search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
smbd: avoid a panic in close_directory()
[samba4-gss.git] / librpc / ndr / ndr_string.c
blob96272d679c00e53ce6f73162c20c29b3a16ac123
1 /*
2 Unix SMB/CIFS implementation.
3
4 routines for marshalling/unmarshalling string types
5
6 Copyright (C) Andrew Tridgell 2003
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "librpc/ndr/libndr.h"
24
25 /**
26 pull a general string from the wire
27 */
28 _PUBLIC_ enum ndr_err_code ndr_pull_string(struct ndr_pull *ndr, ndr_flags_type ndr_flags, const char **s)
29 {
30 char *as=NULL;
31 uint32_t len1, ofs, len2;
32 uint16_t len3;
33 size_t conv_src_len = 0, converted_size;
34 int do_convert = 1, chset = CH_UTF16;
35 unsigned byte_mul = 2;
36 libndr_flags flags = ndr->flags;
37 unsigned c_len_term = 0;
38
39 if (!(ndr_flags & NDR_SCALARS)) {
40 return NDR_ERR_SUCCESS;
41 }
42
43 if (NDR_BE(ndr)) {
44 chset = CH_UTF16BE;
45 }
46
47 /*
48 * We will check this flag, but from the unmodified
49 * ndr->flags, so just remove it from flags
50 */
51 flags &= ~LIBNDR_FLAG_STR_NO_EMBEDDED_NUL;
52
53 switch (flags & LIBNDR_ENCODING_FLAGS) {
54 case 0:
55 break;
56
57 case LIBNDR_FLAG_STR_ASCII:
58 chset = CH_DOS;
59 byte_mul = 1;
60 break;
61
62 case LIBNDR_FLAG_STR_UTF8:
63 chset = CH_UTF8;
64 byte_mul = 1;
65 break;
66
67 case LIBNDR_FLAG_STR_RAW8:
68 do_convert = 0;
69 byte_mul = 1;
70 break;
71
72 default:
73 return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS"\n",
74 ndr->flags & LIBNDR_STRING_FLAGS);
75 }
76 flags &= ~LIBNDR_ENCODING_FLAGS;
77
78 flags &= ~LIBNDR_FLAG_STR_CONFORMANT;
79 if (flags & LIBNDR_FLAG_STR_CHARLEN) {
80 c_len_term = 1;
81 flags &= ~LIBNDR_FLAG_STR_CHARLEN;
82 }
83
84 switch (flags & LIBNDR_STRING_FLAGS) {
85 case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4:
86 case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM:
87 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len1));
88 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &ofs));
89 if (ofs != 0) {
90 return ndr_pull_error(ndr, NDR_ERR_STRING, "non-zero array offset with string flags 0x%"PRI_LIBNDR_FLAGS"\n",
91 ndr->flags & LIBNDR_STRING_FLAGS);
92 }
93 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len2));
94 if (len2 > len1) {
95 return ndr_pull_error(ndr, NDR_ERR_STRING,
96 "Bad string lengths len1=%"PRIu32" ofs=%"PRIu32" len2=%"PRIu32"\n",
97 len1, ofs, len2);
98 } else if (len1 != len2) {
99 DEBUG(6,("len1[%"PRIu32"] != len2[%"PRIu32"]\n", len1, len2));
100 }
101 conv_src_len = len2 + c_len_term;
102 break;
103
104 case LIBNDR_FLAG_STR_SIZE4:
105 case LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM:
106 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len1));
107 conv_src_len = len1 + c_len_term;
108 break;
109
110 case LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_STR_BYTESIZE:
111 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len1));
112 conv_src_len = len1;
113 byte_mul = 1; /* the length is now absolute */
114 break;
115
116 case LIBNDR_FLAG_STR_LEN4:
117 case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_NOTERM:
118 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &ofs));
119 if (ofs != 0) {
120 return ndr_pull_error(ndr, NDR_ERR_STRING, "non-zero array offset with string flags 0x%"PRI_LIBNDR_FLAGS"\n",
121 ndr->flags & LIBNDR_STRING_FLAGS);
122 }
123 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len1));
124 conv_src_len = len1 + c_len_term;
125 break;
126
127 case LIBNDR_FLAG_STR_SIZE2:
