daum@gmail.com> | 2026-03-19 00:53:32 +0200 |
|---|---|---|
| committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2026-04-13 08:42:56 +0200 |
| commit | 514063a6d7a628e358894b6a6a6cb089c264fc09 (patch) | |
| tree | d817461ddd1133a03e08a6bd555c5b6356f1f000 /tests/jittertest/filename_bounds.sh.in | |
| parent | 5f7dd327a813c83f97f4a6128bb82c021ed870d8 (diff) | |
mtd-utils: tests: jittertest: reject overlong file names
plotJittervsFill copies the -f argument into a 250-byte buffer with
strncpy(..., sizeof(LogFile)). A 250-byte file name leaves the buffer
unterminated, and the subsequent fopen() reads past the end of LogFile.
JitterTest uses the same fixed-size file name pattern for -r, while -c
still silently truncates overlong names and -f already rejects them.
Validate jittertest file name arguments before copying them so these
options all reject overlong input instead of truncating it or reading
past the end of fixed-size buffers.
Add a shell regression test that exercises the accepted and rejected
boundary lengths for plotJittervsFill and JitterTest during make check.
Signed-off-by: Aviv Daum <aviv.daum@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'tests/jittertest/filename_bounds.sh.in')
| -rwxr-xr-x | tests/jittertest/filename_bounds.sh.in | 115 |
1 files changed, 115 insertions, 0 deletions
diff --git a/tests/jittertest/filename_bounds.sh.in b/tests/jittertest/filename_bounds.sh.in new file mode 100755 index 0000000..0dfba74 --- /dev/null +++ b/tests/jittertest/filename_bounds.sh.in @@ -0,0 +1,115 @@ +#!/bin/sh + +TESTBINDIR=${TESTBINDIR-@TESTBINDIR@} + +tmpdir= +jt_pid= +watchdog_pid= + +fatal() +{ + echo "Error: $1" 1>&2 + exit 1 +} + +cleanup() +{ + if [ -n "$watchdog_pid" ]; then + kill "$watchdog_pid" >/dev/null 2>&1 || : + wait "$watchdog_pid" 2>/dev/null || : + fi + + if [ -n "$jt_pid" ]; then + kill "$jt_pid" >/dev/null 2>&1 || : + wait "$jt_pid" 2>/dev/null || : + fi + + if [ -n "$tmpdir" ]; then + rm -rf "$tmpdir" + fi +} + +trap 'status=$?; trap - EXIT; cleanup; exit $status' EXIT +trap 'exit 1' HUP INT QUIT TERM + +make_name() +{ + char="$1" + length="$2" + name= + i=0 + + while [ "$i" -lt "$length" ]; do + name="${name}${char}" + i=$((i + 1)) + done + + printf '%s' "$name" +} + +tmpdir=$(mktemp -d "${TMPDIR:-/tmp}/mtd-utils-jittertest.XXXXXX") || + fatal "mktemp failed" +cd "$tmpdir" || fatal "cannot change to temp dir" + +plot_valid=$(make_name a 249) +: > "$plot_valid" || fatal "cannot create valid plot input" +"$TESTBINDIR/plotJittervsFill" -f "$plot_valid" >plot-valid.out 2>plot-valid.err || + fatal "plotJittervsFill rejected a 249-byte file name" +if grep -q "exceeds maximum length" plot-valid.out plot-valid.err; then + fatal "plotJittervsFill reported a max-length error for a 249-byte file name" +fi + +plot_invalid=$(make_name b 250) +"$TESTBINDIR/plotJittervsFill" -f "$plot_invalid" >plot-invalid.out 2>plot-invalid.err || : +if ! grep -q "exceeds maximum length" plot-invalid.out plot-invalid.err; then + fatal "plotJittervsFill did not reject a 250-byte file name" +fi +if grep -q "Unable to open input log file" plot-invalid.out plot-invalid.err; then + fatal "plotJittervsFill reached fopen() for an overlong file name" +fi + +jt_read_valid=$(make_name r 32) +"$TESTBINDIR/JitterTest" -c /dev/null -f out.dat -r "$jt_read_valid" >jt-valid.out 2>jt-valid.err & +jt_pid=$! +( + sleep 10 + kill -TERM "$jt_pid" >/dev/null 2>&1 || : + sleep 1 + kill -KILL "$jt_pid" >/dev/null 2>&1 || : +) & +watchdog_pid=$! +sleep 1 +kill -INT "$jt_pid" >/dev/null 2>&1 || fatal "cannot stop JitterTest" +wait "$jt_pid" || fatal "JitterTest failed with a 32-byte read file name" +jt_pid= +kill "$watchdog_pid" >/dev/null 2>&1 || : +wait "$watchdog_pid" 2>/dev/null || : +watchdog_pid= +if ! grep -q "Press Ctrl+C to exit the program." jt-valid.out; then + fatal "JitterTest did not start normally with a 32-byte read file name" +fi +if ! grep -q "JitterTest exiting." jt-valid.out; then + fatal "JitterTest did not exit cleanly after SIGINT" +fi + +jt_read_invalid=$(make_name s 33) +"$TESTBINDIR/JitterTest" -c /dev/null -f out.dat -r "$jt_read_invalid" \ + >jt-read-invalid.out 2>jt-read-invalid.err || : +if ! grep -q "exceeds maximum length" jt-read-invalid.out jt-read-invalid.err; then + fatal "JitterTest did not reject a 33-byte read file name" +fi +if grep -q "Press Ctrl+C to exit the program." jt-read-invalid.out jt-read-invalid.err; then + fatal "JitterTest started despite an overlong read file name" +fi + +jt_console_invalid=$(make_name c 33) +"$TESTBINDIR/JitterTest" -c "$jt_console_invalid" -f out.dat \ + >jt-console-invalid.out 2>jt-console-invalid.err || : +if ! grep -q "exceeds maximum length" jt-console-invalid.out jt-console-invalid.err; then + fatal "JitterTest did not reject a 33-byte console file name" +fi +if grep -q "Press Ctrl+C to exit the program." jt-console-invalid.out jt-console-invalid.err; then + fatal "JitterTest started despite an overlong console file name" +fi + +echo "SUCCESS" |