diff --git a/src/inc_internal/maat_limits.h b/src/inc_internal/maat_limits.h index 357acfc..e52c8b7 100644 --- a/src/inc_internal/maat_limits.h +++ b/src/inc_internal/maat_limits.h @@ -16,12 +16,9 @@ extern "C" { #endif -#define MAX_KEYWORDS_STR 1024 - +#define MAX_KEYWORDS_STR_LEN 1024 #define MAX_MAAT_STAT_NUM 64 - #define MAX_NAME_STR_LEN 64 - #define MAX_INSTANCE_NAME_LEN 15 #ifdef __cplusplus diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index fe7028e..9d4524a 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -40,7 +40,7 @@ extern "C" #define DISTRICT_ANY -1 #define DISTRICT_UNKNOWN -2 -#define MAX_DISTRICT_STR 128 +#define MAX_DISTRICT_STR_LEN 128 #define INVALID_VERSION -1 #define mr_region_id_var "SEQUENCE_REGION" @@ -109,8 +109,8 @@ struct source_redis_ctx { struct maat_options { char inst_name[MAX_INSTANCE_NAME_LEN + 1]; char foreign_cont_dir[NAME_MAX]; - char decrypt_algo[MAX_KEYWORDS_STR]; - char decrypt_key[MAX_KEYWORDS_STR]; + char decrypt_algo[MAX_KEYWORDS_STR_LEN]; + char decrypt_key[MAX_KEYWORDS_STR_LEN]; char log_path[PATH_MAX]; int log_level; char stat_file[NAME_MAX]; diff --git a/src/maat_compile.c b/src/maat_compile.c index 6005676..f0672d0 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -284,8 +284,8 @@ compile_item_new(const char *table_line, struct compile_schema *schema, compile_item->ref_schema = schema; compile_item->ex_data = ALLOC(void *, 1); memcpy(compile_item->table_name, table_name, sizeof(compile_item->table_name)); - compile_item->table_line_len = strlen(table_line) + 1; - compile_item->table_line = ALLOC(char, compile_item->table_line_len); + compile_item->table_line_len = strlen(table_line); + compile_item->table_line = ALLOC(char, compile_item->table_line_len + 1); memcpy(compile_item->table_line, table_line, compile_item->table_line_len); if (1 == schema->set_flag) { @@ -1154,7 +1154,7 @@ static struct compile_item *compile_item_clone(struct compile_item *item) new_item->ex_data = ALLOC(void *, 1); memcpy(new_item->table_name, item->table_name, sizeof(new_item->table_name)); new_item->table_line_len = item->table_line_len; - new_item->table_line = ALLOC(char, new_item->table_line_len); + new_item->table_line = ALLOC(char, new_item->table_line_len + 1); memcpy(new_item->table_line, item->table_line, new_item->table_line_len); if (1 == item->ref_schema->set_flag) { diff --git a/src/maat_ex_data.c b/src/maat_ex_data.c index e49a2d5..d7cbfcc 100644 --- a/src/maat_ex_data.c +++ b/src/maat_ex_data.c @@ -93,11 +93,11 @@ void ex_data_runtime_cache_row_put(struct ex_data_runtime *ex_data_rt, const cha return; } - size_t len = strlen(row) + 1; - char* row_copy = ALLOC(char, len); + size_t row_len = strlen(row); + char *row_copy = ALLOC(char, row_len + 1); - memcpy(row_copy, row, len); - ex_data_rt->cache_size += len; + memcpy(row_copy, row, row_len); + ex_data_rt->cache_size += row_len; utarray_push_back(ex_data_rt->cache_rows, &row_copy); ex_data_rt->cache_row_num++; } diff --git a/src/maat_expr.c b/src/maat_expr.c index 2c53d21..370cf28 100644 --- a/src/maat_expr.c +++ b/src/maat_expr.c @@ -58,7 +58,7 @@ enum match_method { struct expr_item { long long item_id; long long group_id; - char keywords[MAX_KEYWORDS_STR]; + char keywords[MAX_KEYWORDS_STR_LEN + 1]; enum expr_type expr_type; enum expr_match_mode match_mode; int is_hexbin; @@ -211,7 +211,7 @@ expr_item_new(struct expr_schema *expr_schema, const char *table_name, goto error; } - if (column_len >= MAX_KEYWORDS_STR) { + if (column_len > MAX_KEYWORDS_STR_LEN) { log_error(expr_rt->logger, MODULE_EXPR, "[%s:%d] expr table:<%s> keywords length too long in line:%s", __FUNCTION__, __LINE__, table_name, line); @@ -252,14 +252,15 @@ expr_item_new(struct expr_schema *expr_schema, const char *table_name, goto