search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix old typo (s/SYSVINITSTOPT/SYSVINITSTOP/)
[openssh.git] / sshbuf-getput-basic.c
blob5c71b0e535633e31eba285caa38a03d42ef92b47
1 /* $OpenBSD: sshbuf-getput-basic.c,v 1.13 2022/05/25 06:03:44 djm Exp $ */
2 /*
3 * Copyright (c) 2011 Damien Miller
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18 #define SSHBUF_INTERNAL
19 #include "includes.h"
20
21 #include <sys/types.h>
22
23 #include <stdarg.h>
24 #include <stdlib.h>
25 #include <stdio.h>
26 #include <string.h>
27 #ifdef HAVE_STDINT_H
28 # include <stdint.h>
29 #endif
30
31 #include "ssherr.h"
32 #include "sshbuf.h"
33
34 int
35 sshbuf_get(struct sshbuf *buf, void *v, size_t len)
36 {
37 const u_char *p = sshbuf_ptr(buf);
38 int r;
39
40 if ((r = sshbuf_consume(buf, len)) < 0)
41 return r;
42 if (v != NULL && len != 0)
43 memcpy(v, p, len);
44 return 0;
45 }
46
47 int
48 sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp)
49 {
50 const u_char *p = sshbuf_ptr(buf);
51 int r;
52
53 if ((r = sshbuf_consume(buf, 8)) < 0)
54 return r;
55 if (valp != NULL)
56 *valp = PEEK_U64(p);
57 return 0;
58 }
59
60 int
61 sshbuf_get_u32(struct sshbuf *buf, u_int32_t *valp)
62 {
63 const u_char *p = sshbuf_ptr(buf);
64 int r;
65
66 if ((r = sshbuf_consume(buf, 4)) < 0)
67 return r;
68 if (valp != NULL)
69 *valp = PEEK_U32(p);
70 return 0;
71 }
72
73 int
74 sshbuf_get_u16(struct sshbuf *buf, u_int16_t *valp)
75 {
76 const u_char *p = sshbuf_ptr(buf);
77 int r;
78
79 if ((r = sshbuf_consume(buf, 2)) < 0)
80 return r;
81 if (valp != NULL)
82 *valp = PEEK_U16(p);
83 return 0;
84 }
85
86 int
87 sshbuf_get_u8(struct sshbuf *buf, u_char *valp)
88 {
89 const u_char *p = sshbuf_ptr(buf);
90 int r;
91
92 if ((r = sshbuf_consume(buf, 1)) < 0)
93 return r;
94 if (valp != NULL)
95 *valp = (u_int8_t)*p;
96 return 0;
97 }
98
99 static int
100 check_offset(const struct sshbuf *buf, int wr, size_t offset, size_t len)
101 {
102 if (sshbuf_ptr(buf) == NULL) /* calls sshbuf_check_sanity() */
103 return SSH_ERR_INTERNAL_ERROR;
104 if (offset >= SIZE_MAX - len)
105 return SSH_ERR_INVALID_ARGUMENT;
106 if (offset + len > sshbuf_len(buf)) {
107 return wr ?
108 SSH_ERR_NO_BUFFER_SPACE : SSH_ERR_MESSAGE_INCOMPLETE;
109 }
110 return 0;
111 }
112
113 static int
114 check_roffset(const struct sshbuf *buf, size_t offset, size_t len,
115 const u_char **p)
116 {
117 int r;
118
119 *p = NULL;
120 if ((r = check_offset(buf, 0, offset, len)) != 0)
121 return r;
122 *p = sshbuf_ptr(buf) + offset;
123 return 0;
124 }
125
126 int
127 sshbuf_peek_u64(const struct sshbuf *buf, size_t offset, u_int64_t *valp)
128 {
129 const u_char *p = NULL;
130 int r;
131
132 if (valp != NULL)
133 *valp = 0;
134 if ((r = check_roffset(buf, offset, 8, &p)) != 0)
135 return r;
136 if (valp != NULL)
137 *valp = PEEK_U64(p);
138 return 0;
139 }
140
141 int
142 sshbuf_peek_u32(const struct sshbuf *buf, size_t offset, u_int32_t *valp)
143 {
144 const u_char *p = NULL;
145 int r;
146
147 if (valp != NULL)
148 *valp = 0;
149 if ((r = check_roffset(buf, offset, 4, &p)) != 0)
150 return r;
151 if (valp != NULL)
152 *valp = PEEK_U32(p);
153 return 0;
154 }
155
156 int
157 sshbuf_peek_u16(const struct sshbuf *buf, size_t offset, u_int16_t *valp)
158 {
159 const u_char *p = NULL;
160 int r;
161
162 if (valp != NULL)
163 *valp = 0;
164 if ((r = check_roffset(buf, offset, 2, &p)) != 0)
165 return r;
166 if (valp != NULL)
