Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 6 Dec 2019 00:06:06 +0000 (UTC)
From:      Alan Somers <asomers@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r355430 - head/sys/cam/scsi
Message-ID:  <201912060006.xB6066qR058963@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: asomers
Date: Fri Dec  6 00:06:05 2019
New Revision: 355430
URL: https://svnweb.freebsd.org/changeset/base/355430

Log:
  ses: sanitize illegal strings in SES element descriptors
  
  The SES4r3 standard requires that element descriptors may only contain ASCII
  characters in the range 0x20 to 0x7e.  Some SuperMicro expanders violate
  that rule.  This patch adds a sanity check to ses(4).  Descriptors in
  violation will be replaced by "<invalid>".
  
  This patch fixes "sesutil --libxo xml" on such systems.  Previously it would
  generate non-well-formed XML output.
  
  PR:		241929
  Reviewed by:	allanjude
  MFC after:	2 weeks
  Sponsored by:	Axcient

Modified:
  head/sys/cam/scsi/scsi_enc_ses.c

Modified: head/sys/cam/scsi/scsi_enc_ses.c
==============================================================================
--- head/sys/cam/scsi/scsi_enc_ses.c	Thu Dec  5 19:39:51 2019	(r355429)
+++ head/sys/cam/scsi/scsi_enc_ses.c	Fri Dec  6 00:06:05 2019	(r355430)
@@ -110,7 +110,7 @@ typedef struct ses_addl_status {
 typedef struct ses_element {
 	uint8_t eip;			/* eip bit is set */
 	uint16_t descr_len;		/* length of the descriptor */
-	char *descr;			/* descriptor for this object */
+	const char *descr;		/* descriptor for this object */
 	struct ses_addl_status addl;	/* additional status info */
 } ses_element_t;
 
@@ -1977,6 +1977,35 @@ ses_publish_cache(enc_softc_t *enc, struct enc_fsm_sta
 	return (0);
 }
 
+/*
+ * \brief Sanitize an element descriptor
+ *
+ * The SES4r3 standard, sections 3.1.2 and 6.1.10, specifies that element
+ * descriptors may only contain ASCII characters in the range 0x20 to 0x7e.
+ * But some vendors violate that rule.  Ensure that we only expose compliant
+ * descriptors to userland.
+ *
+ * \param desc		SES element descriptor as reported by the hardware
+ * \param len		Length of desc in bytes, not necessarily including
+ * 			trailing NUL.  It will be modified if desc is invalid.
+ */
+static const char*
+ses_sanitize_elm_desc(const char *desc, uint16_t *len)
+{
+	const char *invalid = "<invalid>";
+	int i;
+
+	for (i = 0; i < *len; i++) {
+		if (desc[i] < 0x20 || desc[i] > 0x7e) {
+			*len = strlen(invalid);
+			return (invalid);
+		} else if (desc[i] == 0) {
+			break;
+		}
+	}
+	return (desc);
+}
+
 /**
  * \brief Parse the descriptors for each object.
  *
@@ -2061,7 +2090,8 @@ ses_process_elm_descs(enc_softc_t *enc, struct enc_fsm
 		if (length > 0) {
 			elmpriv = element->elm_private;
 			elmpriv->descr_len = length;
-			elmpriv->descr = &buf[offset];
+			elmpriv->descr = ses_sanitize_elm_desc(&buf[offset],
+			    &elmpriv->descr_len);
 		}
 
 		/* skip over the descriptor itself */



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912060006.xB6066qR058963>