From 3321f1d85cd491721cd6ba7a79bfe042acd2e7c7 Mon Sep 17 00:00:00 2001
From: Dominik Loidolt <dominik.loidolt@univie.ac.at>
Date: Thu, 16 Jan 2025 12:11:27 +0100
Subject: [PATCH] Add model file size mismatch check and update version to 0.14
- Added a check to verify model file size matches original data size and report errors
- Fix buffer overflow in `read_file_data` when file size exceeds `buf_size`
- Updated version to 0.14
---
CHANGELOG.md | 4 ++++
meson.build | 2 +-
programs/cmp_io.c | 4 ++--
programs/cmp_tool.c | 5 ++++
test/cmp_tool/cmp_tool_integration_test.py | 27 ++++++++++++++++++++++
5 files changed, 39 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index de799aa..443309e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,10 @@
# Changelog
All notable changes to this project will be documented in this file.
+## [0.14] - 16-01-2025
+### Added
+- check for model file size mismatch errors
+
## [0.13] - 08-11-2024
### Added
- added chunk-specific compression parameter guessing functionality
diff --git a/meson.build b/meson.build
index d31ceca..f91a1b7 100644
--- a/meson.build
+++ b/meson.build
@@ -1,5 +1,5 @@
project('cmp_tool', 'c',
- version : '0.13',
+ version : '0.14',
meson_version : '>= 0.63',
license : 'GPL-2.0',
default_options : [
diff --git a/programs/cmp_io.c b/programs/cmp_io.c
index 653f8fe..8dc453d 100644
--- a/programs/cmp_io.c
+++ b/programs/cmp_io.c
@@ -1446,10 +1446,10 @@ ssize_t read_file_data(const char *file_name, enum cmp_type cmp_type,
switch (cmp_type) {
case CMP_TYPE_RDCU:
- err = be_to_cpu_data_type(buf, (uint32_t)size, DATA_TYPE_IMAGETTE);
+ err = be_to_cpu_data_type(buf, buf_size, DATA_TYPE_IMAGETTE);
break;
case CMP_TYPE_CHUNK:
- err = be_to_cpu_chunk(buf, (uint32_t)size);
+ err = be_to_cpu_chunk(buf, buf_size);
break;
case CMP_TYPE_ERROR:
default:
diff --git a/programs/cmp_tool.c b/programs/cmp_tool.c
index a0f1180..3d0e7f2 100644
--- a/programs/cmp_tool.c
+++ b/programs/cmp_tool.c
@@ -511,6 +511,11 @@ int main(int argc, char **argv)
model_size, io_flags);
if (size < 0)
goto fail;
+ if (size != (ssize_t)model_size) {
+ fprintf(stderr, "%s: %s: Error: Model file size does not match original data size.\n", PROGRAM_NAME, model_file_name);
+ goto fail;
+ }
+
printf("DONE\n");
rcfg.model_buf = input_model_buf;
diff --git a/test/cmp_tool/cmp_tool_integration_test.py b/test/cmp_tool/cmp_tool_integration_test.py
index 5f80ab1..3f7e004 100755
--- a/test/cmp_tool/cmp_tool_integration_test.py
+++ b/test/cmp_tool/cmp_tool_integration_test.py
@@ -1331,6 +1331,33 @@ def test_model_fiel_erros():
del_file(output_prefix+"_upmodel.dat")
+def test_decmp_model_fiel_original_size_miss_match():
+ cmp_data = b'8000000d000029000004097ce800cbd5097ce800cbfe00010108d01001000000001001001110078700'
+ to_large_model = b'111111111111' # should be 4 byte large in normal case
+ output_prefix = 'model_file_to_large'
+ cmp_data_file_name = 'binary_cmp_data.cmp'
+ model_file_name = 'to_large_model.dat'
+
+ try:
+ with open(cmp_data_file_name, 'wb') as f:
+ f.write(bytes.fromhex(cmp_data.decode()))
+
+ with open(model_file_name, 'wb') as f:
+ f.write(bytes.fromhex(to_large_model.decode()))
+
+ returncode, stdout, stderr = call_cmp_tool(
+ " --binary -d "+cmp_data_file_name + " -m " + model_file_name + " -o "+output_prefix)
+ assert(returncode == EXIT_FAILURE)
+ assert(stdout == CMP_START_STR_DECMP +
+ "Importing compressed data file %s ... DONE\n" % (cmp_data_file_name) +
+ "Importing model file %s ... FAILED\n" % (model_file_name))
+ assert(stderr == "cmp_tool: %s: Error: Model file size does not match original data size.\n" % (model_file_name))
+
+ finally:
+ del_file(cmp_data_file_name)
+ del_file(model_file_name)
+
+
def test_rdcu_pkt():
# generate test data
data = '00 01 00 02 00 03 00 04 00 05 \n'
--
GitLab