Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reduce chance of string buffer overflow exploits #17

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Reduce chance of string buffer overflow exploits #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
73defd8
Reduce chance of string buffer overflow exploits
broukema Oct 2, 2020
bf7ba0f
Several small fixes based on Manodeep Singh suggestions
broukema Oct 12, 2020
e5d1ebf
Several small fixes based on Manodeep Sinha suggestions
broukema Oct 12, 2020
554f418
Merge branch 'snprintf_is_safer' of github:broukema/sage into snprint…
broukema Oct 12, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions code/core_build_model.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,8 @@ void construct_galaxies(int halonr, int tree)

int join_galaxies_of_progenitors(int halonr, int ngalstart)
{
int ngal, prog, mother_halo=-1, i, j, first_occupied, lenmax, lenoccmax, centralgal;
int ngal, prog, i, j, first_occupied, lenmax, lenoccmax, centralgal;
/* int mother_halo=-1 */
double previousMvir, previousVvir, previousVmax;
int step;

Expand All @@ -95,7 +96,7 @@ int join_galaxies_of_progenitors(int halonr, int ngalstart)
if(Halo[prog].Len > lenmax)
{
lenmax = Halo[prog].Len;
mother_halo = prog;
/* mother_halo = prog; */
}
if(lenoccmax != -1 && Halo[prog].Len > lenoccmax && HaloAux[prog].NGalaxies > 0)
{
Expand Down Expand Up @@ -436,4 +437,3 @@ void evolve_galaxies(int halonr, int ngal, int tree) // Note: halonr is here the


}

19 changes: 8 additions & 11 deletions code/core_init.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@ void init(void)
int i;

Age = mymalloc(ABSOLUTEMAXSNAPS*sizeof(*Age));

random_generator = gsl_rng_alloc(gsl_rng_ranlxd1);
gsl_rng_set(random_generator, 42); // start-up seed
gsl_rng_set(random_generator, 42); // start-up seed

set_units();
srand((unsigned) time(NULL));
Expand All @@ -33,7 +33,7 @@ void init(void)
//This way, galsnapnum = -1 will not segfault.
Age[0] = time_to_present(1000.0);//lookback time from z=1000
Age++;

for(i = 0; i < Snaplistlen; i++)
{
ZZ[i] = 1 / AA[i] - 1;
Expand Down Expand Up @@ -63,10 +63,10 @@ void set_units(void)
EnergySNcode = EnergySN / UnitEnergy_in_cgs * Hubble_h;
EtaSNcode = EtaSN * (UnitMass_in_g / SOLAR_MASS) / Hubble_h;

// convert some physical input parameters to internal units
// convert some physical input parameters to internal units
Hubble = HUBBLE * UnitTime_in_s;

// compute a few quantitites
// compute a few quantitites
RhoCrit = 3 * Hubble * Hubble / (8 * M_PI * G);

}
Expand All @@ -76,9 +76,9 @@ void set_units(void)
void read_snap_list(void)
{
FILE *fd;
char fname[1000];
char fname[MAX_STRING_LEN+1];

sprintf(fname, "%s", FileWithSnapList);
snprintf(fname, MAX_STRING_LEN, "%s", FileWithSnapList);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made this comment further down - but would be good to either allocate with a MAX_STRING_LEN + 1 or pass MAX_STRING_LEN - 1 to snprintf


if(!(fd = fopen(fname, "r")))
{
Expand Down Expand Up @@ -123,7 +123,7 @@ double time_to_present(double z)

gsl_integration_workspace_free(workspace);

// return time to present as a function of redshift
// return time to present as a function of redshift
return time;
}

Expand All @@ -133,6 +133,3 @@ double integrand_time_to_present(double a, void *param)
{
return 1 / sqrt(Omega / a + (1 - Omega - OmegaLambda) + OmegaLambda * a * a);
}



14 changes: 9 additions & 5 deletions code/core_io_tree.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,15 @@
#include "io/tree_hdf5.h"
#endif

