[PATCH 5/5] Check len macros during parsing.

Alexandre Oliva lxoliva en fsfla.org
Dom Mar 9 03:30:02 UTC 2014 

Move header start and end macros to decfile.h as head and tail.
Add sanity checking code during parsing.  Adjust the encoder.
Update the format docs.
---
 decfile.c     |   66 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 decfile.h     |    4 +++
 doc/FORMATO   |    2 +-
 rnet_encode.c |   25 ++++++++++++----------
 4 files changed, 85 insertions(+), 12 deletions(-)

diff --git a/decfile.c b/decfile.c
index 33062d3..100d4d3 100644
--- a/decfile.c
+++ b/decfile.c
@@ -176,6 +176,7 @@ static int parse_header_2014(struct pmhash *hash, char *buffer)
 	char *p = buffer;
 	char *key;
 	char *val;
+	char *tail;
 
 #define parse(field, sz) \
 	r = -ENOMEM; \
@@ -207,6 +208,12 @@ static int parse_header_2014(struct pmhash *hash, char *buffer)
 	parse("nome", 60);
 	parse("uf", 2);
 	parse("hash", 10);
+
+	if (p - buffer != RNET_HEADER_HEAD_2014) {
+		fprintf(stderr, "RNET_HEADER_HEAD_2014 in decfile.h needs to be adjusted to %i\n", p - buffer);
+		goto out_val;
+	}
+
 	parse("in_cert", 1);
 	parse("dt_nasc", 8);
 	parse("in_comp", 1);
@@ -279,9 +286,35 @@ static int parse_header_2014(struct pmhash *hash, char *buffer)
 	parse("nr_conta", 13);
 	parse("nr_dv_conta", 2);
 	parse("in_dv_conta", 1);
+
+	tail = p;
+
 	parse("versaotestpgd", 3);
 	parse("controle", 10);
 
+	if (*p++ != '\r') {
+		fprintf(stderr,
+			"missing CR at the %ith header character\n",
+			p - buffer);
+		goto out_val;
+	} else if (*p++ != '\n') {
+		fprintf(stderr,
+			"missing LF at the %ith header character\n",
+			p - buffer);
+		goto out_val;
+	} else if (*p != 0) {
+		fprintf(stderr,
+			"missing NUL at the %ith header character\n",
+			p - buffer);
+		goto out_val;
+	} else if (p - buffer != RNET_HEADER_SIZE_2014) {
+		fprintf(stderr, "RNET_HEADER_SIZE_2014 in decfile.h needs to be adjusted to %i,\nor parse_header in decfile.c needs updating\n", p - buffer);
+		goto out_val;
+	} else if (p - tail != RNET_HEADER_TAIL_2014) {
+		fprintf(stderr, "RNET_HEADER_TAIL_2014 in decfile.h needs to be adjusted to %i\n", p - tail);
+		goto out_val;
+	}
+
 	return 0;
 out_add:
 	free(key);
@@ -297,6 +330,7 @@ static int parse_header_2013(struct pmhash *hash, char *buffer)
 	char *p = buffer;
 	char *key;
 	char *val;
+	char *tail;
 
 #define parse(field, sz) \
 	r = -ENOMEM; \
@@ -328,6 +362,12 @@ static int parse_header_2013(struct pmhash *hash, char *buffer)
 	parse("nome", 60);
 	parse("uf", 2);
 	parse("hash", 10);
+
+	if (p - buffer != RNET_HEADER_HEAD_2013) {
+		fprintf(stderr, "RNET_HEADER_HEAD_2013 in decfile.h needs to be adjusted to %i\n", p - buffer);
+		goto out_val;
+	}
+
 	parse("in_cert", 1);
 	parse("dt_nasc", 8);
 	parse("in_comp", 1);
@@ -395,9 +435,35 @@ static int parse_header_2013(struct pmhash *hash, char *buffer)
 	parse("vr_totisentos", 13);
 	parse("vr_totexclusivo", 13);
 	parse("vr_totpagamentos", 13);
+
+	tail = p;
+
 	parse("versaotestpgd", 3);
 	parse("controle", 10);
 
+	if (*p++ != '\r') {
+		fprintf(stderr,
+			"missing CR at the %ith header character\n",
+			p - buffer);
+		goto out_val;
+	} else if (*p++ != '\n') {
+		fprintf(stderr,
+			"missing LF at the %ith header character\n",
+			p - buffer);
+		goto out_val;
+	} else if (*p != 0) {
+		fprintf(stderr,
+			"missing NUL at the %ith header character\n",
+			p - buffer);
+		goto out_val;
+	} else if (p - buffer != RNET_HEADER_SIZE_2013) {
+		fprintf(stderr, "RNET_HEADER_SIZE_2013 in decfile.h needs to be adjusted to %i,\nor parse_header in decfile.c needs updating\n", p - buffer);
+		goto out_val;
+	} else if (p - tail != RNET_HEADER_TAIL_2013) {
+		fprintf(stderr, "RNET_HEADER_TAIL_2013 in decfile.h needs to be adjusted to %i\n", p - tail);
+		goto out_val;
+	}
+
 	return 0;
 out_add:
 	free(key);
diff --git a/decfile.h b/decfile.h
index c976a11..4b3b235d 100644
--- a/decfile.h
+++ b/decfile.h
@@ -22,7 +22,11 @@
 #include "rnet_message.h"
 
