Fix upfile parsing bounds and file count guard (#33)

* Fix upfile parsing bounds and file count guard
* `trim_right` should accept full buffer
* Add `UPFILE_FILE_COUNT`

---------

Co-authored-by: james-coder <james-coder@users.noreply.github.com>
Co-authored-by: paxx12 <245230251+paxx12@users.noreply.github.com>

Author: james-coder

tools/upfile/helpers.h

@@ -195,7 +195,7 @@ static void print_hex(const uint8_t *data, size_t size) {
 }
 
 static size_t trim_right(char *str, size_t max_len) {
-  size_t len = strnlen(str, max_len + 1);
+  size_t len = strnlen(str, max_len);
   while (len > 0 && (str[len - 1] == '\n' || str[len - 1] == '\r' || str[len - 1] == ' ' || str[len - 1] == '\t')) {
     str[len - 1] = '\0';
     len--;

tools/upfile/upfile.c

@@ -28,15 +28,16 @@ typedef struct __attribute__((packed)) {
 } UPFILE_ENTRY;
 
 #define UPFILE_MAGIC 0x4b4d4e53 // "SNMK"
+#define UPFILE_FILE_COUNT 4
 
-static const char *FILE_TYPE_STRINGS[] = {
+static const char *FILE_TYPE_STRINGS[UPFILE_FILE_COUNT] = {
   "SOC_FW",
   "MCU1_FW",
   "MCU2_FW",
   "MCU_DESC"
 };
 
-static const char *FILE_NAMES[] = {
+static const char *FILE_NAMES[UPFILE_FILE_COUNT] = {
   "update.img",
   "at32f403a.bin",
   "at32f415.bin",
@@ -86,7 +87,13 @@ static int info(const char *infile, const char *outdir, void (*file_fnc)(const c
     file_fnc("UPFILE_BUILD_DATE", header.build_date, trim_right(header.build_date, sizeof(header.build_date)));
   }
 
-  for (uint8_t i = 0; i < be_to_host16(header.files); i++) {
+  uint16_t files = be_to_host16(header.files);
+  if (files > UPFILE_FILE_COUNT) {
+    fprintf(stderr, "Too many files found: %u\n", files);
+    goto error;
+  }
+
+  for (uint16_t i = 0; i < files; i++) {
     UPFILE_ENTRY entry;
     if (fseek(fp, sizeof(UPFILE_HEADER) + i * sizeof(UPFILE_ENTRY), SEEK_SET) != 0) {
       perror("fseek");
@@ -135,8 +142,7 @@ static int info(const char *infile, const char *outdir, void (*file_fnc)(const c
     }
 
     if (file_fnc) {
-      const char *filename = (i < ARRAY_SIZE(FILE_NAMES)) ? FILE_NAMES[i] : "unknown";
-      file_fnc(filename, data, be_to_host32(entry.size));
+      file_fnc(FILE_NAMES[i], data, be_to_host32(entry.size));
     }
     free(data);
   }
@@ -260,7 +266,7 @@ static int pack(const char *outfile, const char *indir) {
   UPFILE_HEADER header = {0};
   header.magic = UPFILE_MAGIC;
   header.magic_ver = host_to_be16(1);
-  header.files = host_to_be16(ARRAY_SIZE(FILE_NAMES));
+  header.files = host_to_be16(UPFILE_FILE_COUNT);
   if (read_string_from_file("UPFILE_VERSION", header.version, sizeof(header.version)) != 0) {
     fprintf(stderr, "Error: UPFILE_VERSION not found\n");
     goto error;
@@ -278,11 +284,11 @@ static int pack(const char *outfile, const char *indir) {
     goto error;
   }
 
-  printf("Packing UPFILE with %zu files\n", ARRAY_SIZE(FILE_NAMES));
+  printf("Packing UPFILE with %zu files\n", UPFILE_FILE_COUNT);
 
-  uint64_t data_offset = sizeof(UPFILE_HEADER) + ARRAY_SIZE(FILE_NAMES) * sizeof(UPFILE_ENTRY);
+  uint64_t data_offset = sizeof(UPFILE_HEADER) + UPFILE_FILE_COUNT * sizeof(UPFILE_ENTRY);
 
-  for (int i = 0; i < ARRAY_SIZE(FILE_NAMES); i++) {
+  for (int i = 0; i < UPFILE_FILE_COUNT; i++) {
     int ret = pack_file(outfp, i, i, FILE_NAMES[i], &data_offset);
     if (ret != 0) {
       goto error;