diff options
| -rw-r--r-- | util/libreboot-utils/include/common.h | 1 | ||||
| -rw-r--r-- | util/libreboot-utils/lib/io.c | 4 | ||||
| -rw-r--r-- | util/libreboot-utils/lib/mkhtemp.c | 2 | ||||
| -rw-r--r-- | util/libreboot-utils/lib/string.c | 33 | ||||
| -rw-r--r-- | util/libreboot-utils/lottery.c | 2 |
5 files changed, 38 insertions, 4 deletions
diff --git a/util/libreboot-utils/include/common.h b/util/libreboot-utils/include/common.h index 0ccc02aa..da102f05 100644 --- a/util/libreboot-utils/include/common.h +++ b/util/libreboot-utils/include/common.h @@ -378,6 +378,7 @@ char *smalloc(char **buf, size_t size); void *vmalloc(void **buf, size_t size); int slen(const char *scmp, size_t maxlen, size_t *rval); +int vcmp(const void *s1, const void *s2, size_t n); int scmp(const char *a, const char *b, size_t maxlen, int *rval); int sdup(const char *s, diff --git a/util/libreboot-utils/lib/io.c b/util/libreboot-utils/lib/io.c index eac6073e..4938cdc8 100644 --- a/util/libreboot-utils/lib/io.c +++ b/util/libreboot-utils/lib/io.c @@ -143,7 +143,7 @@ read_file(void) if (_r < 0) err_exit(errno, "%s: read failed (cmp)", f->tname); - if (memcmp(f->buf, f->bufcmp, f->gbe_file_size) != 0) + if (vcmp(f->buf, f->bufcmp, f->gbe_file_size) != 0) err_exit(errno, "%s: %s: read contents differ (pre-test)", f->fname, f->tname); } @@ -329,7 +329,7 @@ check_written_part(size_t p) f->rw_check_err_read[p] = f->io_err_gbe = 1; else if ((size_t)rval != gbe_rw_size) f->rw_check_partial_read[p] = f->io_err_gbe = 1; - else if (memcmp(mem_offset, f->pad, gbe_rw_size) != 0) + else if (vcmp(mem_offset, f->pad, gbe_rw_size) != 0) f->rw_check_bad_part[p] = f->io_err_gbe = 1; if (f->rw_check_err_read[p] || diff --git a/util/libreboot-utils/lib/mkhtemp.c b/util/libreboot-utils/lib/mkhtemp.c index bba8a7ca..2ef26d67 100644 --- a/util/libreboot-utils/lib/mkhtemp.c +++ b/util/libreboot-utils/lib/mkhtemp.c @@ -567,7 +567,7 @@ mkhtemp(int *fd, if_err(fname_len > template_len, EOVERFLOW)) return -1; - if (if_err(memcmp(fname, template + template_len - fname_len, + if (if_err(vcmp(fname, template + template_len - fname_len, fname_len) != 0, EINVAL)) return -1; diff --git a/util/libreboot-utils/lib/string.c b/util/libreboot-utils/lib/string.c index 39b31cb0..49c23663 100644 --- a/util/libreboot-utils/lib/string.c +++ b/util/libreboot-utils/lib/string.c @@ -292,6 +292,39 @@ err: return -1; } +/* because no libc reimagination is complete + * without a reimplementation of memcmp. and + * no safe one is complete without null checks. + */ +int +vcmp(const void *s1, const void *s2, size_t n) +{ + size_t i = 0; + size_t a; + size_t b; + + if (if_err(s1 == NULL || s2 == NULL, EFAULT)) + err_exit(EFAULT, "vcmp: null input"); + + const unsigned char *x = s1; + const unsigned char *y = s2; + + for ( ; i + sizeof(size_t) <= n; i += sizeof(size_t)) { + + memcpy(&a, x + i, sizeof(size_t)); + memcpy(&b, y + i, sizeof(size_t)); + + if (a != b) + break; + } + + for ( ; i < n; i++) + if (x[i] != y[i]) + return (int)x[i] - (int)y[i]; + + return 0; +} + /* on functions that return with errno, * i sometimes have a default fallback, * which is set if errno wasn't changed, diff --git a/util/libreboot-utils/lottery.c b/util/libreboot-utils/lottery.c index fd39c68c..1f8ff2e0 100644 --- a/util/libreboot-utils/lottery.c +++ b/util/libreboot-utils/lottery.c @@ -28,7 +28,7 @@ main(int argc, char **argv) xpledgex("stdio", NULL); buf = rmalloc(size); - if (!memcmp(buf, buf + (size >> 1), size >> 1)) + if (!vcmp(buf, buf + (size >> 1), size >> 1)) same = 1; if (argc < 2) /* no spew */ |