From 05e82c3b963c33048128baf72a6f6b3a1c10b4c1 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 15 May 2014 14:33:43 +1000 Subject: - djm@cvs.openbsd.org 2014/04/30 05:29:56 [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c] [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c] [ssherr.h] New buffer API; the first installment of the conversion/replacement of OpenSSH's internals to make them usable as a standalone library. This includes a set of wrappers to make it compatible with the existing buffer API so replacement can occur incrementally. With and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review. --- sshbuf-getput-basic.c | 421 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 421 insertions(+) create mode 100644 sshbuf-getput-basic.c (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c new file mode 100644 index 00000000..6b16b214 --- /dev/null +++ b/sshbuf-getput-basic.c @@ -0,0 +1,421 @@ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.1 2014/04/30 05:29:56 djm Exp $ */ +/* + * Copyright (c) 2011 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "includes.h" + +#include +#include +#include +#include + +#include "ssherr.h" +#define SSHBUF_INTERNAL +#include "sshbuf.h" + +int +sshbuf_get(struct sshbuf *buf, void *v, size_t len) +{ + const u_char *p = sshbuf_ptr(buf); + int r; + + if ((r = sshbuf_consume(buf, len)) < 0) + return r; + if (v != NULL) + memcpy(v, p, len); + return 0; +} + +int +sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp) +{ + const u_char *p = sshbuf_ptr(buf); + int r; + + if ((r = sshbuf_consume(buf, 8)) < 0) + return r; + if (valp != NULL) + *valp = PEEK_U64(p); + return 0; +} + +int +sshbuf_get_u32(struct sshbuf *buf, u_int32_t *valp) +{ + const u_char *p = sshbuf_ptr(buf); + int r; + + if ((r = sshbuf_consume(buf, 4)) < 0) + return r; + if (valp != NULL) + *valp = PEEK_U32(p); + return 0; +} + +int +sshbuf_get_u16(struct sshbuf *buf, u_int16_t *valp) +{ + const u_char *p = sshbuf_ptr(buf); + int r; + + if ((r = sshbuf_consume(buf, 2)) < 0) + return r; + if (valp != NULL) + *valp = PEEK_U16(p); + return 0; +} + +int +sshbuf_get_u8(struct sshbuf *buf, u_char *valp) +{ + const u_char *p = sshbuf_ptr(buf); + int r; + + if ((r = sshbuf_consume(buf, 1)) < 0) + return r; + if (valp != NULL) + *valp = (u_int8_t)*p; + return 0; +} + +int +sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp) +{ + const u_char *val; + size_t len; + int r; + + if (valp != NULL) + *valp = NULL; + if (lenp != NULL) + *lenp = 0; + if ((r = sshbuf_get_string_direct(buf, &val, &len)) < 0) + return r; + if (valp != NULL) { + if ((*valp = malloc(len + 1)) == NULL) { + SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); + return SSH_ERR_ALLOC_FAIL; + } + memcpy(*valp, val, len); + (*valp)[len] = '\0'; + } + if (lenp != NULL) + *lenp = len; + return 0; +} + +int +sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp) +{ + size_t len; + const u_char *p; + int r; + + if (valp != NULL) + *valp = NULL; + if (lenp != NULL) + *lenp = 0; + if ((r = sshbuf_peek_string_direct(buf, &p, &len)) < 0) + return r; + if (valp != 0) + *valp = p; + if (lenp != NULL) + *lenp = len; + if (sshbuf_consume(buf, len + 4) != 0) { + /* Shouldn't happen */ + SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); + SSHBUF_ABORT(); + return SSH_ERR_INTERNAL_ERROR; + } + return 0; +} + +int +sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp, + size_t *lenp) +{ + u_int32_t len; + const u_char *p = sshbuf_ptr(buf); + + if (valp != NULL) + *valp = NULL; + if (lenp != NULL) + *lenp = 0; + if (sshbuf_len(buf) < 4) { + SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); + return SSH_ERR_MESSAGE_INCOMPLETE; + } + len = PEEK_U32(p); + if (len > SSHBUF_SIZE_MAX - 4) { + SSHBUF_DBG(("SSH_ERR_STRING_TOO_LARGE")); + return SSH_ERR_STRING_TOO_LARGE; + } + if (sshbuf_len(buf) - 4 < len) { + SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); + return SSH_ERR_MESSAGE_INCOMPLETE; + } + if (valp != 0) + *valp = p + 4; + if (lenp != NULL) + *lenp = len; + return 0; +} + +int +sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp) +{ + size_t len; + const u_char *p, *z; + int r; + + if (valp != NULL) + *valp = NULL; + if (lenp != NULL) + *lenp = 0; + if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0) + return r; + /* Allow a \0 only at the end of the string */ + if (len > 0 && + (z = memchr(p , '\0', len)) != NULL && z < p + len - 1) { + SSHBUF_DBG(("SSH_ERR_INVALID_FORMAT")); + return SSH_ERR_INVALID_FORMAT; + } + if ((r = sshbuf_skip_string(buf)) != 0) + return -1; + if (valp != NULL) { + if ((*valp = malloc(len + 1)) == NULL) { + SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); + return SSH_ERR_ALLOC_FAIL; + } + memcpy(*valp, p, len); + (*valp)[len] = '\0'; + } + if (lenp != NULL) + *lenp = (size_t)len; + return 0; +} + +int +sshbuf_get_stringb(struct sshbuf *buf, struct sshbuf *v) +{ + u_int32_t len; + u_char *p; + int r; + + /* + * Use sshbuf_peek_string_direct() to figure out if there is + * a complete string in 'buf' and copy the string directly + * into 'v'. + */ + if ((r = sshbuf_peek_string_direct(buf, NULL, NULL)) != 0 || + (r = sshbuf_get_u32(buf, &len)) != 0 || + (r = sshbuf_reserve(v, len, &p)) != 0 || + (r = sshbuf_get(buf, p, len)) != 0) + return r; + return 0; +} + +int +sshbuf_put(struct sshbuf *buf, const void *v, size_t len) +{ + u_char *p; + int r; + + if ((r = sshbuf_reserve(buf, len, &p)) < 0) + return r; + memcpy(p, v, len); + return 0; +} + +int +sshbuf_putb(struct sshbuf *buf, const struct sshbuf *v) +{ + return sshbuf_put(buf, sshbuf_ptr(v), sshbuf_len(v)); +} + +int +sshbuf_putf(struct sshbuf *buf, const char *fmt, ...) +{ + va_list ap; + int r; + + va_start(ap, fmt); + r = sshbuf_putfv(buf, fmt, ap); + va_end(ap); + return r; +} + +int +sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap) +{ + va_list ap2; + int r, len; + u_char *p; + + va_copy(ap2, ap); + if ((len = vsnprintf(NULL, 0, fmt, ap2)) < 0) { + r = SSH_ERR_INVALID_ARGUMENT; + goto out; + } + if (len == 0) { + r = 0; + goto out; /* Nothing to do */ + } + va_end(ap2); + va_copy(ap2, ap); + if ((r = sshbuf_reserve(buf, (size_t)len + 1, &p)) < 0) + goto out; + if ((r = vsnprintf((char *)p, len + 1, fmt, ap2)) != len) { + r = SSH_ERR_INTERNAL_ERROR; + goto out; /* Shouldn't happen */ + } + /* Consume terminating \0 */ + if ((r = sshbuf_consume_end(buf, 1)) != 0) + goto out; + r = 0; + out: + va_end(ap2); + return r; +} + +int +sshbuf_put_u64(struct sshbuf *buf, u_int64_t val) +{ + u_char *p; + int r; + + if ((r = sshbuf_reserve(buf, 8, &p)) < 0) + return r; + POKE_U64(p, val); + return 0; +} + +int +sshbuf_put_u32(struct sshbuf *buf, u_int32_t val) +{ + u_char *p; + int r; + + if ((r = sshbuf_reserve(buf, 4, &p)) < 0) + return r; + POKE_U32(p, val); + return 0; +} + +int +sshbuf_put_u16(struct sshbuf *buf, u_int16_t val) +{ + u_char *p; + int r; + + if ((r = sshbuf_reserve(buf, 2, &p)) < 0) + return r; + POKE_U16(p, val); + return 0; +} + +int +sshbuf_put_u8(struct sshbuf *buf, u_char val) +{ + u_char *p; + int r; + + if ((r = sshbuf_reserve(buf, 1, &p)) < 0) + return r; + p[0] = val; + return 0; +} + +int +sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len) +{ + u_char *d; + int r; + + if (len > SSHBUF_SIZE_MAX - 4) { + SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE")); + return SSH_ERR_NO_BUFFER_SPACE; + } + if ((r = sshbuf_reserve(buf, len + 4, &d)) < 0) + return r; + POKE_U32(d, len); + memcpy(d + 4, v, len); + return 0; +} + +int +sshbuf_put_cstring(struct sshbuf *buf, const char *v) +{ + return sshbuf_put_string(buf, (u_char *)v, strlen(v)); +} + +int +sshbuf_put_stringb(struct sshbuf *buf, const struct sshbuf *v) +{ + return sshbuf_put_string(buf, sshbuf_ptr(v), sshbuf_len(v)); +} + +int +sshbuf_froms(struct sshbuf *buf, struct sshbuf **bufp) +{ + const u_char *p; + size_t len; + struct sshbuf *ret; + int r; + + if (buf == NULL || bufp == NULL) + return SSH_ERR_INVALID_ARGUMENT; + *bufp = NULL; + if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0) + return