diff options
| author | Alan Somers <asomers@FreeBSD.org> | 2019-12-06 00:06:05 +0000 |
|---|---|---|
| committer | Alan Somers <asomers@FreeBSD.org> | 2019-12-06 00:06:05 +0000 |
| commit | e083fb08b9e5c33b4b8b68e1860ff56679f12c20 (patch) | |
| tree | d5e9a556936289c4221cd51ad2f70e6265fc18e2 /sys/cam | |
| parent | 35228417b21abe865dfb6809ee5a7a985833d610 (diff) | |
| download | src-e083fb08b9e5c33b4b8b68e1860ff56679f12c20.tar.gz src-e083fb08b9e5c33b4b8b68e1860ff56679f12c20.zip | |
ses: sanitize illegal strings in SES element descriptors
The SES4r3 standard requires that element descriptors may only contain ASCII
characters in the range 0x20 to 0x7e. Some SuperMicro expanders violate
that rule. This patch adds a sanity check to ses(4). Descriptors in
violation will be replaced by "<invalid>".
This patch fixes "sesutil --libxo xml" on such systems. Previously it would
generate non-well-formed XML output.
PR: 241929
Reviewed by: allanjude
MFC after: 2 weeks
Sponsored by: Axcient
Notes
Notes:
svn path=/head/; revision=355430
Diffstat (limited to 'sys/cam')
| -rw-r--r-- | sys/cam/scsi/scsi_enc_ses.c | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/sys/cam/scsi/scsi_enc_ses.c b/sys/cam/scsi/scsi_enc_ses.c index 6b40af1b5a9f..e2ebaa6e56d4 100644 --- a/sys/cam/scsi/scsi_enc_ses.c +++ b/sys/cam/scsi/scsi_enc_ses.c @@ -110,7 +110,7 @@ typedef struct ses_addl_status { typedef struct ses_element { uint8_t eip; /* eip bit is set */ uint16_t descr_len; /* length of the descriptor */ - char *descr; /* descriptor for this object */ + const char *descr; /* descriptor for this object */ struct ses_addl_status addl; /* additional status info */ } ses_element_t; @@ -1977,6 +1977,35 @@ ses_publish_cache(enc_softc_t *enc, struct enc_fsm_state *state, return (0); } +/* + * \brief Sanitize an element descriptor + * + * The SES4r3 standard, sections 3.1.2 and 6.1.10, specifies that element + * descriptors may only contain ASCII characters in the range 0x20 to 0x7e. + * But some vendors violate that rule. Ensure that we only expose compliant + * descriptors to userland. + * + * \param desc SES element descriptor as reported by the hardware + * \param len Length of desc in bytes, not necessarily including + * trailing NUL. It will be modified if desc is invalid. + */ +static const char* +ses_sanitize_elm_desc(const char *desc, uint16_t *len) +{ + const char *invalid = "<invalid>"; + int i; + + for (i = 0; i < *len; i++) { + if (desc[i] < 0x20 || desc[i] > 0x7e) { + *len = strlen(invalid); + return (invalid); + } else if (desc[i] == 0) { + break; + } + } + return (desc); +} + /** * \brief Parse the descriptors for each object. * @@ -2061,7 +2090,8 @@ ses_process_elm_descs(enc_softc_t *enc, struct enc_fsm_state *state, if (length > 0) { elmpriv = element->elm_private; elmpriv->descr_len = length; - elmpriv->descr = &buf[offset]; + elmpriv->descr = ses_sanitize_elm_desc(&buf[offset], + &elmpriv->descr_len); } /* skip over the descriptor itself */ |