emo
/
ndhc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use stb_snprintf instead of libc snprintf. 

This gives us consistent behavior and stb_snprintf is async signal
safe.
This commit is contained in:
Nicholas J. Kain 2022-03-07 20:42:00 -05:00
parent 3773acf64d
commit 484a9c516b
12 changed files with 2496 additions and 573 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1065
cfg.c
View File

File diff suppressed because it is too large Load Diff

9
cfg.rl
View File

@ -13,6 +13,7 @@
#include "ndhc.h"
#include "ifchd.h"
#include "sockd.h"
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "nk/privs.h"
#include "nk/io.h"
@ -20,7 +21,7 @@
static void copy_cmdarg(char *dest, const char *src,
size_t destlen, const char *argname)
{
ssize_t olen = snprintf(dest, destlen, "%s", src);
ssize_t olen = stbsp_snprintf(dest, destlen, "%s", src);
if (olen < 0 || (size_t)olen > destlen)
suicide("snprintf failed on %s", argname);
}
@ -331,10 +332,10 @@ void parse_cmdline(int argc, char *argv[])
for (size_t i = 1; i < (size_t)argc; ++i) {
ssize_t snl;
if (i > 1)
snl = snprintf(argb + argbl, sizeof argb - argbl, "%c%s",
0, argv[i]);
snl = stbsp_snprintf(argb + argbl, sizeof argb - argbl, "%c%s",
0, argv[i]);
else
snl = snprintf(argb + argbl, sizeof argb - argbl, "%s", argv[i]);
snl = stbsp_snprintf(argb + argbl, sizeof argb - argbl, "%s", argv[i]);
if (snl < 0 || (size_t)snl > sizeof argb)
suicide("error parsing command line option: option too long");
argbl += (size_t)snl;

5
duiaid.c
View File

@ -10,6 +10,7 @@
#include <fcntl.h>
#include <limits.h>
#include <errno.h>
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "nk/random.h"
#include "nk/io.h"
@ -18,7 +19,7 @@
static void get_duid_path(char *duidfile, size_t dlen)
{
int splen = snprintf(duidfile, dlen, "%s/DUID", state_dir);
int splen = stbsp_snprintf(duidfile, dlen, "%s/DUID", state_dir);
if (splen < 0 || (size_t)splen > dlen)
suicide("%s: snprintf failed; return=%d", __func__, splen);
}
@ -29,7 +30,7 @@ static void get_iaid_path(char *iaidfile, size_t ilen,
if (hwaddrlen != 6)
suicide("%s: Hardware address length=%zu != 6 bytes",
__func__, hwaddrlen);
int splen = snprintf
int splen = stbsp_snprintf
(iaidfile, ilen,
"%s/IAID-%2.2x:%2.2x:%2.2x:%2.2x:%2.2x:%2.2x",
state_dir, hwaddr[0], hwaddr[1], hwaddr[2],