128 case LIBNDR_FLAG_STR_SIZE2|LIBNDR_FLAG_STR_NOTERM:
129 NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &len3));
130 conv_src_len = len3 + c_len_term;
131 break;
132
133 case LIBNDR_FLAG_STR_SIZE2|LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_STR_BYTESIZE:
134 NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &len3));
135 conv_src_len = len3;
136 byte_mul = 1; /* the length is now absolute */
137 break;
138
139 case LIBNDR_FLAG_STR_NULLTERM:
140 /*
141 * We ensure that conv_src_len cannot equal 0 by
142 * requiring that there be enough bytes for at least
143 * the NULL terminator
144 */
145 if (byte_mul == 1) {
146 NDR_PULL_NEED_BYTES(ndr, 1);
147 conv_src_len = ascii_len_n((const char *)(ndr->data+ndr->offset), ndr->data_size - ndr->offset);
148 } else {
149 NDR_PULL_NEED_BYTES(ndr, 2);
150 conv_src_len = utf16_null_terminated_len_n(ndr->data+ndr->offset, ndr->data_size - ndr->offset);
151 }
152 byte_mul = 1; /* the length is now absolute */
153 break;
154
155 case LIBNDR_FLAG_STR_NOTERM:
156 if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) {
157 return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS" (missing NDR_REMAINING)\n",
158 ndr->flags & LIBNDR_STRING_FLAGS);
159 }
160 conv_src_len = ndr->data_size - ndr->offset;
161 byte_mul = 1; /* the length is now absolute */
162 break;
163
164 default:
165 return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS"\n",
166 ndr->flags & LIBNDR_STRING_FLAGS);
167 }
168
169 NDR_PULL_NEED_BYTES(ndr, conv_src_len * byte_mul);
170 if (conv_src_len == 0) {
171 as = talloc_strdup(ndr->current_mem_ctx, "");
172 converted_size = 0;
173 if (!as) {
174 return ndr_pull_error(ndr, NDR_ERR_ALLOC,
175 "Failed to talloc_strndup() in zero-length ndr_pull_string()");
176 }
177 } else {
178 if (!do_convert) {
179 as = talloc_strndup(ndr->current_mem_ctx,
180 (char *)ndr->data + ndr->offset,
181 conv_src_len);
182 if (!as) {
183 return ndr_pull_error(ndr, NDR_ERR_ALLOC,
184 "Failed to talloc_strndup() in RAW8 ndr_pull_string()");
185 }
186 converted_size = MIN(strlen(as)+1, conv_src_len);
187 } else if (!convert_string_talloc(ndr->current_mem_ctx, chset,
188 CH_UNIX, ndr->data + ndr->offset,
189 conv_src_len * byte_mul,
190 &as,
191 &converted_size)) {
192 return ndr_pull_error(ndr, NDR_ERR_CHARCNV,
193 "Bad character conversion with flags 0x%"PRI_LIBNDR_FLAGS, flags);
194 }
195 }
196
197 /* this is a way of detecting if a string is sent with the wrong
198 termination */
199 if (ndr->flags & LIBNDR_FLAG_STR_NOTERM) {
200 if (converted_size > 0 && as[converted_size-1] == '\0') {
201 DEBUG(6,("short string '%s', sent with NULL termination despite NOTERM flag in IDL\n", as));
202 }
203 /*
204 * We check the original ndr->flags as it has already
205 * been removed from the local variable flags
206 */
207 if (ndr->flags & LIBNDR_FLAG_STR_NO_EMBEDDED_NUL) {
208 size_t strlen_of_unix_string = strlen(as);
209 if (strlen_of_unix_string != converted_size) {
210 return ndr_pull_error(ndr, NDR_ERR_CHARCNV,
211 "Embedded NUL at position %zu in "
212 "converted string "
213 "(and therefore source string) "
214 "despite "
215 "LIBNDR_FLAG_STR_NO_EMBEDDED_NUL\n",
216 strlen_of_unix_string);
217 }
218 }
219 } else {
220 /*
221 * We check the original ndr->flags as it has already
222 * been removed from the local variable flags
223 */
224 if (ndr->flags & LIBNDR_FLAG_STR_NO_EMBEDDED_NUL) {
225 size_t strlen_of_unix_string = strlen(as);
226 if (converted_size > 0 && strlen_of_unix_string != converted_size - 1) {
