From ea6fb5c4817b3479ee28c01bb601a683932e459d Mon Sep 17 00:00:00 2001
From: Cedric Roux <cedric.roux@eurecom.fr>
Date: Thu, 2 Feb 2017 16:35:45 +0100
Subject: [PATCH] better handle user input in hex_string_to_hex_value
Adapt calling sites too.
When data comes from the user, it is good to check that
what we read is correct and warn the user if it's not.
---
common/utils/utils.c | 30 +++++++++++++++++++++++++-----
common/utils/utils.h | 4 ++--
openair3/NAS/TOOLS/conf_usim.c | 13 ++++++++-----
3 files changed, 35 insertions(+), 12 deletions(-)
diff --git a/common/utils/utils.c b/common/utils/utils.c
index cf5673fa56..a807a27096 100644
--- a/common/utils/utils.c
+++ b/common/utils/utils.c
@@ -32,12 +32,17 @@ void *malloc_or_fail(size_t size) {
** Others: None **
** **
** Outputs: None **
- ** Return: Converted value **
+ ** Return: Converted value (-1 on error) **
** Others: None **
** **
***************************************************************************/
-uint8_t hex_char_to_hex_value (char c)
+int hex_char_to_hex_value (char c)
{
+ if (!((c >= 'a' && c <= 'f') ||
+ (c >= 'A' && c <= 'F') ||
+ (c >= '0' && c <= '9')))
+ return -1;
+
if (c >= 'A') {
/* Remove case bit */
c &= ~('a' ^ 'A');
@@ -60,17 +65,32 @@ uint8_t hex_char_to_hex_value (char c)
** Others: None **
** **
** Outputs: hex_value: Converted value **
- ** Return: None **
+ ** Return: 0 on success, -1 on error **
** Others: None **
** **
***************************************************************************/
-void hex_string_to_hex_value (uint8_t *hex_value, const char *hex_string, int size)
+int hex_string_to_hex_value (uint8_t *hex_value, const char *hex_string, int size)
{
int i;
+ if (strlen(hex_string) != size*2) {
+ fprintf(stderr, "the string '%s' should be of length %d\n", hex_string, size*2);
+ return -1;
+ }
+
for (i=0; i < size; i++) {
- hex_value[i] = (hex_char_to_hex_value(hex_string[2 * i]) << 4) | hex_char_to_hex_value(hex_string[2 * i + 1]);
+ int a = hex_char_to_hex_value(hex_string[2 * i]);
+ int b = hex_char_to_hex_value(hex_string[2 * i + 1]);
+ if (a == -1 || b == -1) goto error;
+ hex_value[i] = (a << 4) | b;
}
+ return 0;
+
+error:
+ fprintf(stderr, "the string '%s' is not a valid hexadecimal string\n", hex_string);
+ for (i=0; i < size; i++)
+ hex_value[i] = 0;
+ return -1;
}
char *itoa(int i) {
diff --git a/common/utils/utils.h b/common/utils/utils.h
index a4444a7793..cfe3df34b9 100644
--- a/common/utils/utils.h
+++ b/common/utils/utils.h
@@ -8,9 +8,9 @@ void *calloc_or_fail(size_t size);
void *malloc_or_fail(size_t size);
// Converts an hexadecimal ASCII coded digit into its value. **
-uint8_t hex_char_to_hex_value (char c);
+int hex_char_to_hex_value (char c);
// Converts an hexadecimal ASCII coded string into its value.**
-void hex_string_to_hex_value (uint8_t *hex_value, const char *hex_string, int size);
+int hex_string_to_hex_value (uint8_t *hex_value, const char *hex_string, int size);
char *itoa(int i);
diff --git a/openair3/NAS/TOOLS/conf_usim.c b/openair3/NAS/TOOLS/conf_usim.c
index 5004363275..3a5c6dbf6d 100644
--- a/openair3/NAS/TOOLS/conf_usim.c
+++ b/openair3/NAS/TOOLS/conf_usim.c
@@ -287,11 +287,14 @@ void gen_usim_data(usim_data_conf_t *u, usim_data_t *usim_data,
usim_data->nasconfig.Timer_T3245_Behaviour.length = 1;
usim_data->nasconfig.Timer_T3245_Behaviour.value[0] = 0x00;
- /* initialize the subscriber authentication security key */
- hex_string_to_hex_value(usim_data->keys.usim_api_k,
- u->usim_api_k, USIM_API_K_SIZE);
- hex_string_to_hex_value(usim_data->keys.opc, u->opc,
- OPC_SIZE);
+ /* initialize the subscriber authentication security key */
+ if (hex_string_to_hex_value(usim_data->keys.usim_api_k,
+ u->usim_api_k, USIM_API_K_SIZE) == -1 ||
+ hex_string_to_hex_value(usim_data->keys.opc,
+ u->opc, OPC_SIZE) == -1) {
+ fprintf(stderr, "fix your configuration file\n");
+ exit(1);
+ }
}
bool write_usim_data(const char *directory, int user_id, usim_data_t *usim_data){
--
GitLab