From e1873ad576cb478fff0e6e44ad99599cd5fd2846 Mon Sep 17 00:00:00 2001 From: Elliot Gorokhovsky Date: Fri, 29 Jul 2022 11:10:47 -0700 Subject: [PATCH 1/2] Fix buffer underflow for null dir1 --- programs/util.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/programs/util.c b/programs/util.c index f53eb03fbe..b874344c4d 100644 --- a/programs/util.c +++ b/programs/util.c @@ -870,30 +870,30 @@ static const char * trimPath(const char *pathname) static char* mallocAndJoin2Dir(const char *dir1, const char *dir2) { - const size_t dir1Size = strlen(dir1); - const size_t dir2Size = strlen(dir2); - char *outDirBuffer, *buffer, trailingChar; - assert(dir1 != NULL && dir2 != NULL); - outDirBuffer = (char *) malloc(dir1Size + dir2Size + 2); - CONTROL(outDirBuffer != NULL); + { const size_t dir1Size = strlen(dir1); + const size_t dir2Size = strlen(dir2); + char *outDirBuffer, *buffer; - memcpy(outDirBuffer, dir1, dir1Size); - outDirBuffer[dir1Size] = '\0'; + outDirBuffer = (char *) malloc(dir1Size + dir2Size + 2); + CONTROL(outDirBuffer != NULL); - if (dir2[0] == '.') - return outDirBuffer; + memcpy(outDirBuffer, dir1, dir1Size); + outDirBuffer[dir1Size] = '\0'; - buffer = outDirBuffer + dir1Size; - trailingChar = *(buffer - 1); - if (trailingChar != PATH_SEP) { - *buffer = PATH_SEP; - buffer++; - } - memcpy(buffer, dir2, dir2Size); - buffer[dir2Size] = '\0'; + if (dir2[0] == '.') + return outDirBuffer; - return outDirBuffer; + buffer = outDirBuffer + dir1Size; + if (dir1Size > 0 && *(buffer - 1) != PATH_SEP) { + *buffer = PATH_SEP; + buffer++; + } + memcpy(buffer, dir2, dir2Size); + buffer[dir2Size] = '\0'; + + return outDirBuffer; + } } /* this function will return NULL if input srcFileName is not valid name for mirrored output path */ From f9f27de91c89d826c6a39c3ef44fb1b02f9a43aa Mon Sep 17 00:00:00 2001 From: Elliot Gorokhovsky Date: Fri, 29 Jul 2022 14:44:22 -0700 Subject: [PATCH 2/2] Disallow empty output directory --- programs/zstdcli.c | 18 ++++++++++++++++-- tests/cli-tests/basic/output_dir.sh | 7 +++++++ .../cli-tests/basic/output_dir.sh.stderr.exact | 2 ++ .../cli-tests/basic/output_dir.sh.stdout.exact | 2 ++ 4 files changed, 27 insertions(+), 2 deletions(-) create mode 100755 tests/cli-tests/basic/output_dir.sh create mode 100644 tests/cli-tests/basic/output_dir.sh.stderr.exact create mode 100644 tests/cli-tests/basic/output_dir.sh.stdout.exact diff --git a/programs/zstdcli.c b/programs/zstdcli.c index fbacb908a9..1143ac3fe8 100644 --- a/programs/zstdcli.c +++ b/programs/zstdcli.c @@ -1011,7 +1011,14 @@ int main(int argCount, const char* argv[]) if (longCommandWArg(&argument, "--stream-size=")) { streamSrcSize = readSizeTFromChar(&argument); continue; } if (longCommandWArg(&argument, "--target-compressed-block-size=")) { targetCBlockSize = readSizeTFromChar(&argument); continue; } if (longCommandWArg(&argument, "--size-hint=")) { srcSizeHint = readSizeTFromChar(&argument); continue; } - if (longCommandWArg(&argument, "--output-dir-flat")) { NEXT_FIELD(outDirName); continue; } + if (longCommandWArg(&argument, "--output-dir-flat")) { + NEXT_FIELD(outDirName); + if (strlen(outDirName) == 0) { + DISPLAY("error: output dir cannot be empty string (did you mean to pass '.' instead?)\n"); + CLEAN_RETURN(1); + } + continue; + } if (longCommandWArg(&argument, "--auto-threads")) { const char* threadDefault = NULL; NEXT_FIELD(threadDefault); @@ -1020,7 +1027,14 @@ int main(int argCount, const char* argv[]) continue; } #ifdef UTIL_HAS_MIRRORFILELIST - if (longCommandWArg(&argument, "--output-dir-mirror")) { NEXT_FIELD(outMirroredDirName); continue; } + if (longCommandWArg(&argument, "--output-dir-mirror")) { + NEXT_FIELD(outMirroredDirName); + if (strlen(outMirroredDirName) == 0) { + DISPLAY("error: output dir cannot be empty string (did you mean to pass '.' instead?)\n"); + CLEAN_RETURN(1); + } + continue; + } #endif #ifndef ZSTD_NOTRACE if (longCommandWArg(&argument, "--trace")) { char const* traceFile; NEXT_FIELD(traceFile); TRACE_enable(traceFile); continue; } diff --git a/tests/cli-tests/basic/output_dir.sh b/tests/cli-tests/basic/output_dir.sh new file mode 100755 index 0000000000..a8819d2926 --- /dev/null +++ b/tests/cli-tests/basic/output_dir.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +println "+ zstd -r * --output-dir-mirror=\"\"" +zstd -r * --output-dir-mirror="" && die "Should not allow empty output dir!" +println "+ zstd -r * --output-dir-flat=\"\"" +zstd -r * --output-dir-flat="" && die "Should not allow empty output dir!" +exit 0 diff --git a/tests/cli-tests/basic/output_dir.sh.stderr.exact b/tests/cli-tests/basic/output_dir.sh.stderr.exact new file mode 100644 index 0000000000..e12b50427c --- /dev/null +++ b/tests/cli-tests/basic/output_dir.sh.stderr.exact @@ -0,0 +1,2 @@ +error: output dir cannot be empty string (did you mean to pass '.' instead?) +error: output dir cannot be empty string (did you mean to pass '.' instead?) diff --git a/tests/cli-tests/basic/output_dir.sh.stdout.exact b/tests/cli-tests/basic/output_dir.sh.stdout.exact new file mode 100644 index 0000000000..1e478cd753 --- /dev/null +++ b/tests/cli-tests/basic/output_dir.sh.stdout.exact @@ -0,0 +1,2 @@ ++ zstd -r * --output-dir-mirror="" ++ zstd -r * --output-dir-flat=""