enowars5-service-stldoctor

STL-Analyzing A/D Service for ENOWARS5 in 2021
git clone https://git.sinitax.com/sinitax/enowars5-service-stldoctor
Log | Files | Refs | README | LICENSE | sfeed.txt
commit 7dc26f19055f66efc1b059d39d46008c3f0dd20d
parent 1490268ea6ae75e5e9b78861c56dc9b04db903f3
Author: Louis Burda <quent.burda@gmail.com>
Date:   Mon, 10 May 2021 18:08:29 +0200

fixed hash parsing from info file and only query non-hidden dirs in standard user mode

Diffstat:

Mservice/src/printdoc.c | 13+++++++++++--


Mservice/src/test.sh | 14+++++++++++---


Mservice/src/util.c | 9+++++----


3 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/service/src/printdoc.c b/service/src/printdoc.c
@@ -145,7 +145,7 @@ query_cmd(char *arg)
 
 	dirstart = telldir(d);
 	for (i = 0; (de = readdir(d));) {
-		if (de->d_type == DT_DIR && !strpfcmp(hash, de->d_name)) {
+		if (!strpfcmp(hash, de->d_name) && *de->d_name != '.') {
 			printf("%i : %s\n", i, de->d_name);
 			i++;
 		}
@@ -164,7 +164,7 @@ query_cmd(char *arg)
 
 	seekdir(d, dirstart);
 	for (i = 0; (de = readdir(d));) {
-		if (de->d_type == DT_DIR && !strpfcmp(hash, de->d_name)) {
+		if (!strpfcmp(hash, de->d_name) && *de->d_name != '.') {
 			if (i == which) {
 				scandir = aprintf("%s/%s", resultdir, de->d_name);
 				break;
@@ -180,6 +180,7 @@ query_cmd(char *arg)
 
 	infopath = aprintf("%s/%s", scandir, "info");
 	if (!(f = fopen(infopath, "r"))) goto cleanup;
+	free_info(&cached);
 	if (load_info(&cached, f) != OK) goto cleanup;
 	fclose(f);
 	f = NULL;
@@ -208,6 +209,12 @@ cleanup:
 	free(modelpath);
 }
 
+void
+cleanexit()
+{
+	free_info(&cached);
+}
+
 int
 main()
 {
@@ -221,6 +228,8 @@ main()
 	setvbuf(stdout, NULL, _IONBF, 0);
 	setvbuf(stderr, NULL, _IONBF, 0);
 
+	atexit(cleanexit);
+
 	dump("msgs/welcome");
 
 	exit = 0;
diff --git a/service/src/test.sh b/service/src/test.sh
@@ -49,24 +49,32 @@ elif [ "$1" == "poc" ]; then
 
 	rm -rf scans/*
 
+	echo -e "\n--- Uploading target STL ---\n" 1>&2
+	(
+		echo "submit"
+		cat tests/sample-ascii.stl | wc -c
+		cat tests/sample-ascii.stl
+	) | ./printdoc
+
 	echo -e "\n--- Uploading evil STL ---\n" 1>&2
 	(
 		echo "submit"
 		cat tests/evil1.stl | wc -c
 		cat tests/evil1.stl
-		echo "AAAA"
+		echo -e "AAAA\xff"
 	) | ./printdoc
 
 	echo -e "\n--- Testing Exploit ---\n" 1>&2
 
 	(
 		echo "query"
-		echo "AAAA"
+		echo -e "AAAA\xff"
 		echo "0"
 		echo "n"
 
 		echo "query"
-	) | ./printdoc
+		echo "1"
+	) | checkleaks
 
 else
 	(
diff --git a/service/src/util.c b/service/src/util.c
@@ -46,7 +46,7 @@ const char*
 mhash(const char *filename, int len)
 {
 	static const char *hexalph = "0123456789ABCDEF";
-	static char buf[MHASHLEN + 1];
+	static char buf[2 * MHASHLEN + 1];
 	int i, k;
 
 	if (len == -1) len = strlen(filename);
@@ -55,8 +55,8 @@ mhash(const char *filename, int len)
 		unsigned char v = 0;
 		for (k = i; k < len; k += MHASHLEN)
 			v ^= filename[k];
-		buf[i*2+1] = hexalph[(v >> 4) & 0x0f];
-		buf[i*2+0] = hexalph[(v >> 0) & 0x0f];
+		buf[i*2+0] = hexalph[(v >> 4) & 0x0f];
+		buf[i*2+1] = hexalph[(v >> 0) & 0x0f];
 	}
 
 	if (i == 0) {
@@ -81,8 +81,9 @@ freadstr(FILE *f, char **dst)
 	for (len = 0; (c = fgetc(f)) != EOF && c; len++);
 	fseek(f, start, SEEK_SET);
 
-	*dst = calloc(len + 1, 1);
+	*dst = checkp(calloc(1, len + 1));
 	fread(*dst, len, 1, f);
+	fgetc(f);
 }
 
 void