227 return ndr_pull_error(ndr, NDR_ERR_CHARCNV,
228 "Embedded NUL at position %zu in "
229 "converted string "
230 "(and therefore source string) "
231 "despite "
232 "LIBNDR_FLAG_STR_NO_EMBEDDED_NUL\n",
233 strlen_of_unix_string);
234 }
235 }
236 if (converted_size > 0 && as[converted_size-1] != '\0') {
237 DEBUG(6,("long string '%s', sent without NULL termination (which was expected)\n", as));
238 }
239 }
240
241 NDR_CHECK(ndr_pull_advance(ndr, conv_src_len * byte_mul));
242 *s = as;
243
244 return NDR_ERR_SUCCESS;
245 }
246
247
248 /**
249 push a general string onto the wire
250 */
251 _PUBLIC_ enum ndr_err_code ndr_push_string(struct ndr_push *ndr, ndr_flags_type ndr_flags, const char *s)
252 {
253 ssize_t s_len, c_len;
254 size_t d_len;
255 int do_convert = 1, chset = CH_UTF16;
256 libndr_flags flags = ndr->flags;
257 unsigned byte_mul = 2;
258 const uint8_t *dest = NULL;
259 uint8_t *dest_to_free = NULL;
260 static const uint8_t null_byte[] = {0};
261 enum ndr_err_code ndr_err = NDR_ERR_SUCCESS;
262
263 if (!(ndr_flags & NDR_SCALARS)) {
264 return NDR_ERR_SUCCESS;
265 }
266
267 if (NDR_BE(ndr)) {
268 chset = CH_UTF16BE;
269 }
270
271 s_len = s?strlen(s):0;
272
273 /*
274 * We will check this flag, but from the unmodified
275 * ndr->flags, so just remove it from flags
276 */
277 flags &= ~LIBNDR_FLAG_STR_NO_EMBEDDED_NUL;
278
279 switch (flags & LIBNDR_ENCODING_FLAGS) {
280 case 0:
281 break;
282
283 case LIBNDR_FLAG_STR_ASCII:
284 chset = CH_DOS;
285 byte_mul = 1;
286 break;
287
288 case LIBNDR_FLAG_STR_UTF8:
289 chset = CH_UTF8;
290 byte_mul = 1;
291 break;
292
293 case LIBNDR_FLAG_STR_RAW8:
294 do_convert = 0;
295 byte_mul = 1;
296 break;
297
298 default:
299 return ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS"\n",
300 ndr->flags & LIBNDR_STRING_FLAGS);
301 }
302 flags &= ~LIBNDR_ENCODING_FLAGS;
303
304 flags &= ~LIBNDR_FLAG_STR_CONFORMANT;
305
306 if (!(flags & LIBNDR_FLAG_STR_NOTERM)) {
307 s_len++;
308 }
309
310 if (s_len == 0) {
311 d_len = 0;
312 dest = null_byte;
313 } else if (!do_convert) {
314 d_len = s_len;
315 dest = (const uint8_t *)s;
316 } else {
317 bool ok;
318
319 ok = convert_string_talloc(ndr, CH_UNIX, chset, s, s_len,
320 &dest_to_free, &d_len);
321 if (!ok) {
322 return ndr_push_error(ndr, NDR_ERR_CHARCNV,
323 "Bad character push conversion with flags 0x%"PRI_LIBNDR_FLAGS, flags);
324 }
325
326 dest = dest_to_free;
327 }
328
329 if (flags & LIBNDR_FLAG_STR_BYTESIZE) {
330 c_len = d_len;
331 flags &= ~LIBNDR_FLAG_STR_BYTESIZE;
332 } else if (flags & LIBNDR_FLAG_STR_CHARLEN) {
333 c_len = (d_len / byte_mul)-1;
334 flags &= ~LIBNDR_FLAG_STR_CHARLEN;
335 } else {
336 c_len = d_len / byte_mul;
337 }
338
339 switch (flags & LIBNDR_STRING_FLAGS) {
340 case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4:
341 case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM:
342 ndr_err = ndr_push_uint32(ndr, NDR_SCALARS, c_len);
343 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
344 goto out;
345 }
346 ndr_err = ndr_push_uint32(ndr, NDR_SCALARS, 0);
347 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
348 goto out;
349 }
350 ndr_err = ndr_push_uint32(ndr, NDR_SCALARS, c_len);
351 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
352 goto out;
353 }
354 ndr_err = ndr_push_bytes(ndr, dest, d_len);
355 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
356 goto out;
357 }
358 break;
359
360 case LIBNDR_FLAG_STR_LEN4:
361 case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_NOTERM:
