Fix multiple bugs in cam_strmatch

* Wrongly matches strings that are shorter than the pattern
* Fails to match negative character sets
* Fails to match character sets that aren't at the end of the pattern
* Fails to match character ranges

Reviewed by:	imp
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D13173

lib/libcam/tests/Makefile

@@ -1,6 +1,7 @@
 # $FreeBSD$
 
 ATF_TESTS_C+=	libcam_test
+ATF_TESTS_C+=	cam_test
 
 LIBADD+=	cam
 

lib/libcam/tests/cam_test.c

@@ -0,0 +1,111 @@
+/*-
+ * Copyright (c) 2017 Spectra Logic Corporation
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* Tests functions in sys/cam/cam.c */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <camlib.h>
+
+#include <atf-c.h>
+
+#define ATF_CHECK_NE(x, y) ATF_CHECK((x) != (y))
+
+ATF_TC_WITHOUT_HEAD(cam_strmatch);
+ATF_TC_BODY(cam_strmatch, tc)
+{
+	/* Basic fixed patterns */
+	ATF_CHECK_EQ(0, cam_strmatch("foo", "foo", 3));
+	ATF_CHECK_NE(0, cam_strmatch("foo", "bar", 3));
+	ATF_CHECK_NE(0, cam_strmatch("foo", "foobar", 3));
+
+	/* The str is not necessarily null-terminated */
+	ATF_CHECK_EQ(0, cam_strmatch("fooxuehfxeuf", "foo", 3));
+	ATF_CHECK_NE(0, cam_strmatch("foo\0bar", "foo", 7));
+
+	/* Eat trailing spaces, which get added by SAT */
+	ATF_CHECK_EQ(0, cam_strmatch("foo             ", "foo", 16));
+
+	/* '*' matches everything, like shell globbing */
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "foo*", 6));
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "*bar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foobar", "foo*x", 6));
+	ATF_CHECK_EQ(0, cam_strmatch("foobarbaz", "*bar*", 9));
+	/* Even NUL */
+	ATF_CHECK_EQ(0, cam_strmatch("foo\0bar", "foo*", 7));
+	/* Or nothing */
+	ATF_CHECK_EQ(0, cam_strmatch("foo", "foo*", 3));
+	/* But stuff after the * still must match */
+	ATF_CHECK_NE(0, cam_strmatch("foo", "foo*x", 3));
+
+	/* '?' matches exactly one single character */
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "foo?ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foo", "foo?", 3));
+	/* Even NUL */
+	ATF_CHECK_EQ(0, cam_strmatch("foo\0bar", "foo?bar", 7));
+
+	/* '[]' contains a set of characters */
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "foo[abc]ar", 6));
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "foo[b]ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foobar", "foo[ac]ar", 6));
+
+	/* '[]' can contain a range of characters, too */
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "foo[a-c]ar", 6));
+	ATF_CHECK_EQ(0, cam_strmatch("fooxar", "foo[a-cx]ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foodar", "foo[a-c]ar", 6));
+	
+	/* Back-to-back '[]' character sets */
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "fo[a-z][abc]ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foAbar", "fo[a-z][abc]ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foodar", "fo[a-z][abc]ar", 6));
+
+	/* A '^' negates a set of characters */
+	ATF_CHECK_NE(0, cam_strmatch("foobar", "foo[^abc]ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foobar", "foo[^b]ar", 6));
+	ATF_CHECK_EQ(0, cam_strmatch("foobar", "foo[^ac]ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("foobar", "foo[^a-c]ar", 6));
+	ATF_CHECK_NE(0, cam_strmatch("fooxar", "foo[^a-cx]ar", 6));
+	ATF_CHECK_EQ(0, cam_strmatch("foodar", "foo[^a-c]ar", 6));
+
+	/* Outside of '[]' a ']' is just an ordinary character */
+	ATF_CHECK_EQ(0, cam_strmatch("f]o", "f]o", 3));
+	ATF_CHECK_NE(0, cam_strmatch("foo", "f]o", 3));
+
+	/* Matching a literal '[' requires specifying a range */
+	ATF_CHECK_EQ(0, cam_strmatch("f[o", "f[[]o", 3));
+	ATF_CHECK_NE(0, cam_strmatch("foo", "f[[]o", 3));
+}
+
+ATF_TP_ADD_TCS(tp)
+{
+	ATF_TP_ADD_TC(tp, cam_strmatch);
+
+	return (atf_no_error());
+}

lib/libcam/tests/libcam_test.c

@@ -24,6 +24,8 @@
  * SUCH DAMAGE.
  */
 
+/* Tests functions in lib/libcam/camlib.c */
+
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 

sys/cam/cam.c

@@ -240,24 +240,29 @@ cam_strmatch(const u_int8_t *str, const u_int8_t *pattern, int str_len)
 			ok = 0;
 			sc = *str++;
 			str_len--;
+			pattern++;
 			if ((negate_range = (*pattern == '^')) != 0)
 				pattern++;
-			while (((pc = *pattern) != ']') && *pattern != '\0') {
-				pattern++;
+			while ((*pattern != ']') && *pattern != '\0') {
 				if (*pattern == '-') {
 					if (pattern[1] == '\0') /* Bad pattern */
 						return (1);
 					if (sc >= pc && sc <= pattern[1])
 						ok = 1;
-					pattern += 2;
-				} else if (pc == sc)
+					pattern++;
+				} else if (*pattern == sc)
 					ok = 1;
+				pc = *pattern;
+				pattern++;
 			}
 			if (ok == negate_range)
 				return (1);
+			pattern++;
 		} else if (*pattern == '?') {
-			/* NB: || *str == ' ' of the old code is a bug and was removed */
-			/* if you add it back, keep this the last if before the naked else */
+			/*
+			 * NB: || *str == ' ' of the old code is a bug and was
+			 * removed.  If you add it back, keep this the last if
+			 * before the naked else */
 			pattern++;
 			str++;
 			str_len--;
@@ -269,6 +274,17 @@ cam_strmatch(const u_int8_t *str, const u_int8_t *pattern, int str_len)
 			str_len--;
 		}
 	}
+
+	/* '*' is allowed to match nothing, so gobble it */
+	while (*pattern == '*')
+		pattern++;
+
+	if ( *pattern != '\0') {
+		/* Pattern not fully consumed.  Not a match */
+		return (1);
+	}
+
+	/* Eat trailing spaces, which get added by SAT */
 	while (str_len > 0 && *str == ' ') {
 		str++;
 		str_len--;