24
ifchange.c
View File

@ -9,9 +9,9 @@
#include <sys/types.h>
#include <errno.h>
#include <limits.h>
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "nk/io.h"
#include "options.h"
#include "ndhc.h"
#include "dhcp.h"
@ -40,8 +40,8 @@ static int ifcmd_raw(char *buf, size_t buflen, const char *optname,
return -1;
}
int ioptlen = (int)optlen;
ssize_t olen = snprintf(buf, buflen, "%s:%.*s;",
optname, ioptlen, optdata);
ssize_t olen = stbsp_snprintf(buf, buflen, "%s:%.*s;",
optname, ioptlen, optdata);
if (olen < 0 || (size_t)olen > buflen) {
log_line("%s: (%s) '%s' option would truncate, so it was dropped.",
client_config.interface, __func__, optname);
@ -64,7 +64,7 @@ static int ifcmd_u8(char *buf, size_t buflen, const char *optname,
return -1;
char numbuf[16];
uint8_t c = optdata[0];
ssize_t olen = snprintf(numbuf, sizeof numbuf, "%c", c);
ssize_t olen = stbsp_snprintf(numbuf, sizeof numbuf, "%c", c);
if (olen < 0 || (size_t)olen > sizeof numbuf)
return -1;
return ifcmd_raw(buf, buflen, optname, numbuf, strlen(numbuf));
@ -79,7 +79,7 @@ static int ifcmd_u16(char *buf, size_t buflen, const char *optname,
uint16_t v;
memcpy(&v, optdata, 2);
v = ntohs(v);
ssize_t olen = snprintf(numbuf, sizeof numbuf, "%hu", v);
ssize_t olen = stbsp_snprintf(numbuf, sizeof numbuf, "%hu", v);
if (olen < 0 || (size_t)olen > sizeof numbuf)
return -1;
return ifcmd_raw(buf, buflen, optname, numbuf, strlen(numbuf));
@ -94,7 +94,7 @@ static int ifcmd_s32(char *buf, size_t buflen, const char *optname,
uint32_t v;
memcpy(&v, optdata, 4);
v = ntohl(v);
ssize_t olen = snprintf(numbuf, sizeof numbuf, "%d", v);
ssize_t olen = stbsp_snprintf(numbuf, sizeof numbuf, "%d", v);
if (olen < 0 || (size_t)olen > sizeof numbuf)
return -1;
return ifcmd_raw(buf, buflen, optname, numbuf, strlen(numbuf));
@ -122,14 +122,14 @@ static int ifcmd_iplist(char *out, size_t outlen, const char *optname,
return -1;
inet_ntop(AF_INET, optdata + optoff, ipbuf, sizeof ipbuf);
ssize_t wc = snprintf(buf + bufoff, sizeof buf, "%s", ipbuf);
ssize_t wc = stbsp_snprintf(buf + bufoff, sizeof buf, "%s", ipbuf);
if (wc < 0 || (size_t)wc > sizeof buf)
return -1;
optoff += 4;
bufoff += (size_t)wc;
while (optlen >= 4 + optoff) {
inet_ntop(AF_INET, optdata + optoff, ipbuf, sizeof ipbuf);
wc = snprintf(buf + bufoff, sizeof buf, ",%s", ipbuf);
wc = stbsp_snprintf(buf + bufoff, sizeof buf, ",%s", ipbuf);
if (wc < 0 || (size_t)wc > sizeof buf)
return -1;
optoff += 4;
@ -194,7 +194,7 @@ static int ifchwrite(const char *buf, size_t count)
bool ifchange_carrier_isup(void)
{
char buf[256];
snprintf(buf, sizeof buf, "carrier:;");
stbsp_snprintf(buf, sizeof buf, "carrier:;");
return ifchwrite(buf, strlen(buf)) == 0;
}
@ -206,7 +206,7 @@ int ifchange_deconfig(struct client_state_t *cs)
if (cs->ifDeconfig)
return 0;
snprintf(buf, sizeof buf, "ip4:0.0.0.0,255.255.255.255;");
stbsp_snprintf(buf, sizeof buf, "ip4:0.0.0.0,255.255.255.255;");
log_line("%s: Resetting IP configuration.", client_config.interface);
ret = ifchwrite(buf, strlen(buf));
@ -266,9 +266,9 @@ static size_t send_client_ip(char *out, size_t olen,
int snlen;
if (have_bcast) {
snlen = snprintf(out, olen, "ip4:%s,%s,%s;", ip, sn, bc);
snlen = stbsp_snprintf(out, olen, "ip4:%s,%s,%s;", ip, sn, bc);
} else {
snlen = snprintf(out, olen, "ip4:%s,%s;", ip, sn);
snlen = stbsp_snprintf(out, olen, "ip4:%s,%s;", ip, sn);
}
if (snlen < 0 || (size_t)snlen > olen) {
log_line("%s: (%s) ip4 command would truncate so it was dropped.",

6
ifchd-parse.c
View File

@ -6,8 +6,8 @@
#include <stdio.h>
#include <string.h>
#include <arpa/inet.h>
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "ifchd-parse.h"
#include "ifchd.h"
#include "ifset.h"
@ -1187,7 +1187,7 @@ int execute_buffer(const char *newbuf)
char tb[MAX_BUF];
int cmdf = 0;
ssize_t buflen = snprintf(buf, sizeof buf, "%s%s", cl.ibuf, newbuf);
ssize_t buflen = stbsp_snprintf(buf, sizeof buf, "%s%s", cl.ibuf, newbuf);
memset(cl.ibuf, 0, sizeof cl.ibuf);
if (buflen < 0 || (size_t)buflen > sizeof buf) {
log_line("%s: (%s) snprintf1 failed", client_config.interface, __func__);
@ -3256,7 +3256,7 @@ int execute_buffer(const char *newbuf)
}
if (cmd_start != pe) {
ssize_t ilen = snprintf(cl.ibuf, sizeof cl.ibuf, "%s", cmd_start);
ssize_t ilen = stbsp_snprintf(cl.ibuf, sizeof cl.ibuf, "%s", cmd_start);
if (ilen < 0 || (size_t)ilen > sizeof buf) {
log_line("%s: (%s) snprintf2 failed", client_config.interface, __func__);
return -99;