362 ndr_err = ndr_push_uint32(ndr, NDR_SCALARS, 0);
363 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
364 goto out;
365 }
366 ndr_err = ndr_push_uint32(ndr, NDR_SCALARS, c_len);
367 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
368 goto out;
369 }
370 ndr_err = ndr_push_bytes(ndr, dest, d_len);
371 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
372 goto out;
373 }
374 break;
375
376 case LIBNDR_FLAG_STR_SIZE4:
377 case LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM:
378 ndr_err = ndr_push_uint32(ndr, NDR_SCALARS, c_len);
379 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
380 goto out;
381 }
382 ndr_err = ndr_push_bytes(ndr, dest, d_len);
383 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
384 goto out;
385 }
386 break;
387
388 case LIBNDR_FLAG_STR_SIZE2:
389 case LIBNDR_FLAG_STR_SIZE2|LIBNDR_FLAG_STR_NOTERM:
390 ndr_err = ndr_push_uint16(ndr, NDR_SCALARS, c_len);
391 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
392 goto out;
393 }
394 ndr_err = ndr_push_bytes(ndr, dest, d_len);
395 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
396 goto out;
397 }
398 break;
399
400 case LIBNDR_FLAG_STR_NULLTERM:
401 ndr_err = ndr_push_bytes(ndr, dest, d_len);
402 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
403 goto out;
404 }
405 break;
406
407 default:
408 if (ndr->flags & LIBNDR_FLAG_REMAINING) {
409 ndr_err = ndr_push_bytes(ndr, dest, d_len);
410 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
411 goto out;
412 }
413 break;
414 }
415
416 ndr_err = ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS"\n",
417 ndr->flags & LIBNDR_STRING_FLAGS);
418 goto out;
419 }
420
421 out:
422 TALLOC_FREE(dest_to_free);
423 return ndr_err;
424 }
425
426 /**
427 push a general string onto the wire
428 */
429 _PUBLIC_ size_t ndr_string_array_size(struct ndr_push *ndr, const char *s)
430 {
431 size_t c_len;
432 libndr_flags flags = ndr->flags;
433 unsigned byte_mul = 2;
434 unsigned c_len_term = 1;
435
436 if (flags & LIBNDR_FLAG_STR_RAW8) {
437 c_len = s?strlen(s):0;
438 } else {
439 c_len = s?strlen_m(s):0;
440 }
441
442 if (flags & (LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_RAW8|LIBNDR_FLAG_STR_UTF8)) {
443 byte_mul = 1;
444 }
445
446 if (flags & LIBNDR_FLAG_STR_NOTERM) {
447 c_len_term = 0;
448 }
449
450 c_len = c_len + c_len_term;
451
452 if (flags & LIBNDR_FLAG_STR_BYTESIZE) {
453 c_len = c_len * byte_mul;
454 }
455
456 return c_len;
457 }
458
459 _PUBLIC_ void ndr_print_string(struct ndr_print *ndr, const char *name, const char *s)
460 {
461 if (NDR_HIDE_SECRET(ndr)) {
462 ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
463 return;
464 }
465 if (s) {
466 ndr->print(ndr, "%-25s: '%s'", name, s);
467 } else {
468 ndr->print(ndr, "%-25s: NULL", name);
469 }
470 }
471
472 _PUBLIC_ uint32_t ndr_size_string(int ret, const char * const* string, ndr_flags_type flags)
473 {
474 /* FIXME: Is this correct for all strings ? */
475 if(!(*string)) return ret;
476 return ret+strlen(*string)+1;
477 }
478
479 /**
480 pull a UTF‐16 string from the wire
481 */
482 _PUBLIC_ enum ndr_err_code ndr_pull_u16string(struct ndr_pull *ndr,
483 ndr_flags_type ndr_flags,
484 const unsigned char **s)
485 {
486 unsigned char *as = NULL;
487 const char *const src_str = (char *)ndr->data + ndr->offset;
488 size_t src_len = 0;
489
490 if (!(ndr_flags & NDR_SCALARS)) {
491 return NDR_ERR_SUCCESS;
492 }
493
494 if (NDR_BE(ndr)) {
495 /*
496 * It isn’t clear how this type should be encoded in a
497 * big‐endian context.
