Fix timestamp handling
timestamp_to_string can fail in unexpected ways. It attempts to do some
level of error checks, but doesn't return the result of those back to
the caller, which means that this can possibly read from unpopulated
memory.
Adjust the prototype and fix the issues in this helper function.
Change-Id: I9df2dc17142b1fd3a686fd852ac80f4691fd25be
Signed-off-by: Ed Tanous <etanous@nvidia.com>
diff --git a/cper-parse.c b/cper-parse.c
index f9a7e0e..8898089 100644
--- a/cper-parse.c
+++ b/cper-parse.c
@@ -206,12 +206,14 @@
//If a timestamp exists according to validation bits, then add it.
if (header->ValidationBits & 0x2) {
char timestamp_string[TIMESTAMP_LENGTH];
- timestamp_to_string(timestamp_string, TIMESTAMP_LENGTH,
- &header->TimeStamp);
-
+ if (timestamp_to_string(timestamp_string, TIMESTAMP_LENGTH,
+ &header->TimeStamp) < 0) {
+ goto fail;
+ }
json_object_object_add(
header_ir, "timestamp",
json_object_new_string(timestamp_string));
+
json_object_object_add(
header_ir, "timestampIsPrecise",
json_object_new_boolean(header->TimeStamp.Flag));
@@ -309,6 +311,10 @@
json_object_object_add(header_ir, "persistenceInfo",
json_object_new_uint64(header->PersistenceInfo));
return header_ir;
+
+fail:
+ json_object_put(header_ir);
+ return NULL;
}
//Converts the given EFI section descriptor into JSON IR format.
diff --git a/cper-utils.c b/cper-utils.c
index d36e944..6c76156 100644
--- a/cper-utils.c
+++ b/cper-utils.c
@@ -318,22 +318,47 @@
//Converts a single EFI timestamp to string, at the given output.
//Output must be at least TIMESTAMP_LENGTH bytes long.
-void timestamp_to_string(char *out, int out_len,
- EFI_ERROR_TIME_STAMP *timestamp)
+int timestamp_to_string(char *out, int out_len, EFI_ERROR_TIME_STAMP *timestamp)
{
+ //Cannot go to three digits.
+ int century = bcd_to_int(timestamp->Century) % 100;
+ if (century >= 100) {
+ return -1;
+ }
+ int year = bcd_to_int(timestamp->Year) % 100;
+ if (year >= 100) {
+ return -1;
+ }
+ int month = bcd_to_int(timestamp->Month);
+ if (month > 12) {
+ return -1;
+ }
+ int day = bcd_to_int(timestamp->Day);
+ if (day > 31) {
+ return -1;
+ }
+ int hours = bcd_to_int(timestamp->Hours);
+ if (hours >= 24) {
+ return -1;
+ }
+ int minutes = bcd_to_int(timestamp->Minutes);
+ if (minutes > 60) {
+ return -1;
+ }
+ int seconds = bcd_to_int(timestamp->Seconds);
+ if (seconds >= 60) {
+ return -1;
+ }
int written = snprintf(
out, out_len,
"%02hhu%02hhu-%02hhu-%02hhuT%02hhu:%02hhu:%02hhu+00:00",
- bcd_to_int(timestamp->Century) %
- 100, //Cannot go to three digits.
- bcd_to_int(timestamp->Year) % 100, //Cannot go to three digits.
- bcd_to_int(timestamp->Month), bcd_to_int(timestamp->Day),
- bcd_to_int(timestamp->Hours), bcd_to_int(timestamp->Minutes),
- bcd_to_int(timestamp->Seconds));
+ century, year, month, day, hours, minutes, seconds);
if (written < 0 || written >= out_len) {
printf("Timestamp buffer of insufficient size\n");
+ return -1;
}
+ return 0;
}
//Converts a single timestamp string to an EFI timestamp.
diff --git a/include/libcper/cper-utils.h b/include/libcper/cper-utils.h
index 3c3bba4..50ea3ad 100644
--- a/include/libcper/cper-utils.h
+++ b/include/libcper/cper-utils.h
@@ -54,8 +54,8 @@
json_object *uint64_array_to_ir_array(UINT64 *array, int len);
json_object *revision_to_ir(UINT16 revision);
const char *severity_to_string(UINT32 severity);
-void timestamp_to_string(char *out, int out_len,
- EFI_ERROR_TIME_STAMP *timestamp);
+int timestamp_to_string(char *out, int out_len,
+ EFI_ERROR_TIME_STAMP *timestamp);
void string_to_timestamp(EFI_ERROR_TIME_STAMP *out, const char *timestamp);
void guid_to_string(char *out, EFI_GUID *guid);
void string_to_guid(EFI_GUID *out, const char *guid);