6
ifchd-parse.rl
View File

@ -5,8 +5,8 @@
#include <stdio.h>
#include <string.h>
#include <arpa/inet.h>
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "ifchd-parse.h"
#include "ifchd.h"
#include "ifset.h"
@ -171,7 +171,7 @@ int execute_buffer(const char *newbuf)
char tb[MAX_BUF];
int cmdf = 0;
ssize_t buflen = snprintf(buf, sizeof buf, "%s%s", cl.ibuf, newbuf);
ssize_t buflen = stbsp_snprintf(buf, sizeof buf, "%s%s", cl.ibuf, newbuf);
memset(cl.ibuf, 0, sizeof cl.ibuf);
if (buflen < 0 || (size_t)buflen > sizeof buf) {
log_line("%s: (%s) snprintf1 failed", client_config.interface, __func__);
@ -195,7 +195,7 @@ int execute_buffer(const char *newbuf)
}
if (cmd_start != pe) {
ssize_t ilen = snprintf(cl.ibuf, sizeof cl.ibuf, "%s", cmd_start);
ssize_t ilen = stbsp_snprintf(cl.ibuf, sizeof cl.ibuf, "%s", cmd_start);
if (ilen < 0 || (size_t)ilen > sizeof buf) {
log_line("%s: (%s) snprintf2 failed", client_config.interface, __func__);
return -99;

14
ifchd.c
View File

@ -14,10 +14,10 @@
#include <fcntl.h>
#include <signal.h>
#include <errno.h>
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "nk/privs.h"
#include "nk/io.h"
#include "ifchd.h"
#include "ndhc.h"
#include "ifchd-parse.h"
@ -103,7 +103,7 @@ static int write_resolve_conf(void)
q = strchr(p, '\0');
else
*q++ = '\0';
ssize_t sl = snprintf(buf, sizeof buf, "%s", p);
ssize_t sl = stbsp_snprintf(buf, sizeof buf, "%s", p);
if (sl < 0 || (size_t)sl > sizeof buf) {
log_line("%s: (%s) snprintf failed appending nameservers",
client_config.interface, __func__);
@ -124,7 +124,7 @@ static int write_resolve_conf(void)
q = strchr(p, '\0');
else
*q++ = '\0';
ssize_t sl = snprintf(buf, sizeof buf, "%s", p);
ssize_t sl = stbsp_snprintf(buf, sizeof buf, "%s", p);
if (sl < 0 || (size_t)sl > sizeof buf) {
log_line("%s: (%s) snprintf failed appending domains",
client_config.interface, __func__);
@ -190,7 +190,7 @@ int perform_dns(const char *str, size_t len)
log_line("DNS server list is too long: %zu > %zu", len, sizeof cl.namesvrs);
return ret;
}
ssize_t sl = snprintf(cl.namesvrs, sizeof cl.namesvrs, "%s", str);
ssize_t sl = stbsp_snprintf(cl.namesvrs, sizeof cl.namesvrs, "%s", str);
if (sl < 0 || (size_t)sl > sizeof cl.namesvrs) {
log_line("%s: (%s) snprintf failed", client_config.interface, __func__);
}
@ -231,7 +231,7 @@ int perform_domain(const char *str, size_t len)
log_line("DNS domain list is too long: %zu > %zu", len, sizeof cl.namesvrs);
return ret;
}
ssize_t sl = snprintf(cl.domains, sizeof cl.domains, "%s", str);
ssize_t sl = stbsp_snprintf(cl.domains, sizeof cl.domains, "%s", str);
if (sl < 0 || (size_t)sl > sizeof cl.domains) {
log_line("%s: (%s) snprintf failed", client_config.interface, __func__);
}
@ -345,13 +345,13 @@ static void setup_resolv_conf(void)
}
char buf[PATH_MAX];
ssize_t sl = snprintf(buf, sizeof buf, "%s.head", resolv_conf_d);
ssize_t sl = stbsp_snprintf(buf, sizeof buf, "%s.head", resolv_conf_d);
if (sl < 0 || (size_t)sl > sizeof buf)
log_line("snprintf failed appending resolv_conf_head; path too long?");
else
resolv_conf_head_fd = open(buf, O_RDONLY|O_CLOEXEC, 0);
sl = snprintf(buf, sizeof buf, "%s.tail", resolv_conf_d);
sl = stbsp_snprintf(buf, sizeof buf, "%s.tail", resolv_conf_d);
if (sl < 0 || (size_t)sl > sizeof buf)
log_line("snprintf failed appending resolv_conf_tail; path too long?");
else