498 */
499 return ndr_pull_error(
500 ndr,
501 NDR_ERR_STRING,
502 "u16string does not support big‐endian encoding\n");
503 }
504
505 if (ndr->flags & LIBNDR_ENCODING_FLAGS) {
506 return ndr_pull_error(
507 ndr,
508 NDR_ERR_STRING,
509 "Unsupported string flags 0x%" PRI_LIBNDR_FLAGS
510 " passed to ndr_pull_u16string()\n",
511 ndr->flags & LIBNDR_STRING_FLAGS);
512 }
513
514 switch (ndr->flags & LIBNDR_STRING_FLAGS) {
515 case LIBNDR_FLAG_STR_NULLTERM:
516 /*
517 * We ensure that src_len cannot equal 0 by
518 * requiring that there be enough bytes for at least
519 * the NULL terminator
520 */
521 NDR_PULL_NEED_BYTES(ndr, 2);
522 src_len = utf16_null_terminated_len_n(src_str,
523 ndr->data_size -
524 ndr->offset);
525 break;
526
527 default:
528 return ndr_pull_error(
529 ndr,
530 NDR_ERR_STRING,
531 "Unsupported string flags 0x%" PRI_LIBNDR_FLAGS
532 " passed to ndr_pull_u16string()\n",
533 ndr->flags & LIBNDR_STRING_FLAGS);
534 }
535
536 NDR_PULL_NEED_BYTES(ndr, src_len);
537 as = talloc_utf16_strlendup(ndr->current_mem_ctx,
538 src_str,
539 src_len);
540 if (as == NULL) {
541 return ndr_pull_error(ndr,
542 NDR_ERR_ALLOC,
543 "Failed to talloc_utf16_strlendup() in "
544 "ndr_pull_u16string()");
545 }
546
547 NDR_CHECK(ndr_pull_advance(ndr, src_len));
548 *s = as;
549
550 return NDR_ERR_SUCCESS;
551 }
552
553 /**
554 push a UTF‐16 string onto the wire
555 */
556 _PUBLIC_ enum ndr_err_code ndr_push_u16string(struct ndr_push *ndr,
557 ndr_flags_type ndr_flags,
558 const unsigned char *s)
559 {
560 size_t s_len;
561
562 if (!(ndr_flags & NDR_SCALARS)) {
563 return NDR_ERR_SUCCESS;
564 }
565
566 if (NDR_BE(ndr)) {
567 /*
568 * It isn’t clear how this type should be encoded in a
569 * big‐endian context.