r; + if ((ret = sshbuf_from(p, len)) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = sshbuf_consume(buf, len + 4)) != 0 || /* Shouldn't happen */ + (r = sshbuf_set_parent(ret, buf)) != 0) { + sshbuf_free(ret); + return r; + } + *bufp = ret; + return 0; +} + +int +sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len) +{ + u_char *d; + const u_char *s = (const u_char *)v; + int r, prepend; + + if (len > SSHBUF_SIZE_MAX - 5) { + SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE")); + return SSH_ERR_NO_BUFFER_SPACE; + } + /* Skip leading zero bytes */ + for (; len > 0 && *s == 0; len--, s++) + ; + /* + * If most significant bit is set then prepend a zero byte to + * avoid interpretation as a negative number. + */ + prepend = len > 0 && (s[0] & 0x80) != 0; + if ((r = sshbuf_reserve(buf, len + 4 + prepend, &d)) < 0) + return r; + POKE_U32(d, len + prepend); + if (prepend) + d[4] = 0; + memcpy(d + 4 + prepend, s, len); + return 0; +} -- cgit v1.2.3 From e5b9f0f2ee6e133894307e44e862b66426990733 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 15 May 2014 14:58:07 +1000 Subject: - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c] [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes --- sshbuf-getput-basic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 6b16b214..b7d0758c 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -15,6 +15,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#define SSHBUF_INTERNAL #include "includes.h" #include @@ -23,7 +24,6 @@ #include #include "ssherr.h" -#define SSHBUF_INTERNAL #include "sshbuf.h" int -- cgit v1.2.3 From 74de254bb92c684cf53461da97f52d5ba34ded80 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 4 Dec 2014 01:49:59 +0000 Subject: upstream commit convert KRL code to new buffer API ok markus@ --- sshbuf-getput-basic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index b7d0758c..682b68d5 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.1 2014/04/30 05:29:56 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.2 2014/12/04 01:49:59 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -359,7 +359,7 @@ sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len) int sshbuf_put_cstring(struct sshbuf *buf, const char *v) { - return sshbuf_put_string(buf, (u_char *)v, strlen(v)); + return sshbuf_put_string(buf, (u_char *)v, v == NULL ? 0 : strlen(v)); } int -- cgit v1.2.3 From a7f49dcb527dd17877fcb8d5c3a9a6f550e0bba5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 12 Jan 2015 15:18:07 +0000 Subject: upstream commit apparently memcpy(x, NULL, 0) is undefined behaviour according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls when length==0; ok markus@ --- sshbuf-getput-basic.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 682b68d5..06d6cc49 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.2 2014/12/04 01:49:59 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.3 2015/01/12 15:18:07 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -34,7 +34,7 @@ sshbuf_get(struct sshbuf *buf, void *v, size_t len) if ((r = sshbuf_consume(buf, len)) < 0) return r; - if (v != NULL) + if (v != NULL && len != 0) memcpy(v, p, len); return 0; } @@ -109,7 +109,8 @@ sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp) SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); return SSH_ERR_ALLOC_FAIL; } - memcpy(*valp, val, len); + if (len != 0) + memcpy(*valp, val, len); (*valp)[len] = '\0'; } if (lenp != NULL) @@ -200,7 +201,8 @@ sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp) SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL")); return SSH_ERR_ALLOC_FAIL; } - memcpy(*valp, p, len); + if (len != 0) + memcpy(*valp, p, len); (*valp)[len] = '\0'; } if (lenp != NULL) @@ -236,7 +238,8 @@ sshbuf_put(struct sshbuf *buf, const void *v, size_t len) if ((r = sshbuf_reserve(buf, len, &p)) < 0) return r; - memcpy(p, v, len); + if (len != 0) + memcpy(p, v, len); return 0; } @@ -352,7 +355,8 @@ sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len) if ((r = sshbuf_reserve(buf, len + 4, &d)) < 0) return r; POKE_U32(d, len); - memcpy(d + 4, v, len); + if (len != 0) + memcpy(d + 4, v, len); return 0; } @@ -416,6 +420,7 @@ sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len) POKE_U32(d, len + prepend); if (prepend) d[4] = 0; - memcpy(d + 4 + prepend, s, len); + if (len != 0) + memcpy(d + 4 + prepend, s, len); return 0; } -- cgit v1.2.3 From a165bab605f7be55940bb8fae977398e8c96a46d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 14 Jan 2015 15:02:39 +0000 Subject: upstream commit avoid BIGNUM in KRL code by using a simple bitmap; feedback and ok markus --- sshbuf-getput-basic.c | 38 +++++++++++++++++++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 06d6cc49..8ff8a0a2 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.3 2015/01/12 15:18:07 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -424,3 +424,39 @@ sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len) memcpy(d + 4 + prepend, s, len); return 0; } + +int +sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, + const u_char **valp, size_t *lenp) +{ + const u_char *d; + size_t len, olen; + int r; + + if ((r = sshbuf_peek_string_direct(buf, &d, &olen)) < 0) + return r; + len = olen; + /* Refuse negative (MSB set) bignums */ + if ((len != 0 && (*d & 0x80) != 0)) + return SSH_ERR_BIGNUM_IS_NEGATIVE; + /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */ + if (len > SSHBUF_MAX_BIGNUM + 1 || + (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0)) + return SSH_ERR_BIGNUM_TOO_LARGE; + /* Trim leading zeros */ + while (len > 0 && *d == 0x00) { + d++; + len--; + } + if (valp != 0) + *valp = d; + if (lenp != NULL) + *lenp = len; + if (sshbuf_consume(buf, olen + 4) != 0) { + /* Shouldn't happen */ + SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); + SSHBUF_ABORT(); + return SSH_ERR_INTERNAL_ERROR; + } + return 0; +} -- cgit v1.2.3 From 7d6c0362039ceacdc1366b5df29ad5d2693c13e5 Mon Sep 17 00:00:00 2001 From: "mmcc@openbsd.org" Date: Tue, 20 Oct 2015 23:24:25 +0000 Subject: upstream commit Compare pointers to NULL rather than 0. ok djm@ Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8 --- sshbuf-getput-basic.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 8ff8a0a2..23e0fd7c 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.5 2015/10/20 23:24:25 mmcc Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -131,7 +131,7 @@ sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp) *lenp = 0; if ((r = sshbuf_peek_string_direct(buf, &p, &len)) < 0) return r; - if (valp != 0) + if (valp != NULL) *valp = p; if (lenp != NULL) *lenp = len; @@ -168,7 +168,7 @@ sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp, SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); return SSH_ERR_MESSAGE_INCOMPLETE; } - if (valp != 0) + if (valp != NULL) *valp = p + 4; if (lenp != NULL) *lenp = len; @@ -448,7 +448,7 @@ sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, d++; len--; } - if (valp != 0) + if (valp != NULL) *valp = d; if (lenp != NULL) *lenp = len; -- cgit v1.2.3 From 9816fc5daee5ca924dd5c4781825afbaab728877 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 16 Jun 2016 11:00:17 +0000 Subject: upstream commit Include stdarg.h for va_copy as per man page. Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd --- sshbuf-getput-basic.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 23e0fd7c..ad21ae57 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.5 2015/10/20 23:24:25 mmcc Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.6 2016/06/16 11:00:17 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -19,6 +19,8 @@ #include "includes.h" #include + +#include #include #include #include -- cgit v1.2.3 From 5abfb15ced985c340359ae7fb65a625ed3692b3e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 15 Jul 2016 14:48:30 +1000 Subject: Move VA_COPY macro into compat header. Some AIX compilers unconditionally undefine va_copy but don't set it back to an internal function, causing link errors. In some compat code we already