7
leasefile.c
View File

@ -11,6 +11,7 @@
#include <arpa/inet.h>
#include <errno.h>
#include <limits.h>
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "nk/io.h"
#include "leasefile.h"
@ -21,8 +22,8 @@ static int leasefilefd = -1;
static void get_leasefile_path(char *leasefile, size_t dlen, char *ifname)
{
int splen = snprintf(leasefile, dlen, "%s/LEASE-%s",
state_dir, ifname);
int splen = stbsp_snprintf(leasefile, dlen, "%s/LEASE-%s",
state_dir, ifname);
if (splen < 0 || (size_t)splen > dlen)
suicide("%s: (%s) snprintf failed; return=%d",
client_config.interface, __func__, splen);
@ -48,7 +49,7 @@ static void do_write_leasefile(struct in_addr ipnum)
return;
}
inet_ntop(AF_INET, &ipnum, ip, sizeof ip);
ssize_t olen = snprintf(out, sizeof out, "%s\n", ip);
ssize_t olen = stbsp_snprintf(out, sizeof out, "%s\n", ip);
if (olen < 0 || (size_t)olen > sizeof ip) {
log_line("%s: (%s) snprintf failed; return=%zd",
client_config.interface, __func__, olen);

11
nk/exec.c
View File

@ -9,13 +9,14 @@
#include <errno.h>
#include <limits.h>
#include <pwd.h>
#include "nk/stb_sprintf.h"
#include "nk/exec.h"
#include "nk/io.h"
/*
* Note that neither nk_generate_env or nk_execute are async signal safe, so
* these functions should only be called after fork() in a non-multithreaded
* process.
* Note that nk_generate_env is not async signal safe if chroot_path is not
* NULL, so it should only be called after fork() in a non-multithreaded
* process if chroot_path is ever non-NULL.
*
* I don't consider this to be a problem in general, since in a multithreaded process
* it would be far better to fork off a subprocess early on before threads are
@ -31,7 +32,7 @@
#define NK_GEN_ENV(GEN_STR, ...) do { \
if (env_offset >= envlen) return -3; \
ssize_t snlen = snprintf(envbuf, envbuflen, GEN_STR, __VA_ARGS__); \
ssize_t snlen = stbsp_snprintf(envbuf, envbuflen, GEN_STR, __VA_ARGS__); \
if (snlen < 0 || (size_t)snlen > envbuflen) return -2; \
xe->env[env_offset++] = envbuf; envbuf += snlen; envbuflen -= (size_t)snlen; \
} while (0)
@ -117,7 +118,7 @@ void nk_generate_env_print_error(int err)
#undef ERRSTR6
#define NK_GEN_ARG(GEN_STR, ...) do { \
ssize_t snlen = snprintf(argbuf, argbuflen, GEN_STR, __VA_ARGS__); \
ssize_t snlen = stbsp_snprintf(argbuf, argbuflen, GEN_STR, __VA_ARGS__); \
if (snlen < 0 || (size_t)snlen > argbuflen) { \
static const char errstr[] = "nk_execute: constructing argument list failed\n"; \
safe_write(STDERR_FILENO, errstr, sizeof errstr); \

3
nk/stb_sprintf.c Normal file
View File

@ -0,0 +1,3 @@
#define STB_SPRINTF_IMPLEMENTATION
#define STB_SPRINTF_NOFLOAT
#include "stb_sprintf.h"

1915
nk/stb_sprintf.h Normal file
View File

File diff suppressed because it is too large Load Diff

4
sockd.c
View File

@ -23,10 +23,10 @@
#include <linux/filter.h>
#include <pwd.h>
#include <grp.h>
#include "nk/stb_sprintf.h"
#include "nk/log.h"
#include "nk/io.h"
#include "nk/privs.h"
#include "sockd.h"
#include "ndhc-defines.h"
#include "ndhc.h"
@ -142,7 +142,7 @@ static int create_udp_socket(uint32_t ip, uint16_t port, char *iface)
}
struct ifreq ifr;
memset(&ifr, 0, sizeof ifr);
ssize_t sl = snprintf(ifr.ifr_name, sizeof ifr.ifr_name, "%s", iface);
ssize_t sl = stbsp_snprintf(ifr.ifr_name, sizeof ifr.ifr_name, "%s", iface);
if (sl < 0 || (size_t)sl > sizeof ifr.ifr_name) {
log_line("%s: (%s) Set interface name failed.",
client_config.interface, __func__);