error; } - if (column_len >= MAX_DISTRICT_STR) { + if (column_len > MAX_DISTRICT_STR_LEN) { log_error(expr_rt->logger, MODULE_EXPR, - "[%s:%d] expr table:<%s> district length exceed maxium:%d in line:%s", - __FUNCTION__, __LINE__, table_name, MAX_DISTRICT_STR, line); + "[%s:%d] expr table:<%s> district length exceed maximum:%d" + " in line:%s", __FUNCTION__, __LINE__, table_name, + MAX_DISTRICT_STR_LEN, line); goto error; } - char district[MAX_DISTRICT_STR] = {0}; + char district[MAX_DISTRICT_STR_LEN + 1] = {0}; memcpy(district, (line + column_offset), column_len); assert(strlen(district) > 0); str_unescape(district); @@ -722,8 +723,8 @@ static int expr_item_to_expr_rule(struct expr_item *expr_item, if (TRUE == expr_item->is_hexbin && expr_rule->patterns[i].type != EXPR_PATTERN_TYPE_REG) { - region_str_len = strlen(sub_key_array[i]) * 8 + 1; - region_string = ALLOC(char, region_str_len); + region_str_len = strlen(sub_key_array[i]) * 8; + region_string = ALLOC(char, region_str_len + 1); region_str_len = hex2bin(sub_key_array[i], strlen(sub_key_array[i]), region_string, region_str_len); } diff --git a/src/maat_flag.c b/src/maat_flag.c index da0747f..4c44ac7 100644 --- a/src/maat_flag.c +++ b/src/maat_flag.c @@ -333,15 +333,15 @@ flag_item_new(struct flag_schema *schema, const char *table_name, goto error; } - if (column_len >= MAX_DISTRICT_STR) { + if (column_len > MAX_DISTRICT_STR_LEN) { log_error(flag_rt->logger, MODULE_FLAG, "[%s:%d] flag_plus table:<%s> district length exceed " - "maxium:%d in line:%s", __FUNCTION__, __LINE__, table_name, - MAX_DISTRICT_STR, line); + "maximum:%d in line:%s", __FUNCTION__, __LINE__, + table_name, MAX_DISTRICT_STR_LEN, line); goto error; } - char district[MAX_DISTRICT_STR] = {0}; + char district[MAX_DISTRICT_STR_LEN + 1] = {0}; memcpy(district, (line + column_offset), column_len); assert(strlen(district) > 0); str_unescape(district); diff --git a/src/maat_interval.c b/src/maat_interval.c index e5a11a8..9e9a35d 100644 --- a/src/maat_interval.c +++ b/src/maat_interval.c @@ -308,15 +308,15 @@ interval_item_new(struct interval_schema *schema, const char *table_name, goto error; } - if (column_len >= MAX_DISTRICT_STR) { + if (column_len > MAX_DISTRICT_STR_LEN) { log_error(interval_rt->logger, MODULE_INTERVAL, "[%s:%d] interval_plus table:<%s> district length exceed " - "maxium:%d in line:%s", __FUNCTION__, __LINE__, table_name, - MAX_DISTRICT_STR, line); + "maximum:%d in line:%s", __FUNCTION__, __LINE__, table_name, + MAX_DISTRICT_STR_LEN, line); goto error; } - char district[MAX_DISTRICT_STR] = {0}; + char district[MAX_DISTRICT_STR_LEN + 1] = {0}; memcpy(district, (line + column_offset), column_len); assert(strlen(district) > 0); str_unescape(district); diff --git a/src/maat_plugin.c b/src/maat_plugin.c index c987bc4..66e8f39 100644 --- a/src/maat_plugin.c +++ b/src/maat_plugin.c @@ -440,6 +440,14 @@ static int plugin_table_line_get_key(struct plugin_schema *schema, return -1; } + if (key_len > MAX_KEYWORDS_STR_LEN) { + log_error(logger, MODULE_PLUGIN, + "[%s:%d] plugin table:<%s> key(column seq:%d) length exceed maxium:%d" + " in table_line:%s", __FUNCTION__, __LINE__, table_name, + schema->key_column, MAX_KEYWORDS_STR_LEN, line); + return -1; + } + const char *common_key = line + key_offset; if (schema->key_type == PLUGIN_KEY_TYPE_POINTER) { memcpy(dst_key, common_key, key_len); @@ -543,7 +551,7 @@ int plugin_runtime_update(void *plugin_runtime, void *plugin_schema, return -1; } - char key[MAX_KEYWORDS_STR] = {0}; + char key[MAX_KEYWORDS_STR_LEN + 1] = {0}; size_t key_len = 0; ret = plugin_table_line_get_key(schema, table_name, line, key, &key_len, plugin_rt->logger); diff --git a/src/maat_redis_monitor.c b/src/maat_redis_monitor.c index 758721e..fb40936 