 #define RNET_HEADER_SIZE_2013 765
+#define RNET_HEADER_HEAD_2013 111
+#define RNET_HEADER_TAIL_2013  15
 #define RNET_HEADER_SIZE_2014 793
+#define RNET_HEADER_HEAD_2014 111
+#define RNET_HEADER_TAIL_2014  15
 
 struct rnet_decfile;
 struct rnet_decfile * rnet_decfile_open(char *filename);
diff --git a/doc/FORMATO b/doc/FORMATO
index a5a5db3..65f3282 100644
--- a/doc/FORMATO
+++ b/doc/FORMATO
@@ -36,7 +36,7 @@ C: (6 bytes) + deflate(hash)
 		origem = "JA2R" (melhor repetir!)
 		so = "GNU"
 		cliente = "201105" (identificador de versão do receitanet)
-		dados_val = parte do cabeçalho do DEC (desce in_cert até vr_totpagamentos) bytes 112 a 750
+		dados_val = parte do cabeçalho do DEC (desde in_cert até vr_totpagamentos) bytes RNET_HEADER_HEAD_yyyy a RNET_HEADER_SIZE_yyyy - RNET_HEADER_TAIL_yyyy
 		tam_dados_val = 0x00 0x00 0x00 0x00 (4 bytes)
 		tam_dados_val_chave = 0x00 0x00 0x00 0x00 (4 bytes)
 		arquivos_restantes = 0x00 0x00 0x00 0x00 (4 bytes)
diff --git a/rnet_encode.c b/rnet_encode.c
index 2bf705a..f423be4 100644
--- a/rnet_encode.c
+++ b/rnet_encode.c
@@ -26,11 +26,6 @@
 #include "rnet_message.h"
 #include "decfile.h"
 
-#define RNET_HEADER_START_2013 111
-#define RNET_HEADER_END_2013 (RNET_HEADER_SIZE_2013 - 15)
-#define RNET_HEADER_START_2014 111
-#define RNET_HEADER_END_2014 (RNET_HEADER_SIZE_2014 - 15)
-
 int rnet_encode(struct rnet_decfile *decfile, struct rnet_message **msg)
 {
 	int r;
@@ -48,7 +43,7 @@ int rnet_encode(struct rnet_decfile *decfile, struct rnet_message **msg)
 	char *header;
 	uint8_t ret;
 
-	size_t header_start, header_end;
+	size_t header_size, header_head, header_tail;
 
 	*msg = rnet_message_new();
 	if (*msg == NULL) {
@@ -72,15 +67,21 @@ int rnet_encode(struct rnet_decfile *decfile, struct rnet_message **msg)
 	ret = strtoul(rnet_decfile_get_header_field(decfile, "in_ret"), NULL, 10);
 
 	if (!strcmp(exerc, "2014")) {
-		header_start = RNET_HEADER_START_2014;
-		header_end = RNET_HEADER_END_2014;
+		header_size = RNET_HEADER_SIZE_2014;
+		header_head = RNET_HEADER_HEAD_2014;
+		header_tail = RNET_HEADER_TAIL_2014;
 	} else if (!strcmp(exerc, "2013")) {
-		header_start = RNET_HEADER_START_2013;
-		header_end = RNET_HEADER_END_2013;
+		header_size = RNET_HEADER_SIZE_2013;
+		header_head = RNET_HEADER_HEAD_2013;
+		header_tail = RNET_HEADER_TAIL_2013;
 	} else {
 		return -EINVAL;
 	}
 
+	/* This was already checked at parse time.  */
+	if (strlen (header) != header_size)
+		abort ();
+
 	(*msg)->buffer[0] = 0x40;
 	(*msg)->len = 1;
 	r = rnet_message_add_u32(msg, "a_comp", 0);
@@ -107,7 +108,9 @@ int rnet_encode(struct rnet_decfile *decfile, struct rnet_message **msg)
 	r = rnet_message_add_ascii(msg, "origem", "JA2R");
 	r = rnet_message_add_ascii(msg, "so", "GNU");
 	r = rnet_message_add_ascii(msg, "cliente", "201105");
-	r = rnet_message_add_buffer(msg, "dados_val", header + header_start, header_end - header_start);
+	r = rnet_message_add_buffer(msg, "dados_val",
+				    header + header_head,
+				    header_size - header_tail - header_head);
 	r = rnet_message_add_u32(msg, "tam_dados_val", 0);
 	r = rnet_message_add_u32(msg, "tam_dados_val_chave", 0);
 	r = rnet_message_add_u32(msg, "arquivos_restantes", 0);

Más información sobre la lista de distribución Softwares-impostos