From 335ca55a6ec80fa1ab9a30d2d865d3b3a2db0b6c Mon Sep 17 00:00:00 2001 From: Antonio SJ Musumeci Date: Sat, 2 Sep 2023 15:47:49 -0500 Subject: [PATCH] Add proper input validation for readdir policy --- src/fuse_readdir.cpp | 3 +++ src/fuse_readdir_factory.cpp | 33 ++++++++++++++++++++++++++++----- src/fuse_readdir_factory.hpp | 3 ++- 3 files changed, 33 insertions(+), 6 deletions(-) diff --git a/src/fuse_readdir.cpp b/src/fuse_readdir.cpp index 9ca76fd2..fe4f0eea 100644 --- a/src/fuse_readdir.cpp +++ b/src/fuse_readdir.cpp @@ -81,6 +81,9 @@ FUSE::ReadDir::from_string(std::string const &str_) { std::lock_guard lg(_mutex); + if(!FUSE::ReadDirFactory::valid(str_)) + return -EINVAL; + _type = str_; } diff --git a/src/fuse_readdir_factory.cpp b/src/fuse_readdir_factory.cpp index 66318824..3c784f33 100644 --- a/src/fuse_readdir_factory.cpp +++ b/src/fuse_readdir_factory.cpp @@ -26,13 +26,14 @@ #include #include #include +#include namespace l { static void - read_cfg(std::string const cfgstr_, + read_cfg(std::string const str_, std::string &type_, int &concurrency_) { @@ -40,7 +41,7 @@ namespace l int concurrency; concurrency = 0; - std::sscanf(cfgstr_.c_str(),"%15[a-z]:%u",type,&concurrency); + std::sscanf(str_.c_str(),"%15[a-z]:%d",type,&concurrency); if(concurrency == 0) concurrency = std::thread::hardware_concurrency(); @@ -55,14 +56,36 @@ namespace l } } +bool +FUSE::ReadDirFactory::valid(std::string const str_) +{ + int concurrency; + std::string type; + static const std::set types = + { + "seq", "cosr", "cor" + }; + + l::read_cfg(str_,type,concurrency); + + if(types.find(type) == types.end()) + return false; + if(concurrency <= 0) + return false; + + return true; +} + std::shared_ptr -FUSE::ReadDirFactory::make(std::string const cfgstr_) +FUSE::ReadDirFactory::make(std::string const str_) { int concurrency; std::string type; - l::read_cfg(cfgstr_,type,concurrency); - assert(concurrency); + if(!valid(str_)) + return {}; + + l::read_cfg(str_,type,concurrency); if(type == "seq") return std::make_shared(); diff --git a/src/fuse_readdir_factory.hpp b/src/fuse_readdir_factory.hpp index c99b9fab..94c607f3 100644 --- a/src/fuse_readdir_factory.hpp +++ b/src/fuse_readdir_factory.hpp @@ -29,6 +29,7 @@ namespace FUSE class ReadDirFactory { public: - static std::shared_ptr make(std::string const cfgstr); + static bool valid(std::string str); + static std::shared_ptr make(std::string const str); }; }