167 *valp = PEEK_U16(p);
168 return 0;
169 }
170
171 int
172 sshbuf_peek_u8(const struct sshbuf *buf, size_t offset, u_char *valp)
173 {
174 const u_char *p = NULL;
175 int r;
176
177 if (valp != NULL)
178 *valp = 0;
179 if ((r = check_roffset(buf, offset, 1, &p)) != 0)
180 return r;
181 if (valp != NULL)
182 *valp = *p;
183 return 0;
184 }
185
186 int
187 sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp)
188 {
189 const u_char *val;
190 size_t len;
191 int r;
192
193 if (valp != NULL)
194 *valp = NULL;
195 if (lenp != NULL)
196 *lenp = 0;
197 if ((r = sshbuf_get_string_direct(buf, &val, &len)) < 0)
198 return r;
199 if (valp != NULL) {
200 if ((*valp = malloc(len + 1)) == NULL) {
201 SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
202 return SSH_ERR_ALLOC_FAIL;
203 }
204 if (len != 0)
205 memcpy(*valp, val, len);
206 (*valp)[len] = '\0';
207 }
208 if (lenp != NULL)
209 *lenp = len;
210 return 0;
211 }
212
213 int
214 sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp)
215 {
216 size_t len;
217 const u_char *p;
218 int r;
219
220 if (valp != NULL)
221 *valp = NULL;
222 if (lenp != NULL)
223 *lenp = 0;
224 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) < 0)
225 return r;
226 if (valp != NULL)
227 *valp = p;
228 if (lenp != NULL)
229 *lenp = len;
230 if (sshbuf_consume(buf, len + 4) != 0) {
231 /* Shouldn't happen */
232 SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
233 SSHBUF_ABORT();
234 return SSH_ERR_INTERNAL_ERROR;
235 }
236 return 0;
237 }
238
239 int
240 sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp,
241 size_t *lenp)
242 {
243 u_int32_t len;
244 const u_char *p = sshbuf_ptr(buf);
245
246 if (valp != NULL)
247 *valp = NULL;
248 if (lenp != NULL)
249 *lenp = 0;
250 if (sshbuf_len(buf) < 4) {
251 SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE"));
252 return SSH_ERR_MESSAGE_INCOMPLETE;
253 }
254 len = PEEK_U32(p);
255 if (len > SSHBUF_SIZE_MAX - 4) {
256 SSHBUF_DBG(("SSH_ERR_STRING_TOO_LARGE"));
257 return SSH_ERR_STRING_TOO_LARGE;
258 }
259 if (sshbuf_len(buf) - 4 < len) {
260 SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE"));
261 return SSH_ERR_MESSAGE_INCOMPLETE;
262 }
263 if (valp != NULL)
264 *valp = p + 4;
265 if (lenp != NULL)
266 *lenp = len;
267 return 0;
268 }
269
270 int
271 sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp)
272 {
273 size_t len;
274 const u_char *p, *z;
275 int r;
276
277 if (valp != NULL)
278 *valp = NULL;
279 if (lenp != NULL)
280 *lenp = 0;
281 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0)
282 return r;
283 /* Allow a \0 only at the end of the string */
284 if (len > 0 &&
285 (z = memchr(p , '\0', len)) != NULL && z < p + len - 1) {
286 SSHBUF_DBG(("SSH_ERR_INVALID_FORMAT"));
287 return SSH_ERR_INVALID_FORMAT;
288 }
289 if ((r = sshbuf_skip_string(buf)) != 0)
290 return -1;
291 if (valp != NULL) {
292 if ((*valp = malloc(len + 1)) == NULL) {
293 SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
294 return SSH_ERR_ALLOC_FAIL;
295 }
296 if (len != 0)
297 memcpy(*valp, p, len);
298 (*valp)[len] = '\0';
299 }
300 if (lenp != NULL)
301 *lenp = (size_t)len;
302 return 0;
303 }
304
305 int
306 sshbuf_get_stringb(struct sshbuf *buf, struct sshbuf *v)
307 {
308 u_int32_t len;
309 u_char *p;
310 int r;
311
312 /*
313 * Use sshbuf_peek_string_direct() to figure out if there is
314 * a complete string in 'buf' and copy the string directly
315 * into 'v'.
