From beb9f0b103f693ed4338b0d7cfa76c21e3219d81 Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@openidc.com>
Date: Mon, 16 Dec 2024 18:44:12 +0100
Subject: [PATCH] code: apply boundary checks on oidc_metrics_shm_size in
 metrics.c

and use a global static for performance reasons; enable SonarQube

Signed-off-by: Hans Zandbelt <hans.zandbelt@openidc.com>
---
 .../{sonarqube.yml.save => sonarqube.yml}       |  0
 ChangeLog                                       |  1 +
 src/metrics.c                                   | 17 ++++++++++++++---
 3 files changed, 15 insertions(+), 3 deletions(-)
 rename .github/workflows/{sonarqube.yml.save => sonarqube.yml} (100%)

diff --git a/.github/workflows/sonarqube.yml.save b/.github/workflows/sonarqube.yml
similarity index 100%
rename from .github/workflows/sonarqube.yml.save
rename to .github/workflows/sonarqube.yml
diff --git a/ChangeLog b/ChangeLog
index 50b9b493..32a82268 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,7 @@
 - code: declare introspection_endpoint_method member as int so it can be set to OIDC_CONFIG_POS_INT_UNSET without warning
 - code: check return value of oidc_get_provider_from_session and oidc_refresh_token_grant in logout.c
 - code: avoid potential crash on non-conformant literal IPv6 adresses in oidc_util_current_url_host
+- code: apply boundary checks on oidc_metrics_shm_size and use a global static for performance reasons
 
 12/15/2024
 - add Coverity Github action
diff --git a/src/metrics.c b/src/metrics.c
index 085d673e..e3554a5e 100644
--- a/src/metrics.c
+++ b/src/metrics.c
@@ -337,11 +337,22 @@ static inline int oidc_metrics_get_env_int(const char *name, int dval) {
 
 #define OIDC_METRICS_CACHE_JSON_MAX_ENV_VAR "OIDC_METRICS_CACHE_JSON_MAX"
 
+static apr_size_t _oidc_metrics_shm_size = 0;
+
 /*
  * get the size of the to-be-allocated shared memory segment
  */
-static inline int oidc_metrics_shm_size(server_rec *s) {
-	return oidc_metrics_get_env_int(OIDC_METRICS_CACHE_JSON_MAX_ENV_VAR, OIDC_METRICS_CACHE_JSON_MAX_DEFAULT);
+static inline apr_size_t oidc_metrics_shm_size(server_rec *s) {
+	if (_oidc_metrics_shm_size == 0) {
+		int n =
+		    oidc_metrics_get_env_int(OIDC_METRICS_CACHE_JSON_MAX_ENV_VAR, OIDC_METRICS_CACHE_JSON_MAX_DEFAULT);
+		if ((n < 1) || (n > 1024 * 256 * 4 * 100)) {
+			oidc_serror(s, "environment value %s out of bounds, fallback to default",
+				    OIDC_METRICS_CACHE_JSON_MAX_ENV_VAR);
+			_oidc_metrics_shm_size = OIDC_METRICS_CACHE_JSON_MAX_DEFAULT;
+		}
+	}
+	return _oidc_metrics_shm_size;
 }
 
 /*
@@ -354,7 +365,7 @@ static inline void oidc_metrics_storage_set(server_rec *s, const char *value) {
 		if (n > oidc_metrics_shm_size(s))
 			oidc_serror(s,
 				    "json value too large: set or increase system environment variable %s to a value "
-				    "larger than %d",
+				    "larger than %" APR_SIZE_T_FMT,
 				    OIDC_METRICS_CACHE_JSON_MAX_ENV_VAR, oidc_metrics_shm_size(s));
 		else
 			_oidc_memcpy(p, value, n);