Invert buffer modes
Currently the libcper core operates on FILE objects, with a number of
seeks. Change this such that the internals rely on buffers and lengths
instead. This ensures that we are checking records lengths in a given
CPER header against ranged limits.
Change-Id: Id16902afbf53f091058c3206a473ddd725ec4bf1
Signed-off-by: Ed Tanous <etanous@nvidia.com>
diff --git a/cper-parse.c b/cper-parse.c
index 27ca4b2..f9a7e0e 100644
--- a/cper-parse.c
+++ b/cper-parse.c
@@ -5,9 +5,11 @@
* Author: Lawrence.Tang@arm.com
**/
+#include <limits.h>
#include <stdio.h>
#include <string.h>
#include <json.h>
+
#include <libcper/base64.h>
#include <libcper/Cper.h>
#include <libcper/cper-parse.h>
@@ -19,31 +21,120 @@
json_object *cper_header_to_ir(EFI_COMMON_ERROR_RECORD_HEADER *header);
json_object *
cper_section_descriptor_to_ir(EFI_ERROR_SECTION_DESCRIPTOR *section_descriptor);
-json_object *cper_section_to_ir(FILE *handle, long base_pos,
- EFI_ERROR_SECTION_DESCRIPTOR *descriptor);
-json_object *cper_buf_to_ir(void *cper_buf, size_t size)
+json_object *cper_buf_section_to_ir(const void *cper_section_buf, size_t size,
+ EFI_ERROR_SECTION_DESCRIPTOR *descriptor);
+
+json_object *cper_buf_to_ir(const unsigned char *cper_buf, size_t size)
{
- // TODO, this really should avoid the overhead of fmemopen()
- // but doing so would require a lot of code changes to evict FILE* from
- // The internals of libcper
- FILE *cper_file = fmemopen(cper_buf, size, "r");
- if (!cper_file) {
- printf("Failed to open CPER buffer.\n");
- return NULL;
+ json_object *parent = NULL;
+ json_object *header_ir = NULL;
+ json_object *section_descriptors_ir = NULL;
+ json_object *sections_ir = NULL;
+
+ const unsigned char *pos = cper_buf;
+ unsigned int remaining = size;
+
+ if (remaining < sizeof(EFI_COMMON_ERROR_RECORD_HEADER)) {
+ printf("Invalid CPER file: Invalid header (incorrect signature).\n");
+ goto fail;
}
- json_object *ir = cper_to_ir(cper_file);
- fclose(cper_file);
- return ir;
+
+ EFI_COMMON_ERROR_RECORD_HEADER *header = NULL;
+ header = (EFI_COMMON_ERROR_RECORD_HEADER *)cper_buf;
+ pos += sizeof(EFI_COMMON_ERROR_RECORD_HEADER);
+ remaining -= sizeof(EFI_COMMON_ERROR_RECORD_HEADER);
+ if (header->SignatureStart != EFI_ERROR_RECORD_SIGNATURE_START) {
+ printf("Invalid CPER file: Invalid header (incorrect signature).\n");
+ goto fail;
+ }
+ if (header->SectionCount == 0) {
+ printf("Invalid CPER file: Invalid section count (0).\n");
+ goto fail;
+ }
+ if (remaining < sizeof(EFI_ERROR_SECTION_DESCRIPTOR)) {
+ printf("Invalid CPER file: Invalid section descriptor (section offset + length > size).\n");
+ goto fail;
+ }
+
+ //Create the header JSON object from the read bytes.
+ parent = json_object_new_object();
+ header_ir = cper_header_to_ir(header);
+
+ json_object_object_add(parent, "header", header_ir);
+
+ //Read the appropriate number of section descriptors & sections, and convert them into IR format.
+ section_descriptors_ir = json_object_new_array();
+ sections_ir = json_object_new_array();
+ for (int i = 0; i < header->SectionCount; i++) {
+ //Create the section descriptor.
+ if (remaining < sizeof(EFI_ERROR_SECTION_DESCRIPTOR)) {
+ printf("Invalid number of section headers: Header states %d sections, could not read section %d.\n",
+ header->SectionCount, i + 1);
+ goto fail;
+ }
+
+ EFI_ERROR_SECTION_DESCRIPTOR *section_descriptor;
+ section_descriptor = (EFI_ERROR_SECTION_DESCRIPTOR *)(pos);
+ pos += sizeof(EFI_ERROR_SECTION_DESCRIPTOR);
+ remaining -= sizeof(EFI_ERROR_SECTION_DESCRIPTOR);
+
+ if (section_descriptor->SectionOffset > size) {
+ printf("Invalid section descriptor: Section offset > size.\n");
+ goto fail;
+ }
+
+ if (section_descriptor->SectionLength <= 0) {
+ printf("Invalid section descriptor: Section length <= 0.\n");
+ goto fail;
+ }
+
+ if (section_descriptor->SectionOffset >
+ UINT_MAX - section_descriptor->SectionLength) {
+ printf("Invalid section descriptor: Section offset + length would overflow.\n");
+ goto fail;
+ }
+
+ if (section_descriptor->SectionOffset +
+ section_descriptor->SectionLength >
+ size) {
+ printf("Invalid section descriptor: Section offset + length > size.\n");
+ goto fail;
+ }
+
+ const unsigned char *section_begin =
+ cper_buf + section_descriptor->SectionOffset;
+
+ json_object_array_add(
+ section_descriptors_ir,
+ cper_section_descriptor_to_ir(section_descriptor));
+
+ //Read the section itself.