316 */
317 if ((r = sshbuf_peek_string_direct(buf, NULL, NULL)) != 0 ||
318 (r = sshbuf_get_u32(buf, &len)) != 0 ||
319 (r = sshbuf_reserve(v, len, &p)) != 0 ||
320 (r = sshbuf_get(buf, p, len)) != 0)
321 return r;
322 return 0;
323 }
324
325 int
326 sshbuf_put(struct sshbuf *buf, const void *v, size_t len)
327 {
328 u_char *p;
329 int r;
330
331 if ((r = sshbuf_reserve(buf, len, &p)) < 0)
332 return r;
333 if (len != 0)
334 memcpy(p, v, len);
335 return 0;
336 }
337
338 int
339 sshbuf_putb(struct sshbuf *buf, const struct sshbuf *v)
340 {
341 if (v == NULL)
342 return 0;
343 return sshbuf_put(buf, sshbuf_ptr(v), sshbuf_len(v));
344 }
345
346 int
347 sshbuf_putf(struct sshbuf *buf, const char *fmt, ...)
348 {
349 va_list ap;
350 int r;
351
352 va_start(ap, fmt);
353 r = sshbuf_putfv(buf, fmt, ap);
354 va_end(ap);
355 return r;
356 }
357
358 int
359 sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap)
360 {
361 va_list ap2;
362 int r, len;
363 u_char *p;
364
365 VA_COPY(ap2, ap);
366 if ((len = vsnprintf(NULL, 0, fmt, ap2)) < 0) {
367 r = SSH_ERR_INVALID_ARGUMENT;
368 goto out;
369 }
370 if (len == 0) {
371 r = 0;
372 goto out; /* Nothing to do */
373 }
374 va_end(ap2);
375 VA_COPY(ap2, ap);
376 if ((r = sshbuf_reserve(buf, (size_t)len + 1, &p)) < 0)
377 goto out;
378 if ((r = vsnprintf((char *)p, len + 1, fmt, ap2)) != len) {
379 r = SSH_ERR_INTERNAL_ERROR;
380 goto out; /* Shouldn't happen */
381 }
382 /* Consume terminating \0 */
383 if ((r = sshbuf_consume_end(buf, 1)) != 0)
384 goto out;
385 r = 0;
386 out:
387 va_end(ap2);
388 return r;
389 }
390
391 int
392 sshbuf_put_u64(struct sshbuf *buf, u_int64_t val)
393 {
394 u_char *p;
395 int r;
396
397 if ((r = sshbuf_reserve(buf, 8, &p)) < 0)
398 return r;
399 POKE_U64(p, val);
400 return 0;
401 }
402
403 int
404 sshbuf_put_u32(struct sshbuf *buf, u_int32_t val)
405 {
406 u_char *p;
407 int r;
408
409 if ((r = sshbuf_reserve(buf, 4, &p)) < 0)
410 return r;
411 POKE_U32(p, val);
412 return 0;
413 }
414
415 int
416 sshbuf_put_u16(struct sshbuf *buf, u_int16_t val)
417 {
418 u_char *p;
419 int r;
420
421 if ((r = sshbuf_reserve(buf, 2, &p)) < 0)
422 return r;
423 POKE_U16(p, val);
424 return 0;
425 }
426
427 int
428 sshbuf_put_u8(struct sshbuf *buf, u_char val)
429 {
430 u_char *p;
431 int r;
432
433 if ((r = sshbuf_reserve(buf, 1, &p)) < 0)
434 return r;
435 p[0] = val;
436 return 0;
437 }
438
439 static int
440 check_woffset(struct sshbuf *buf, size_t offset, size_t len, u_char **p)
441 {
442 int r;
443
444 *p = NULL;
445 if ((r = check_offset(buf, 1, offset, len)) != 0)
446 return r;
447 if (sshbuf_mutable_ptr(buf) == NULL)
448 return SSH_ERR_BUFFER_READ_ONLY;
449 *p = sshbuf_mutable_ptr(buf) + offset;
450 return 0;
451 }
452
453 int
454 sshbuf_poke_u64(struct sshbuf *buf, size_t offset, u_int64_t val)
455 {
456 u_char *p = NULL;
457 int r;
458
459 if ((r = check_woffset(buf, offset, 8, &p)) != 0)
460 return r;
461 POKE_U64(p, val);
462 return 0;
463 }
464
465 int
466 sshbuf_poke_u32(struct sshbuf *buf, size_t offset, u_int32_t val)
467 {
468 u_char *p = NULL;
469 int r;
470
471 if ((r = check_woffset(buf, offset, 4, &p)) != 0)
472 return r;
473 POKE_U32(p, val);
474 return 0;
475 }
476
477 int
478 sshbuf_poke_u16(struct sshbuf *buf, size_t offset, u_int16_t val)
479 {
480 u_char *p = NULL;
481 int r;
482
483 if ((r = check_woffset(buf, offset, 2, &p)) != 0)
484 return r;
485 POKE_U16(p, val);
486 return 0;
487 }
488
489 int
490 sshbuf_poke_u8(struct sshbuf *buf, size_t offset, u_char val)
491 {
492 u_char *p = NULL;
