extcap: set G_REGEX_RAW to avoid potential crashes

None of the patterns try to match UTF-8 text. Treat the inputs as bytes to avoid potential crashes on invalid subjects (e.g. malformed data from an extcap binary, ADB or SSH server). Change-Id: I6f3113cfd9da04ae3fa2b0ece7b0a3a94312830e Ping-Bug: 14905 Reviewed-on: https://code.wireshark.org/review/31939 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu <peter@lekensteyn.nl>
author: Peter Wu <peter@lekensteyn.nl> 2019-02-08 18:48:26 +0100
committer: Peter Wu <peter@lekensteyn.nl> 2019-02-10 16:12:46 +0000
commit: 567fe966b1ca9a4c00f9989de9a38cfe8ebfbd14 (patch)
tree: 414a608bc93e65134e56d7ecb8a8b8420c2f7262 /extcap_parser.c
parent: 80587eb0636e0e8642be504bc9cd207f37122a0b (diff)
1 files changed, 17 insertions, 11 deletions
diff --git a/extcap_parser.c b/extcap_parser.c
index 411e2522be..e1d4c5d8f4 100644
--- a/extcap_parser.c
+++ b/extcap_parser.c
@@ -85,6 +85,10 @@ gdouble extcap_complex_get_double(extcap_complex *comp) {
     return g_strtod(comp->_val, NULL);
 }
 
+static gboolean matches_regex(const char *pattern, const char *subject) {
+    return g_regex_match_simple(pattern, subject, (GRegexCompileFlags) (G_REGEX_CASELESS | G_REGEX_RAW), (GRegexMatchFlags)0);
+}
+
 gboolean extcap_complex_get_bool(extcap_complex *comp) {
     if (comp == NULL || comp->_val == NULL)
         return FALSE;
@@ -92,7 +96,7 @@ gboolean extcap_complex_get_bool(extcap_complex *comp) {
     if (comp->complex_type != EXTCAP_ARG_BOOLEAN && comp->complex_type != EXTCAP_ARG_BOOLFLAG)
         return FALSE;
 
-    return g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, comp->_val, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+    return matches_regex(EXTCAP_BOOLEAN_REGEX, comp->_val);
 }
 
 gchar *extcap_complex_get_string(extcap_complex *comp) {
@@ -113,7 +117,8 @@ static extcap_token_sentence *extcap_tokenize_sentence(const gchar *s) {
 
     /* Regex for catching just the allowed values for sentences */
     if ((regex = g_regex_new("^[\\t| ]*(arg|value|interface|extcap|dlt|control)(?=[\\t| ]+\\{)",
-                             (GRegexCompileFlags) G_REGEX_CASELESS, (GRegexMatchFlags) 0, NULL)) != NULL) {
+                             (GRegexCompileFlags) (G_REGEX_CASELESS | G_REGEX_RAW),
+                             (GRegexMatchFlags) 0, NULL)) != NULL) {
         g_regex_match(regex, s, (GRegexMatchFlags) 0, &match_info);
 
         if (g_match_info_matches(match_info))
@@ -134,7 +139,8 @@ static extcap_token_sentence *extcap_tokenize_sentence(const gchar *s) {
      * that regex patterns given to {validation=} are parsed correctly,
      * as long as }{ does not occur within the pattern */
     regex = g_regex_new("\\{([a-zA-Z_-]*?)\\=(.*?)\\}(?=\\{|$|\\s)",
-                        (GRegexCompileFlags) G_REGEX_CASELESS, (GRegexMatchFlags) 0, NULL);
+                        (GRegexCompileFlags) (G_REGEX_CASELESS | G_REGEX_RAW),
+                        (GRegexMatchFlags) 0, NULL);
     if (regex != NULL) {
         g_regex_match_full(regex, s, -1, 0, (GRegexMatchFlags) 0, &match_info, &error);
         while (g_match_info_matches(match_info)) {
@@ -374,12 +380,12 @@ static extcap_value *extcap_parse_value_sentence(extcap_token_sentence *s) {
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_DEFAULT)))
                 != NULL) {
             /* printf("found default value\n"); */
-            value->is_default = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            value->is_default = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_ENABLED)))
                 != NULL) {
-            value->enabled = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            value->enabled = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
     }
 
@@ -452,7 +458,7 @@ static extcap_arg *extcap_parse_arg_sentence(GList *args, extcap_token_sentence
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_FILE_MUSTEXIST)))
                 != NULL) {
-            target_arg->fileexists = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            target_arg->fileexists = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_FILE_EXTENSION)))
@@ -472,7 +478,7 @@ static extcap_arg *extcap_parse_arg_sentence(GList *args, extcap_token_sentence
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_REQUIRED)))
                 != NULL) {
-            target_arg->is_required = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            target_arg->is_required = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_TYPE)))
@@ -518,12 +524,12 @@ static extcap_arg *extcap_parse_arg_sentence(GList *args, extcap_token_sentence
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_SAVE)))
                 != NULL) {
-            target_arg->save = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            target_arg->save = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_RELOAD)))
                 != NULL) {
-            target_arg->reload = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            target_arg->reload = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_RANGE)))
@@ -731,7 +737,7 @@ static iface_toolbar_control *extcap_parse_control_sentence(GList *control_items
 
         if ((param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_REQUIRED)))
             != NULL) {
-            control->is_required = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            control->is_required = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
 
         param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_TOOLTIP));
@@ -836,7 +842,7 @@ static iface_toolbar_control *extcap_parse_control_sentence(GList *control_items
 
         param_value = (gchar *)g_hash_table_lookup(s->param_list, ENUM_KEY(EXTCAP_PARAM_DEFAULT));
         if (param_value != NULL) {
-            value->is_default = g_regex_match_simple(EXTCAP_BOOLEAN_REGEX, param_value, G_REGEX_CASELESS, (GRegexMatchFlags)0);
+            value->is_default = matches_regex(EXTCAP_BOOLEAN_REGEX, param_value);
         }
 
         control = (iface_toolbar_control *)entry->data;
author	Peter Wu <peter@lekensteyn.nl>	2019-02-08 18:48:26 +0100
committer	Peter Wu <peter@lekensteyn.nl>	2019-02-10 16:12:46 +0000
commit	567fe966b1ca9a4c00f9989de9a38cfe8ebfbd14 (patch)
tree	414a608bc93e65134e56d7ecb8a8b8420c2f7262 /extcap_parser.c
parent	80587eb0636e0e8642be504bc9cd207f37122a0b (diff)