+ json_object *section_ir = cper_buf_section_to_ir(
+ section_begin, section_descriptor->SectionLength,
+ section_descriptor);
+ json_object_array_add(sections_ir, section_ir);
+ }
+
+ //Add the header, section descriptors, and sections to a parent object.
+ json_object_object_add(parent, "sectionDescriptors",
+ section_descriptors_ir);
+ json_object_object_add(parent, "sections", sections_ir);
+
+ return parent;
+
+fail:
+ json_object_put(sections_ir);
+ json_object_put(section_descriptors_ir);
+ json_object_put(parent);
+ printf("Failed to parse CPER file.\n");
+ return NULL;
}
//Reads a CPER log file at the given file location, and returns an intermediate
//JSON representation of this CPER record.
json_object *cper_to_ir(FILE *cper_file)
{
- //Read the current file pointer location as the base of the record.
- long base_pos = ftell(cper_file);
-
//Ensure this is really a CPER log.
EFI_COMMON_ERROR_RECORD_HEADER header;
if (fread(&header, sizeof(EFI_COMMON_ERROR_RECORD_HEADER), 1,
@@ -57,46 +148,17 @@
printf("Invalid CPER file: Invalid header (incorrect signature).\n");
return NULL;
}
-
- //Create the header JSON object from the read bytes.
- json_object *header_ir = cper_header_to_ir(&header);
-
- //Read the appropriate number of section descriptors & sections, and convert them into IR format.
- json_object *section_descriptors_ir = json_object_new_array();
- json_object *sections_ir = json_object_new_array();
- for (int i = 0; i < header.SectionCount; i++) {
- //Create the section descriptor.
- EFI_ERROR_SECTION_DESCRIPTOR section_descriptor;
- if (fread(§ion_descriptor,
- sizeof(EFI_ERROR_SECTION_DESCRIPTOR), 1,
- cper_file) != 1) {
- printf("Invalid number of section headers: Header states %d sections, could not read section %d.\n",
- header.SectionCount, i + 1);
- // Free json objects
- json_object_put(sections_ir);
- json_object_put(section_descriptors_ir);
- json_object_put(header_ir);
- return NULL;
- }
- json_object_array_add(
- section_descriptors_ir,
- cper_section_descriptor_to_ir(§ion_descriptor));
-
- //Read the section itself.
-
- json_object_array_add(sections_ir,
- cper_section_to_ir(cper_file, base_pos,
- §ion_descriptor));
+ fseek(cper_file, -sizeof(EFI_COMMON_ERROR_RECORD_HEADER), SEEK_CUR);
+ unsigned char *cper_buf = malloc(header.RecordLength);
+ if (fread(cper_buf, header.RecordLength, 1, cper_file) != 1) {
+ printf("File read failed\n");
+ free(cper_buf);
+ return NULL;
}
- //Add the header, section descriptors, and sections to a parent object.
- json_object *parent = json_object_new_object();
- json_object_object_add(parent, "header", header_ir);
- json_object_object_add(parent, "sectionDescriptors",
- section_descriptors_ir);
- json_object_object_add(parent, "sections", sections_ir);
-
- return parent;
+ json_object *ir = cper_buf_to_ir(cper_buf, header.RecordLength);
+ free(cper_buf);
+ return ir;
}
char *cper_to_str_ir(FILE *cper_file)
@@ -326,25 +388,14 @@
}
//Converts the section described by a single given section descriptor.
-json_object *cper_section_to_ir(FILE *handle, long base_pos,
- EFI_ERROR_SECTION_DESCRIPTOR *descriptor)
+json_object *cper_buf_section_to_ir(const void *cper_section_buf, size_t size,
+ EFI_ERROR_SECTION_DESCRIPTOR *descriptor)
{
- //Save our current position in the stream.
- long position = ftell(handle);
-
- //Read section as described by the section descriptor.
- fseek(handle, base_pos + descriptor->SectionOffset, SEEK_SET);
- void *section = malloc(descriptor->SectionLength);
- if (fread(section, descriptor->SectionLength, 1, handle) != 1) {
- printf("Section read failed: Could not read %u bytes from global offset %d.\n",
- descriptor->SectionLength, descriptor->SectionOffset);
- free(section);
+ if (descriptor->SectionLength > size) {
+ printf("Invalid CPER file: Invalid header (incorrect signature).\n");
return NULL;
}
- //Seek back to our original position.
