From 1ddb484cfc352bf7f6696685a2b685b984adce78 Mon Sep 17 00:00:00 2001 From: Ben Kurtovic Date: Fri, 8 Apr 2016 04:26:41 -0500 Subject: [PATCH] Validate characters in manifest file paths. --- tests/runner.c | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/tests/runner.c b/tests/runner.c index 341ed80..5a62358 100644 --- a/tests/runner.c +++ b/tests/runner.c @@ -62,14 +62,14 @@ static bool diff_files(const char *expected_path, const char *actual_path) bool same = false; FILE *expected = NULL, *actual = NULL; - if (!(expected = fopen(expected_path, "rb"))) { - FAIL_TEST("missing reference file: %s", expected_path) - goto cleanup; - } if (!(actual = fopen(actual_path, "rb"))) { FAIL_TEST("missing output file: %s", actual_path) goto cleanup; } + if (!(expected = fopen(expected_path, "rb"))) { + FAIL_TEST("missing reference file: %s", expected_path) + goto cleanup; + } size_t len = 0; int e, a; @@ -103,6 +103,14 @@ static bool diff_files(const char *expected_path, const char *actual_path) } /* + Return whether the given character is valid within a filename. +*/ +static bool is_valid_filename_char(char c) { + return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || + (c >= '0' && c <= '9') || c == '.' || c == '_' || c == '-'; +} + +/* Run a single ASM->ROM test, converting the given source file to a temporary output file, compared against the reference file. */ @@ -169,8 +177,8 @@ static bool test_asm() return false; } - char *line = NULL, *split; - size_t cap = 0, lineno = 0; + char *line = NULL, *split, c; + size_t cap = 0, lineno = 0, i; ssize_t len; while ((len = getline(&line, &cap, fp)) > 0) { @@ -179,7 +187,14 @@ static bool test_asm() if (!len) continue; - // TODO: validate chars + i = 0; + while ((c = line[i++])) { + if (!is_valid_filename_char(c) && c != ' ') { + READY_STDOUT() + ERROR("bad character in manifest file on line %zu", lineno) + return false; + } + } split = strchr(line, ' '); if (!split || strchr(split + 1, ' ')) {