570 */
571 return ndr_push_error(
572 ndr,
573 NDR_ERR_STRING,
574 "u16string does not support big‐endian encoding\n");
575 }
576
577 if (s == NULL) {
578 return ndr_push_error(
579 ndr,
580 NDR_ERR_INVALID_POINTER,
581 "NULL pointer passed to ndr_push_u16string()");
582 }
583
584 s_len = utf16_null_terminated_len(s);
585 if (s_len > UINT32_MAX) {
586 return ndr_push_error(
587 ndr,
588 NDR_ERR_LENGTH,
589 "length overflow in ndr_push_u16string()");
590 }
591
592 if (ndr->flags & LIBNDR_ENCODING_FLAGS) {
593 return ndr_push_error(
594 ndr,
595 NDR_ERR_STRING,
596 "Unsupported string flags 0x%" PRI_LIBNDR_FLAGS
597 " passed to ndr_push_u16string()\n",
598 ndr->flags & LIBNDR_STRING_FLAGS);
599 }
600
601 switch (ndr->flags & LIBNDR_STRING_FLAGS) {
602 case LIBNDR_FLAG_STR_NULLTERM:
603 NDR_CHECK(ndr_push_bytes(ndr, s, s_len));
604 break;
605
606 default:
607 if (ndr->flags & LIBNDR_FLAG_REMAINING) {
608 NDR_CHECK(ndr_push_bytes(ndr, s, s_len));
609 break;
610 }
611
612 return ndr_push_error(
613 ndr,
614 NDR_ERR_STRING,
615 "Unsupported string flags 0x%" PRI_LIBNDR_FLAGS
616 " passed to ndr_push_u16string()\n",
617 ndr->flags & LIBNDR_STRING_FLAGS);
618 }
619
620 return NDR_ERR_SUCCESS;
621 }
622
623 _PUBLIC_ void ndr_print_u16string(struct ndr_print *ndr,
624 const char *name,
625 const unsigned char *s)
626 {
627 return ndr_print_array_uint8(ndr,
628 name,
629 s,
630 utf16_len(s));
631 }
632
633 static uint32_t guess_string_array_size(struct ndr_pull *ndr, ndr_flags_type ndr_flags)
634 {
635 /*
636 * Here we could do something clever like count the number of zeros in
637 * the ndr data, but it is probably sufficient to pick a lowish number
638 * (compared to the overhead of the talloc header) and let the
639 * exponential resizing deal with longer arrays.
640 */
641 return 5;
642 }
643
644 static enum ndr_err_code extend_string_array(struct ndr_pull *ndr,
645 const char ***_a,
646 uint32_t *count)
647 {
648 const char **a = *_a;
649 uint32_t inc = *count / 4 + 3;
650 uint32_t alloc_size = *count + inc;
651
652 if (alloc_size < *count) {
653 /* overflow ! */
654 return NDR_ERR_ALLOC;
655 }
656 /*
657 * We allocate and zero two more bytes than we report back, so that
658 * the string array will always be NULL terminated.
659 */
660 a = talloc_realloc(ndr->current_mem_ctx, a,
661 const char *,
662 alloc_size);
663 NDR_ERR_HAVE_NO_MEMORY(a);
664
665 memset(a + *count, 0, inc * sizeof(a[0]));
666 *_a = a;
667 *count = alloc_size - 2;
668 return NDR_ERR_SUCCESS;
669 }
670
671 /**
672 pull a general string array from the wire
673 */
674 _PUBLIC_ enum ndr_err_code ndr_pull_string_array(struct ndr_pull *ndr, ndr_flags_type ndr_flags, const char ***_a)
675 {
676 const char **a = NULL;
677 uint32_t count;
678 libndr_flags flags = ndr->flags;
679 libndr_flags saved_flags = ndr->flags;
680 uint32_t alloc_size;
681
682 if (!(ndr_flags & NDR_SCALARS)) {
683 return NDR_ERR_SUCCESS;
684 }
685
686 alloc_size = guess_string_array_size(ndr, ndr_flags);
687 a = talloc_zero_array(ndr->current_mem_ctx, const char *, alloc_size + 2);
688 NDR_ERR_HAVE_NO_MEMORY(a);
689
690 switch (flags & (LIBNDR_FLAG_STR_NULLTERM|LIBNDR_FLAG_STR_NOTERM)) {
691 case LIBNDR_FLAG_STR_NULLTERM:
692 /*
693 * here the strings are null terminated
694 * but also the array is null terminated if LIBNDR_FLAG_REMAINING