use VA_COPY instead so move the two existing instances into the shared header and use for sshbuf-getput-basic.c too. Should fix building with at lease some versions of AIX's compiler. bz#2589, ok djm@ --- sshbuf-getput-basic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index ad21ae57..74c49be7 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -270,7 +270,7 @@ sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap) int r, len; u_char *p; - va_copy(ap2, ap); + VA_COPY(ap2, ap); if ((len = vsnprintf(NULL, 0, fmt, ap2)) < 0) { r = SSH_ERR_INVALID_ARGUMENT; goto out; @@ -280,7 +280,7 @@ sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap) goto out; /* Nothing to do */ } va_end(ap2); - va_copy(ap2, ap); + VA_COPY(ap2, ap); if ((r = sshbuf_reserve(buf, (size_t)len + 1, &p)) < 0) goto out; if ((r = vsnprintf((char *)p, len + 1, fmt, ap2)) != len) { -- cgit v1.2.3 From 4b2e2d3fd9dccff357e1e26ce9a5f2e103837a36 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 1 Jun 2017 04:51:58 +0000 Subject: upstream commit fix casts re constness Upstream-ID: e38f2bac162b37dbaf784d349c8327a6626fa266 --- sshbuf-getput-basic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 74c49be7..50648258 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.6 2016/06/16 11:00:17 dtucker Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.7 2017/06/01 04:51:58 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -365,7 +365,7 @@ sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len) int sshbuf_put_cstring(struct sshbuf *buf, const char *v) { - return sshbuf_put_string(buf, (u_char *)v, v == NULL ? 0 : strlen(v)); + return sshbuf_put_string(buf, v, v == NULL ? 0 : strlen(v)); } int -- cgit v1.2.3 From 101d164723ffbc38f8036b6f3ea3bfef771ba250 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 14 Jul 2019 23:32:27 +0000 Subject: upstream: add some functions to perform random-access read/write operations inside buffers with bounds checking. Intended to replace manual pointer arithmetic wherever possible. feedback and ok markus@ OpenBSD-Commit-ID: 91771fde7732738f1ffed078aa5d3bee6d198409 --- sshbuf-getput-basic.c | 163 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 162 insertions(+), 1 deletion(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 50648258..27058d5b 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.7 2017/06/01 04:51:58 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.8 2019/07/14 23:32:27 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -93,6 +93,93 @@ sshbuf_get_u8(struct sshbuf *buf, u_char *valp) return 0; } +static int +check_offset(const struct sshbuf *buf, int wr, size_t offset, size_t len) +{ + if (sshbuf_ptr(buf) == NULL) /* calls sshbuf_check_sanity() */ + return SSH_ERR_INTERNAL_ERROR; + if (offset >= SIZE_MAX - len) + return SSH_ERR_INVALID_ARGUMENT; + if (offset + len > sshbuf_len(buf)) { + return wr ? + SSH_ERR_NO_BUFFER_SPACE : SSH_ERR_MESSAGE_INCOMPLETE; + } + return 0; +} + +static int +check_roffset(const struct sshbuf *buf, size_t offset, size_t len, + const u_char **p) +{ + int r; + + *p = NULL; + if ((r = check_offset(buf, 0, offset, len)) != 0) + return r; + *p = sshbuf_ptr(buf) + offset; + return 0; +} + +int +sshbuf_peek_u64(const struct sshbuf *buf, size_t offset, u_int64_t *valp) +{ + const u_char *p = NULL; + int r; + + if (valp != NULL) + *valp = 0; + if ((r = check_roffset(buf, offset, 8, &p)) != 0) + return r; + if (valp != NULL) + *valp = PEEK_U64(p); + return 0; +} + +int +sshbuf_peek_u32(const struct sshbuf *buf, size_t offset, u_int32_t *valp) +{ + const u_char *p = NULL; + int r; + + if (valp != NULL) + *valp = 0; + if ((r = check_roffset(buf, offset, 4, &p)) != 0) + return r; + if (valp != NULL) + *valp = PEEK_U32(p); + return 0; +} + +int +sshbuf_peek_u16(const struct sshbuf *buf, size_t offset, u_int16_t *valp) +{ + const u_char *p = NULL; + int r; + + if (valp != NULL) + *valp = 0; + if ((r = check_roffset(buf, offset, 2, &p)) != 0) + return r; + if (valp != NULL) + *valp = PEEK_U16(p); + return 