100644 --- a/src/maat_redis_monitor.c +++ b/src/maat_redis_monitor.c @@ -139,7 +139,7 @@ static void _get_foregin_keys(struct serial_rule *p_rule, int *foreign_columns, __FUNCTION__, __LINE__, p_rule->table_name, p_rule->rule_id, p_foreign); } - p_rule->f_keys[p_rule->n_foreign].key = ALLOC(char, foreign_key_size+1); + p_rule->f_keys[p_rule->n_foreign].key = ALLOC(char, foreign_key_size + 1); memcpy(p_rule->f_keys[p_rule->n_foreign].key, p_foreign, foreign_key_size); p_rule->f_keys[p_rule->n_foreign].filename = get_foreign_cont_filename(p_rule->table_name, p_rule->rule_id, @@ -515,14 +515,14 @@ static struct serial_rule *serial_rule_clone(const struct serial_rule *s_rule) new_rule->timeout = s_rule->timeout; memcpy(new_rule->table_name, s_rule->table_name, strlen(s_rule->table_name)); new_rule->n_foreign = s_rule->n_foreign; - new_rule->table_line = ALLOC(char, strlen(s_rule->table_line)); + new_rule->table_line = ALLOC(char, strlen(s_rule->table_line) + 1); memcpy(new_rule->table_line, s_rule->table_line, strlen(s_rule->table_line)); new_rule->f_keys = ALLOC(struct foreign_key, new_rule->n_foreign); for (int j = 0; j < new_rule->n_foreign; j++) { - new_rule->f_keys[j].key = ALLOC(char, s_rule->f_keys[j].key_len); + new_rule->f_keys[j].key = ALLOC(char, s_rule->f_keys[j].key_len + 1); memcpy(new_rule->f_keys[j].key, s_rule->f_keys[j].key, s_rule->f_keys[j].key_len); - new_rule->f_keys[j].filename = ALLOC(char, strlen(s_rule->f_keys[j].filename)); + new_rule->f_keys[j].filename = ALLOC(char, strlen(s_rule->f_keys[j].filename) + 1); memcpy(new_rule->f_keys[j].filename, s_rule->f_keys[j].filename, strlen(s_rule->f_keys[j].filename)); } @@ -945,7 +945,7 @@ void maat_rewrite_table_line_with_foreign(struct serial_rule *s_rule) fn_size += strlen(s_rule->f_keys[i].filename); } - char *rewrite_line = ALLOC(char, strlen(s_rule->table_line) + fn_size); + char *rewrite_line = ALLOC(char, strlen(s_rule->table_line) + fn_size + 1); char *pos_rewrite_line = rewrite_line; const char *pos_origin_line = s_rule->table_line; diff --git a/test/expr_matcher_gtest.cpp b/test/expr_matcher_gtest.cpp index 7143e27..5cfd5f5 100644 --- a/test/expr_matcher_gtest.cpp +++ b/test/expr_matcher_gtest.cpp @@ -171,8 +171,8 @@ int parse_config_file(const char *filename, struct expr_rule exprs[], size_t *n_ exprs[i].patterns[j].pat = ALLOC(char, strlen(item->valuestring) + 1); if (is_hexbin == 1) { - size_t pat_str_len = strlen(item->valuestring) + 1; - char *pat_str = ALLOC(char, pat_str_len); + size_t pat_str_len = strlen(item->valuestring); + char *pat_str = ALLOC(char, pat_str_len + 1); pat_str_len = hex2bin(item->valuestring, strlen(item->valuestring), pat_str, pat_str_len); diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index d11c4ff..015faaf 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -3875,7 +3875,7 @@ void bool_plugin_ex_new_cb(const char *table_name, int table_id, const char *key ret = get_column_pos(table_line, 3, &column_offset, &column_len); EXPECT_EQ(ret, 0); - ud->name = ALLOC(char, column_len+1); + ud->name = ALLOC(char, column_len + 1); memcpy(ud->name, table_line+column_offset, column_len); ud->name_len = column_len + 1; @@ -4606,7 +4606,7 @@ TEST_F(MaatFileTest, StreamFiles) { ASSERT_TRUE(ret == 0); file_size = file_info.st_size; - char *buff = ALLOC(char, file_size); + char *buff = ALLOC(char, file_size + 1); FILE *fp = fopen(file_path, "rb"); if (fp == NULL) { printf("fopen %s error.\n", file_path); @@ -5655,7 +5655,7 @@ void prepare_file_to_set(const char* filename, char** file_buff, size_t *file_si ASSERT_FALSE(fp == NULL); *file_size = file_info.st_size; - *file_buff = ALLOC(char, *file_size); + *file_buff = ALLOC(char, *file_size + 1); ret = fread(*file_buff, 1, *file_size, fp); fclose(fp);