- fseek(handle, position, SEEK_SET);
-
//Parse section to IR based on GUID.
json_object *result = NULL;
@@ -354,7 +405,8 @@
if (guid_equal(section_definitions[i].Guid,
&descriptor->SectionType) &&
section_definitions[i].ToIR != NULL) {
- section_ir = section_definitions[i].ToIR(section);
+ section_ir =
+ section_definitions[i].ToIR(cper_section_buf);
result = json_object_new_object();
json_object_object_add(result,
@@ -370,8 +422,9 @@
if (!section_converted) {
//Output the data as formatted base64.
int32_t encoded_len = 0;
- char *encoded = base64_encode(
- section, descriptor->SectionLength, &encoded_len);
+ char *encoded = base64_encode(cper_section_buf,
+ descriptor->SectionLength,
+ &encoded_len);
if (encoded == NULL) {
printf("Failed to allocate encode output buffer. \n");
} else {
@@ -386,23 +439,40 @@
}
}
- //Free section memory, return result.
- free(section);
return result;
}
-json_object *cper_buf_single_section_to_ir(void *cper_buf, size_t size)
+json_object *cper_buf_single_section_to_ir(const unsigned char *cper_buf,
+ size_t size)
{
- // TODO, this really should avoid the overhead of fmemopen()
- // but doing so would require a lot of code changes to evict FILE* from
- // The internals of libcper.
- FILE *cper_file = fmemopen(cper_buf, size, "r");
- if (!cper_file) {
- printf("Failed to open CPER buffer.\n");
+ json_object *ir = json_object_new_object();
+
+ //Read the section descriptor out.
+ EFI_ERROR_SECTION_DESCRIPTOR *section_descriptor;
+ if (sizeof(EFI_ERROR_SECTION_DESCRIPTOR) > size) {
+ printf("Failed to read section descriptor for CPER single section\n");
return NULL;
}
- json_object *ir = cper_to_ir(cper_file);
- fclose(cper_file);
+ section_descriptor = (EFI_ERROR_SECTION_DESCRIPTOR *)cper_buf;
+ //Convert the section descriptor to IR.
+ json_object *section_descriptor_ir =
+ cper_section_descriptor_to_ir(section_descriptor);
+ json_object_object_add(ir, "sectionDescriptor", section_descriptor_ir);
+
+ if (section_descriptor->SectionOffset +
+ section_descriptor->SectionLength >
+ size) {
+ printf("Invalid CPER file: Invalid section descriptor (section offset + length > size).\n");
+ return NULL;
+ }
+
+ const unsigned char *section =
+ cper_buf + section_descriptor->SectionOffset;
+
+ //Parse the single section.
+ json_object *section_ir = cper_buf_section_to_ir(
+ section, section_descriptor->SectionLength, section_descriptor);
+ json_object_object_add(ir, "section", section_ir);
return ir;
}
@@ -427,29 +497,39 @@
cper_section_descriptor_to_ir(§ion_descriptor);
json_object_object_add(ir, "sectionDescriptor", section_descriptor_ir);
+ //Save our current position in the stream.
+ long position = ftell(cper_section_file);
+
+ //Read section as described by the section descriptor.
+ fseek(cper_section_file, base_pos + section_descriptor.SectionOffset,
+ SEEK_SET);
+ void *section = malloc(section_descriptor.SectionLength);
+ if (fread(section, section_descriptor.SectionLength, 1,
+ cper_section_file) != 1) {
+ printf("Section read failed: Could not read %u bytes from global offset %d.\n",
+ section_descriptor.SectionLength,
+ section_descriptor.SectionOffset);
+ free(section);
+ return NULL;
+ }
+
+ //Seek back to our original position.
+ fseek(cper_section_file, position, SEEK_SET);
+
//Parse the single section.
- json_object *section_ir = cper_section_to_ir(
- cper_section_file, base_pos, §ion_descriptor);
+ json_object *section_ir = cper_buf_section_to_ir(
+ section, section_descriptor.SectionLength, §ion_descriptor);
json_object_object_add(ir, "section", section_ir);
-
+ free(section);
return ir;
}
-char *cper_single_section_to_str_ir(FILE *cper_section_file)
-{
- json_object *jobj = cper_single_section_to_ir(cper_section_file);
- char *str = jobj ? strdup(json_object_to_json_string(jobj)) : NULL;
-
- json_object_put(jobj);
- return str;
-}
-
char *cperbuf_single_section_to_str_ir(const unsigned char *cper_section,
size_t size)
{
- FILE *cper_section_file = fmemopen((void *)cper_section, size, "r");
+ json_object *jobj = cper_buf_single_section_to_ir(cper_section, size);
+ char *str = jobj ? strdup(json_object_to_json_string(jobj)) : NULL;
- return cper_section_file ?
- cper_single_section_to_str_ir(cper_section_file) :
- NULL;
+ json_object_put(jobj);
+ return str;
}