#ifndef MAX_BUF_SIZE
#define MAX_BUF_SIZE (3*MAX_STRING_LEN+40)
#endif

void load_tree_table(int filenr, enum Valid_TreeTypes my_TreeType)
{
int i, n;
FILE *fd;
char buf[MAX_STRING_LEN];
char buf[MAX_BUF_SIZE+1];

switch (my_TreeType)
{
Expand All @@ -29,7 +33,7 @@ void load_tree_table(int filenr, enum Valid_TreeTypes my_TreeType)
load_tree_table_hdf5(filenr);
break;
#endif

case lhalo_binary:
load_tree_table_binary(filenr);
break;
Expand All @@ -46,7 +50,7 @@ void load_tree_table(int filenr, enum Valid_TreeTypes my_TreeType)
for(i = 0; i < Ntrees; i++)
TreeNgals[n][i] = 0;

sprintf(buf, "%s/%s_z%1.3f_%d", OutputDir, FileNameGalaxies, ZZ[ListOutputSnaps[n]], filenr);
snprintf(buf, MAX_BUF_SIZE, "%s/%s_z%1.3f_%d", OutputDir, FileNameGalaxies, ZZ[ListOutputSnaps[n]], filenr);

if(!(fd = fopen(buf, "w")))
{
Expand All @@ -68,7 +72,7 @@ void free_tree_table(enum Valid_TreeTypes my_TreeType)

myfree(TreeFirstHalo);
myfree(TreeNHalos);

// Don't forget to free the open file handle

switch (my_TreeType)
Expand All @@ -78,7 +82,7 @@ void free_tree_table(enum Valid_TreeTypes my_TreeType)
close_hdf5_file();
break;
#endif

case lhalo_binary:
close_binary_file();
break;
Expand Down
155 changes: 78 additions & 77 deletions code/core_read_parameter_file.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,9 @@
void read_parameter_file(char *fname)
{
FILE *fd;
char buf[MAX_STRING_LEN], buf1[MAX_STRING_LEN];
#define MAX_BUF_SIZE_FILE_LIST (3*MAX_STRING_LEN)
char buf[MAX_BUF_SIZE_FILE_LIST];
char buf1[MAX_STRING_LEN];
char buf2[MAX_STRING_LEN], buf3[MAX_STRING_LEN];
int i, j, done;
int errorFlag = 0;
Expand Down Expand Up @@ -188,128 +190,128 @@ void read_parameter_file(char *fname)
printf("Parameter file %s not found.\n", fname);
errorFlag = 1;
}
if(fd != NULL)

if(fd != NULL)
{
while(!feof(fd))
{
*buf = 0;
fgets(buf, 200, fd);
if(sscanf(buf, "%s%s%s", buf1, buf2, buf3) < 2)
continue;
if(buf1[0] == '%' || buf1[0] == '-')
continue;
for(i = 0, j = -1; i < NParam; i++)
if(strcmp(buf1, ParamTag[i]) == 0)
{
j = i;
ParamTag[i][0] = 0;
used_tag[i] = 0;
break;
}
if(j >= 0)
{
*buf = 0;
fgets(buf, MAX_BUF_SIZE_FILE_LIST, fd);
if(sscanf(buf, "%s%s%s", buf1, buf2, buf3) < 2)
continue;

if(buf1[0] == '%' || buf1[0] == '-')
continue;

for(i = 0, j = -1; i < NParam; i++)
if(strcmp(buf1, ParamTag[i]) == 0)
{
j = i;
ParamTag[i][0] = 0;
used_tag[i] = 0;
break;
}

if(j >= 0)
{
#ifdef MPI
if(ThisTask == 0)
if(ThisTask == 0)
#endif
printf("%35s\t%10s\n", buf1, buf2);
switch (ParamID[j])
{
case DOUBLE:
*((double *) ParamAddr[j]) = atof(buf2);
break;
case STRING:
strcpy(ParamAddr[j], buf2);
break;
case INT:
*((int *) ParamAddr[j]) = atoi(buf2);
break;
}
}
else
{
printf("Error in file %s: Tag '%s' not allowed or multiply defined.\n", fname, buf1);
errorFlag = 1;
}
printf("%35s\t%10s\n", buf1, buf2);