695 * is specified
696 */
697 for (count = 0;; count++) {
698 TALLOC_CTX *tmp_ctx;
699 const char *s = NULL;
700 if (count == alloc_size) {
701 NDR_CHECK(extend_string_array(ndr,
702 &a,
703 &alloc_size));
704 }
705
706 tmp_ctx = ndr->current_mem_ctx;
707 ndr->current_mem_ctx = a;
708 NDR_CHECK(ndr_pull_string(ndr, ndr_flags, &s));
709 ndr->current_mem_ctx = tmp_ctx;
710 if ((ndr->data_size - ndr->offset) == 0 && ndr->flags & LIBNDR_FLAG_REMAINING)
711 {
712 a[count] = s;
713 break;
714 }
715 if (strcmp("", s)==0) {
716 a[count] = NULL;
717 break;
718 } else {
719 a[count] = s;
720 }
721 }
722
723 *_a =a;
724 break;
725
726 case LIBNDR_FLAG_STR_NOTERM:
727 if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) {
728 return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS" (missing NDR_REMAINING)\n",
729 ndr->flags & LIBNDR_STRING_FLAGS);
730 }
731 /*
732 * here the strings are not null terminated
733 * but separated by a null terminator
734 *
735 * which means the same as:
736 * Every string is null terminated except the last
737 * string is terminated by the end of the buffer
738 *
739 * as LIBNDR_FLAG_STR_NULLTERM also end at the end
740 * of the buffer, we can pull each string with this flag
741 *
742 * The big difference with the case LIBNDR_FLAG_STR_NOTERM +
743 * LIBNDR_FLAG_REMAINING is that the last string will not be null terminated
744 */
745 ndr->flags &= ~(LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_REMAINING);
746 ndr->flags |= LIBNDR_FLAG_STR_NULLTERM;
747
748 for (count = 0; ((ndr->data_size - ndr->offset) > 0); count++) {
749 TALLOC_CTX *tmp_ctx;
750 const char *s = NULL;
751 if (count == alloc_size) {
752 NDR_CHECK(extend_string_array(ndr,
753 &a,
754 &alloc_size));
755 }
756
757 tmp_ctx = ndr->current_mem_ctx;
758 ndr->current_mem_ctx = a;
759 NDR_CHECK(ndr_pull_string(ndr, ndr_flags, &s));
760 ndr->current_mem_ctx = tmp_ctx;
761 a[count] = s;
762 }
763
764 a = talloc_realloc(ndr->current_mem_ctx, a, const char *, count + 1);
765 NDR_ERR_HAVE_NO_MEMORY(a);
766 *_a = a;
767 break;
768
769 default:
770 return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS"\n",
771 ndr->flags & LIBNDR_STRING_FLAGS);
772 }
773
774 ndr->flags = saved_flags;
775 return NDR_ERR_SUCCESS;
776 }
777
778 /**
779 push a general string array onto the wire
780 */
781 _PUBLIC_ enum ndr_err_code ndr_push_string_array(struct ndr_push *ndr, ndr_flags_type ndr_flags, const char **a)
782 {
783 uint32_t count;
784 libndr_flags flags = ndr->flags;
785 libndr_flags saved_flags = ndr->flags;
786
787 if (!(ndr_flags & NDR_SCALARS)) {
788 return NDR_ERR_SUCCESS;
789 }
790
791 switch (flags & LIBNDR_STRING_FLAGS) {
792 case LIBNDR_FLAG_STR_NULLTERM:
793 for (count = 0; a && a[count]; count++) {
794 NDR_CHECK(ndr_push_string(ndr, ndr_flags, a[count]));
795 }
796 /* If LIBNDR_FLAG_REMAINING then we do not add a null terminator to the array */
797 if (!(flags & LIBNDR_FLAG_REMAINING))
798 {
799 NDR_CHECK(ndr_push_string(ndr, ndr_flags, ""));
800 }
801 break;
802
803 case LIBNDR_FLAG_STR_NOTERM:
804 if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) {
805 return ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS" (missing NDR_REMAINING)\n",
806 ndr->flags & LIBNDR_STRING_FLAGS);
807 }
808