0; +} + +int +sshbuf_peek_u8(const struct sshbuf *buf, size_t offset, u_char *valp) +{ + const u_char *p = NULL; + int r; + + if (valp != NULL) + *valp = 0; + if ((r = check_roffset(buf, offset, 1, &p)) != 0) + return r; + if (valp != NULL) + *valp = *p; + return 0; +} + int sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp) { @@ -344,6 +431,80 @@ sshbuf_put_u8(struct sshbuf *buf, u_char val) return 0; } +static int +check_woffset(struct sshbuf *buf, size_t offset, size_t len, u_char **p) +{ + int r; + + *p = NULL; + if ((r = check_offset(buf, 1, offset, len)) != 0) + return r; + if (sshbuf_mutable_ptr(buf) == NULL) + return SSH_ERR_BUFFER_READ_ONLY; + *p = sshbuf_mutable_ptr(buf) + offset; + return 0; +} + +int +sshbuf_poke_u64(struct sshbuf *buf, size_t offset, u_int64_t val) +{ + u_char *p = NULL; + int r; + + if ((r = check_woffset(buf, offset, 8, &p)) != 0) + return r; + POKE_U64(p, val); + return 0; +} + +int +sshbuf_poke_u32(struct sshbuf *buf, size_t offset, u_int32_t val) +{ + u_char *p = NULL; + int r; + + if ((r = check_woffset(buf, offset, 4, &p)) != 0) + return r; + POKE_U32(p, val); + return 0; +} + +int +sshbuf_poke_u16(struct sshbuf *buf, size_t offset, u_int16_t val) +{ + u_char *p = NULL; + int r; + + if ((r = check_woffset(buf, offset, 2, &p)) != 0) + return r; + POKE_U16(p, val); + return 0; +} + +int +sshbuf_poke_u8(struct sshbuf *buf, size_t offset, u_char val) +{ + u_char *p = NULL; + int r; + + if ((r = check_woffset(buf, offset, 1, &p)) != 0) + return r; + *p = val; + return 0; +} + +int +sshbuf_poke(struct sshbuf *buf, size_t offset, void *v, size_t len) +{ + u_char *p = NULL; + int r; + + if ((r = check_woffset(buf, offset, len, &p)) != 0) + return r; + memcpy(p, v, len); + return 0; +} + int sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len) { -- cgit v1.2.3 From be02d7cbde3d211ec2ed2320a1f7d86b2339d758 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 6 Sep 2019 04:53:27 +0000 Subject: upstream: lots of things were relying on libcrypto headers to transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080 --- sshbuf-getput-basic.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 27058d5b..ffa20a02 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.8 2019/07/14 23:32:27 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.9 2019/09/06 04:53:27 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -24,6 +24,7 @@ #include #include #include +#include #include "ssherr.h" #include "sshbuf.h" -- cgit v1.2.3 From cfc1897a2002ec6c4dc879b24e8b3153c87ea2cf Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 9 Oct 2019 09:06:35 +1100 Subject: wrap stdint.h include in HAVE_STDINT_H make the indenting a little more consistent too.. Fixes Solaris 2.6; reported by Tom G. Christensen --- sshbuf-getput-basic.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index ffa20a02..d401a726 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -24,7 +24,9 @@ #include #include #include -#include +#ifdef HAVE_STDINT_H +# include +#endif #include "ssherr.h" #include "sshbuf.h" -- cgit v1.2.3 From 612b1dd1ec91ffb1e01f58cca0c6eb1d47bf4423 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 13 Dec 2019 19:09:37 +0000 Subject: upstream: allow sshbuf_put_stringb(buf, NULL); ok markus@ OpenBSD-Commit-ID: 91482c1ada9adb283165d48dafbb88ae91c657bd --- sshbuf-getput-basic.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'sshbuf-getput-basic.c') diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index d401a726..da834d00 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-basic.c,v 1.9 2019/09/06 04:53:27 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-basic.c,v 1.10 2019/12/13 19:09:37 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -535,6 +535,9 @@ sshbuf_put_cstring(struct sshbuf *buf, const char *v) int sshbuf_put_stringb(struct sshbuf *buf, const struct sshbuf *v) { + if (v == NULL) + return sshbuf_put_string(buf, NULL, 0); + return sshbuf_put_string(buf, sshbuf_ptr(v), sshbuf_len(v)); } -- cgit v1.2.3