Skip to content

Commit

Permalink
Added extra validation for invalid characters as well as tests.
Browse files Browse the repository at this point in the history
  • Loading branch information
JonathanHenson committed Nov 2, 2023
1 parent 3101481 commit dd40861
Show file tree
Hide file tree
Showing 5 changed files with 45 additions and 3 deletions.
2 changes: 1 addition & 1 deletion include/aws/common/ipc_util.h
Original file line number Diff line number Diff line change
Expand Up @@ -31,4 +31,4 @@ void aws_ipc_util_instance_lock_release(struct aws_ipc_util_instance_lock *insta

AWS_EXTERN_C_END

#endif /* #ifndef AWS_COMMON_IPC_UTIL_H */
#endif /* AWS_COMMON_IPC_UTIL_H */
11 changes: 11 additions & 0 deletions source/posix/ipc_util.c
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,17 @@ struct aws_ipc_util_instance_lock {
struct aws_ipc_util_instance_lock *aws_ipc_util_instance_lock_try_acquire(
struct aws_allocator *allocator,
struct aws_byte_cursor instance_nonce) {

/* validate we don't have a directory slash. */
struct aws_byte_cursor to_find = aws_byte_cursor_from_c_str("/");
struct aws_byte_cursor found;
AWS_ZERO_STRUCT(found);
if (aws_byte_cursor_find_exact(&instance_nonce, &to_find, &found) != AWS_OP_ERR &&
aws_last_error() != AWS_ERROR_STRING_MATCH_NOT_FOUND) {
aws_raise_error(AWS_ERROR_INVALID_ARGUMENT);
return NULL;
}

/*
* The unix standard says /tmp has to be there and be writable. However, while it may be tempting to just use the
* /tmp/ directory, it often has the sticky bit set which would prevent a subprocess from being able to call open
Expand Down
11 changes: 11 additions & 0 deletions source/windows/ipc_util.c
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,17 @@ struct aws_ipc_util_instance_lock {
struct aws_ipc_util_instance_lock *aws_ipc_util_instance_lock_try_acquire(
struct aws_allocator *allocator,
struct aws_byte_cursor instance_nonce) {

/* validate we don't have a directory slash. */
struct aws_byte_cursor to_find = aws_byte_cursor_from_c_str("\\");
struct aws_byte_cursor found;
AWS_ZERO_STRUCT(found);
if (aws_byte_cursor_find_exact(&instance_nonce, &to_find, &found) != AWS_OP_ERR &&
aws_last_error() != AWS_ERROR_STRING_MATCH_NOT_FOUND) {
aws_raise_error(AWS_ERROR_INVALID_ARGUMENT);
return NULL;
}

struct aws_byte_cursor path_prefix = aws_byte_cursor_from_c_str("Global/");
struct aws_byte_buf nonce_buf;
aws_byte_buf_init_copy_from_cursor(&nonce_buf, allocator, path_prefix);
Expand Down
1 change: 1 addition & 0 deletions tests/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -525,6 +525,7 @@ add_test_case(test_instance_lock_works_in_proc)
add_test_case(test_instance_lock_works_cross_proc)
#this one is here for use by test_instance_lock_works_cross_proc
add_test_case(instance_lock_mp_test_runner)
add_test_case(test_instance_lock_invalid_nonce_fails)


generate_test_driver(${PROJECT_NAME}-tests)
Expand Down
23 changes: 21 additions & 2 deletions tests/io_util_tests.c
Original file line number Diff line number Diff line change
Expand Up @@ -69,11 +69,11 @@ static int s_test_instance_lock_works_cross_proc(struct aws_allocator *allocator

/* Invoke the test runner in a new process for ease so cmake automatically does the work for us. */
struct aws_run_command_options command_options = {
#ifdef __WIN32
#ifdef _WIN32
.command = "aws-c-common-tests instance_lock_mp_test_runner",
#else
.command = "./aws-c-common-tests instance_lock_mp_test_runner",
#endif
#endif /* _WIN32 */
};

struct aws_run_command_result result;
Expand All @@ -97,3 +97,22 @@ static int s_test_instance_lock_works_cross_proc(struct aws_allocator *allocator
return AWS_OP_SUCCESS;
}
AWS_TEST_CASE(test_instance_lock_works_cross_proc, s_test_instance_lock_works_cross_proc)

static int s_test_instance_lock_invalid_nonce(struct aws_allocator *allocator, void *ctx) {
(void)ctx;
aws_common_library_init(allocator);
#ifdef _WIN32
struct aws_byte_cursor lock_nonce = aws_byte_cursor_from_c_str("invalid\\lock_nonce");
#else
struct aws_byte_cursor lock_nonce = aws_byte_cursor_from_c_str("invalid/lock_nonce");
#endif /* _WIN32 */

struct aws_ipc_util_instance_lock *instance_lock = aws_ipc_util_instance_lock_try_acquire(allocator, lock_nonce);
ASSERT_NULL(instance_lock);
ASSERT_INT_EQUALS(AWS_ERROR_INVALID_ARGUMENT, aws_last_error());

aws_common_library_clean_up();

return AWS_OP_SUCCESS;
}
AWS_TEST_CASE(test_instance_lock_invalid_nonce_fails, s_test_instance_lock_invalid_nonce)

0 comments on commit dd40861

Please sign in to comment.