Fix null pointer checks as pre-conditions for functions in to_string.c

Use pre-defined macro SAFE_STRLCPY to avoid repetition.
trilitech · Apr 23, 2024 · 77c9ae7 · 77c9ae7
1 parent 06e3865
commit 77c9ae7
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 19 deletions.
diff --git a/src/apdu_sign.c b/src/apdu_sign.c
@@ -289,7 +289,7 @@ int select_signing_key(buffer_t *cdata, derivation_type_t derivation_type) {
  * Cdata:
  *   + (max-size) uint8 *: message
  */
-int handle_sign(buffer_t *cdata, bool last, bool with_hash) {
+int handle_sign(buffer_t *cdata, const bool last, const bool with_hash) {
     tz_exc exc = SW_OK;
 
     TZ_ASSERT_NOT_NULL(cdata);

diff --git a/src/operations.c b/src/operations.c
@@ -302,6 +302,9 @@ static tz_exc parse_operations_init(struct parsed_operation_group *const out,
 
 bool parse_operations_final(struct parse_state *const state,
                             struct parsed_operation_group *const out) {
+    if ((state == NULL) || (out == NULL)) {
+        return false;
+    }
     if ((out->operation.tag == OPERATION_TAG_NONE) && !out->has_reveal) {
         return false;
     }

diff --git a/src/to_string.c b/src/to_string.c
@@ -161,13 +161,14 @@ static int chain_id_to_string(char *const dest,
     return base58_encode((const uint8_t *) &data, sizeof(data), dest, dest_size);
 }
 
-#define SAFE_STRCPY(dest, size, x) \
-    ({                             \
-        if (size < sizeof(x)) {    \
-            return -1;             \
-        }                          \
-        strlcpy(dest, x, size);    \
-        return sizeof(x);          \
+#define SAFE_STRCPY(dest, dest_size, in) \
+    ({                                   \
+        size_t in_size = strlen(in);     \
+        if (dest_size < in_size) {       \
+            return -1;                   \
+        }                                \
+        strlcpy(dest, in, dest_size);    \
+        return in_size;                  \
     })
 
 int chain_id_to_string_with_aliases(char *const dest,
@@ -302,7 +303,7 @@ int microtez_to_string(char *const dest, size_t dest_size, uint64_t number) {
 }
 
 int hwm_to_string(char *dest, size_t dest_size, high_watermark_t const *const hwm) {
-    if (dest == NULL) {
+    if ((dest == NULL) || (hwm == NULL)) {
         return -1;
     }
     int result = number_to_string(dest, dest_size, hwm->highest_level);
@@ -323,7 +324,7 @@ int hwm_to_string(char *dest, size_t dest_size, high_watermark_t const *const hw
 }
 
 int hwm_status_to_string(char *dest, size_t dest_size, volatile bool const *hwm_disabled) {
-    if ((dest == NULL) || (dest_size < 9u)) {
+    if ((dest == NULL) || (dest_size < 9u) || (hwm_disabled == NULL)) {
         return -1;
     }
     memcpy(dest, *hwm_disabled ? "Disabled" : "Enabled", dest_size);
@@ -332,15 +333,8 @@ int hwm_status_to_string(char *dest, size_t dest_size, volatile bool const *hwm_
 
 int copy_string(char *const dest, size_t const dest_size, char const *const src) {
     if ((dest == NULL) || (src == NULL)) {
-        return false;
-    }
-
-    char const *const src_in = (char const *) PIC(src);
-    // I don't care that we will loop through the string twice, latency is not an issue
-    size_t src_size = strlen(src_in);
-    if (src_size >= dest_size) {
         return -1;
     }
-    strlcpy(dest, src_in, dest_size);
-    return src_size;
+    char const *const src_in = (char const *) PIC(src);
+    SAFE_STRCPY(dest, dest_size, src_in);
 }