Gitiles
Code Review Sign In
review.blissroms.org / platform_system_core_old / 3873b1d8f652f79679111f3ddbfbbad9e92a6dbb^! / .
commit3873b1d8f652f79679111f3ddbfbbad9e92a6dbb[log] [tgz]
authorMark Salyzyn <salyzyn@google.com>Wed Sep 20 08:37:46 2017 -0700
committerMark Salyzyn <salyzyn@google.com>Thu Oct 26 14:17:14 2017 -0700
treeefe2244a76d613995a99dec3475c5d798aa4c6d8
parentbce8c9c8274a720eb04b853b955cfe0813061dc7 [diff]
bootstat: better validation of battery level (shutdown,battery)

Replace simple strtoull with loop that ensures no leading zeros.
Restrict size of value buffer being checked as allocation was
going to end of retrieved buffer, which can cause unnecessary
memory pressure during boot.

Test: system/core/bootstat/boot_reason_test.sh
Bug: 63736262
Change-Id: Ifdc1d4fd3a73794c001577024ce7cbfde9c25028

diff --git a/bootstat/bootstat.cpp b/bootstat/bootstat.cpp
index 07d410c..cdb4b9b 100644
--- a/bootstat/bootstat.cpp
+++ b/bootstat/bootstat.cpp

@@ -508,10 +508,16 @@
       size_t pos = content.rfind(battery);  // last one
       std::string digits;
       if (pos != std::string::npos) {
-        digits = content.substr(pos + strlen(battery));
+        digits = content.substr(pos + strlen(battery), strlen("100 "));
       }
-      char* endptr = NULL;
-      unsigned long long level = strtoull(digits.c_str(), &endptr, 10);
+      const char* endptr = digits.c_str();
+      unsigned level = 0;
+      while (::isdigit(*endptr)) {
+        level *= 10;
+        level += *endptr++ - '0';
+        // make sure no leading zeros, except zero itself, and range check.
+        if ((level == 0) || (level > 100)) break;
+      }
       if ((level <= 100) && (endptr != digits.c_str()) && (*endptr == ' ')) {
         LOG(INFO) << "Battery level at shutdown " << level << "%";
         if (level <= battery_dead_threshold) {
@@ -552,10 +558,16 @@
 
         pos = content.find(match);  // The first one it finds.
         if (pos != std::string::npos) {
-          digits = content.substr(pos + strlen(match));
+          digits = content.substr(pos + strlen(match), strlen("100 "));
         }
-        endptr = NULL;
-        level = strtoull(digits.c_str(), &endptr, 10);
+        endptr = digits.c_str();
+        level = 0;
+        while (::isdigit(*endptr)) {
+          level *= 10;
+          level += *endptr++ - '0';
+          // make sure no leading zeros, except zero itself, and range check.
+          if ((level == 0) || (level > 100)) break;
+        }
         if ((level <= 100) && (endptr != digits.c_str()) && (*endptr == ' ')) {
           LOG(INFO) << "Battery level at startup " << level << "%";
           if (level <= battery_dead_threshold) {