493 int r;
494
495 if ((r = check_woffset(buf, offset, 1, &p)) != 0)
496 return r;
497 *p = val;
498 return 0;
499 }
500
501 int
502 sshbuf_poke(struct sshbuf *buf, size_t offset, void *v, size_t len)
503 {
504 u_char *p = NULL;
505 int r;
506
507 if ((r = check_woffset(buf, offset, len, &p)) != 0)
508 return r;
509 memcpy(p, v, len);
510 return 0;
511 }
512
513 int
514 sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len)
515 {
516 u_char *d;
517 int r;
518
519 if (len > SSHBUF_SIZE_MAX - 4) {
520 SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE"));
521 return SSH_ERR_NO_BUFFER_SPACE;
522 }
523 if ((r = sshbuf_reserve(buf, len + 4, &d)) < 0)
524 return r;
525 POKE_U32(d, len);
526 if (len != 0)
527 memcpy(d + 4, v, len);
528 return 0;
529 }
530
531 int
532 sshbuf_put_cstring(struct sshbuf *buf, const char *v)
533 {
534 return sshbuf_put_string(buf, v, v == NULL ? 0 : strlen(v));
535 }
536
537 int
538 sshbuf_put_stringb(struct sshbuf *buf, const struct sshbuf *v)
539 {
540 if (v == NULL)
541 return sshbuf_put_string(buf, NULL, 0);
542
543 return sshbuf_put_string(buf, sshbuf_ptr(v), sshbuf_len(v));
544 }
545
546 int
547 sshbuf_froms(struct sshbuf *buf, struct sshbuf **bufp)
548 {
549 const u_char *p;
550 size_t len;
551 struct sshbuf *ret;
552 int r;
553
554 if (buf == NULL || bufp == NULL)
555 return SSH_ERR_INVALID_ARGUMENT;
556 *bufp = NULL;
557 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0)
558 return r;
559 if ((ret = sshbuf_from(p, len)) == NULL)
560 return SSH_ERR_ALLOC_FAIL;
561 if ((r = sshbuf_consume(buf, len + 4)) != 0 || /* Shouldn't happen */
562 (r = sshbuf_set_parent(ret, buf)) != 0) {
563 sshbuf_free(ret);
564 return r;
565 }
566 *bufp = ret;
567 return 0;
568 }
569
570 int
571 sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len)
572 {
573 u_char *d;
574 const u_char *s = (const u_char *)v;
575 int r, prepend;
576
577 if (len > SSHBUF_SIZE_MAX - 5) {
578 SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE"));
579 return SSH_ERR_NO_BUFFER_SPACE;
580 }
581 /* Skip leading zero bytes */
582 for (; len > 0 && *s == 0; len--, s++)
583 ;
584 /*
585 * If most significant bit is set then prepend a zero byte to
586 * avoid interpretation as a negative number.
587 */
588 prepend = len > 0 && (s[0] & 0x80) != 0;
589 if ((r = sshbuf_reserve(buf, len + 4 + prepend, &d)) < 0)
590 return r;
591 POKE_U32(d, len + prepend);
592 if (prepend)
593 d[4] = 0;
594 if (len != 0)
595 memcpy(d + 4 + prepend, s, len);
596 return 0;
597 }
598
599 int
600 sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
601 const u_char **valp, size_t *lenp)
602 {
603 const u_char *d;
604 size_t len, olen;
605 int r;
606
607 if ((r = sshbuf_peek_string_direct(buf, &d, &olen)) < 0)
608 return r;
609 len = olen;
610 /* Refuse negative (MSB set) bignums */
611 if ((len != 0 && (*d & 0x80) != 0))
612 return SSH_ERR_BIGNUM_IS_NEGATIVE;
613 /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */
614 if (len > SSHBUF_MAX_BIGNUM + 1 ||
615 (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0))
616 return SSH_ERR_BIGNUM_TOO_LARGE;
617 /* Trim leading zeros */
618 while (len > 0 && *d == 0x00) {
619 d++;
620 len--;
621 }
622 if (valp != NULL)
623 *valp = d;
624 if (lenp != NULL)
625 *lenp = len;
626 if (sshbuf_consume(buf, olen + 4) != 0) {
627 /* Shouldn't happen */
628 SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
629 SSHBUF_ABORT();
630 return SSH_ERR_INTERNAL_ERROR;
631 }
632 return 0;
633 }
Portable OpenSSH is a multi-platform compatible version of OpenBSD's OpenSSH