switch (ParamID[j])
{
case DOUBLE:
*((double *) ParamAddr[j]) = atof(buf2);
break;
case STRING:
strcpy(ParamAddr[j], buf2);
break;
case INT:
*((int *) ParamAddr[j]) = atoi(buf2);
break;
}
}
else
{
printf("Error in file %s: Tag '%s' not allowed or multiply defined.\n", fname, buf1);
errorFlag = 1;
}
}
fclose(fd);

i = strlen(OutputDir);
if(i > 0)
if(OutputDir[i - 1] != '/')
strcat(OutputDir, "/");
strcat(OutputDir, "/");
}

for(i = 0; i < NParam; i++)
{
if(used_tag[i])
{
printf("Error. I miss a value for tag '%s' in parameter file '%s'.\n", ParamTag[i], fname);
errorFlag = 1;
}
{
printf("Error. I miss a value for tag '%s' in parameter file '%s'.\n", ParamTag[i], fname);
errorFlag = 1;
}
}

if(errorFlag) {
ABORT(1);
}
printf("\n");

if( ! (LastSnapShotNr+1 > 0 && LastSnapShotNr+1 < ABSOLUTEMAXSNAPS) ) {
fprintf(stderr,"LastSnapshotNr = %d should be in [0, %d) \n", LastSnapShotNr, ABSOLUTEMAXSNAPS);
ABORT(1);
}
MAXSNAPS = LastSnapShotNr + 1;

if(!(NOUT == -1 || (NOUT > 0 && NOUT <= ABSOLUTEMAXSNAPS))) {
fprintf(stderr,"NumOutputs must be -1 or between 1 and %i\n", ABSOLUTEMAXSNAPS);
ABORT(1);
}

// read in the output snapshot list
if(NOUT == -1)
{
NOUT = MAXSNAPS;
for (i=NOUT-1; i>=0; i--)
ListOutputSnaps[i] = i;
ListOutputSnaps[i] = i;
printf("all %i snapshots selected for output\n", NOUT);
}
else
{
printf("%i snapshots selected for output: ", NOUT);
// reopen the parameter file
fd = fopen(fname, "r");

done = 0;
while(!feof(fd) && !done)
{
// scan down to find the line with the snapshots
fscanf(fd, "%s", buf);
if(strcmp(buf, "->") == 0)
{
// read the snapshots into ListOutputSnaps
for (i=0; i<NOUT; i++)
{
fscanf(fd, "%d", &ListOutputSnaps[i]);
printf("%i ", ListOutputSnaps[i]);
}
done = 1;
}
}
{
// scan down to find the line with the snapshots
fscanf(fd, "%s", buf);
if(strcmp(buf, "->") == 0)
{
// read the snapshots into ListOutputSnaps
for (i=0; i<NOUT; i++)
{
fscanf(fd, "%d", &ListOutputSnaps[i]);
printf("%i ", ListOutputSnaps[i]);
}
done = 1;
}
}

fclose(fd);
if(! done ) {
fprintf(stderr,"Error: Could not properly parse output snapshots\n");
ABORT(2);
fprintf(stderr,"Error: Could not properly parse output snapshots\n");
ABORT(2);
}
printf("\n");
}
// Check file type is valid.
if (strncmp(my_treetype, "lhalo_binary", 511) != 0) // strncmp returns 0 if the two strings are equal. Only available options are HDF5 or binary files.

// Check file type is valid.
if (strncmp(my_treetype, "lhalo_binary", 511) != 0) // strncmp returns 0 if the two strings are equal. Only available options are HDF5 or binary files.
{
snprintf(TreeExtension, 511, ".hdf5");
#ifndef HDF5
Expand All @@ -336,6 +338,5 @@ void read_parameter_file(char *fname)
}

myfree(used_tag);

}

}
Loading