tools/csvparser: add a limitation of parsing parameters from syscall csv

The g_parm variable which it is a buffer to treat system call parameters has a maximum value, 16 as a parameter field. But in parse_csvline function, a maximum value is not checking so that it can cause memory corruption. Because of above reason, it should have a checking code for maximum. But, parser can't make a decision whether it is a valid or not. Let's exit with error.
author: sunghan <sh924.chang@samsung.com> 2017-10-18 15:47:34 +0900
committer: sunghan <sh924.chang@samsung.com> 2017-10-18 15:52:41 +0900
commit: 819fa0bdfb525199d7f587fade7f5af1311d2827 (patch)
tree: 67d0f8a55c3520b685fa02eefb8db63b6cdc6019
parent: 1fcd08bbece9becf76000a20b8992b9178fcbe7b (diff)
download: tinyara-819fa0bdfb525199d7f587fade7f5af1311d2827.tar.gz
tinyara-819fa0bdfb525199d7f587fade7f5af1311d2827.tar.bz2
tinyara-819fa0bdfb525199d7f587fade7f5af1311d2827.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/os/tools/csvparser.c b/os/tools/csvparser.c
index 6cd1b4a6..980d28e8 100644
--- a/os/tools/csvparser.c
+++ b/os/tools/csvparser.c
@@ -209,6 +209,10 @@ int parse_csvline(char *ptr)
 	 */
 
 	do {
+		if (nparams >= MAX_FIELDS) {
+			fprintf(stderr, "%d: too many Parameters: \"%s\"\n", g_lineno, g_line);
+			exit(8);
+		}
 		ptr = copy_parm(ptr, &g_parm[nparms][0]);
 		nparms++;
 		ptr = find_parm(ptr);
author	sunghan <sh924.chang@samsung.com>	2017-10-18 15:47:34 +0900
committer	sunghan <sh924.chang@samsung.com>	2017-10-18 15:52:41 +0900
commit	819fa0bdfb525199d7f587fade7f5af1311d2827 (patch)
tree	67d0f8a55c3520b685fa02eefb8db63b6cdc6019
parent	1fcd08bbece9becf76000a20b8992b9178fcbe7b (diff)
download	tinyara-819fa0bdfb525199d7f587fade7f5af1311d2827.tar.gz tinyara-819fa0bdfb525199d7f587fade7f5af1311d2827.tar.bz2 tinyara-819fa0bdfb525199d7f587fade7f5af1311d2827.zip