809 for (count = 0; a && a[count]; count++) {
810 if (count > 0) {
811 ndr->flags &= ~(LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_REMAINING);
812 ndr->flags |= LIBNDR_FLAG_STR_NULLTERM;
813 NDR_CHECK(ndr_push_string(ndr, ndr_flags, ""));
814 ndr->flags = saved_flags;
815 }
816 NDR_CHECK(ndr_push_string(ndr, ndr_flags, a[count]));
817 }
818
819 break;
820
821 default:
822 return ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%"PRI_LIBNDR_FLAGS"\n",
823 ndr->flags & LIBNDR_STRING_FLAGS);
824 }
825
826 ndr->flags = saved_flags;
827 return NDR_ERR_SUCCESS;
828 }
829
830 _PUBLIC_ void ndr_print_string_array(struct ndr_print *ndr, const char *name, const char **a)
831 {
832 uint32_t count;
833 uint32_t i;
834
835 for (count = 0; a && a[count]; count++) {}
836
837 ndr->print(ndr, "%s: ARRAY(%"PRIu32")", name, count);
838 ndr->depth++;
839 for (i=0;i<count;i++) {
840 char *idx=NULL;
841 if (asprintf(&idx, "[%"PRIu32"]", i) != -1) {
842 ndr_print_string(ndr, idx, a[i]);
843 free(idx);
844 }
845 }
846 ndr->depth--;
847 }
848
849 _PUBLIC_ size_t ndr_size_string_array(const char **a, uint32_t count, libndr_flags flags)
850 {
851 uint32_t i;
852 size_t size = 0;
853 int rawbytes = 0;
854
855 if (flags & LIBNDR_FLAG_STR_RAW8) {
856 rawbytes = 1;
857 flags &= ~LIBNDR_FLAG_STR_RAW8;
858 }
859
860 switch (flags & LIBNDR_STRING_FLAGS) {
861 case LIBNDR_FLAG_STR_NULLTERM:
862 for (i = 0; i < count; i++) {
863 size += rawbytes?strlen(a[i]) + 1:strlen_m_term(a[i]);
864 }
865 break;
866 case LIBNDR_FLAG_STR_NOTERM:
867 for (i = 0; i < count; i++) {
868 size += rawbytes?strlen(a[i]):strlen_m(a[i]);
869 }
870 break;
871 default:
872 return 0;
873 }
874
875 return size;
876 }
877
878 /**
879 * Return number of elements in a string including the last (zeroed) element
880 */
881 _PUBLIC_ uint32_t ndr_string_length(const void *_var, uint32_t element_size)
882 {
883 uint32_t i;
884 uint8_t zero[4] = {0,0,0,0};
885 const char *var = (const char *)_var;
886
887 for (i = 0; memcmp(var+i*element_size,zero,element_size) != 0; i++);
888
889 return i+1;
890 }
891
892 /**
893 * @brief Get the string length including the null terminator if available.
894 *
895 * This checks the string length based on the elements. The returned number
896 * includes the terminating null byte(s) if found.
897 *
898 * @param[in] _var The string to calculate the length for.
899 *
900 * @param[in] length The length of the buffer passed by _var.
901 *
902 * @param[in] element_size The element_size of a string char in bytes.
903 *
904 * @return The length of the strings or 0.
905 */
906 static uint32_t ndr_string_n_length(const void *_var,
907 size_t length,
908 uint32_t element_size)
909 {
910 size_t i = 0;
911 uint8_t zero[4] = {0,0,0,0};
912 const char *var = (const char *)_var;
913 int cmp;
914
915 if (element_size > 4) {
916 return 0;
917 }
918
919 for (i = 0; i < length; i++, var += element_size) {
920 cmp = memcmp(var, zero, element_size);
921 if (cmp == 0) {
922 break;
923 }
924 }
925
926 if (i == length) {
927 return length;
928 }
929
930 return i + 1;
931 }
932
933 _PUBLIC_ enum ndr_err_code ndr_check_string_terminator(struct ndr_pull *ndr, uint32_t count, uint32_t element_size)
934 {
935 uint32_t i;
936 uint32_t save_offset;
937
938 if (count == 0) {
939 return NDR_ERR_RANGE;
940 }
941
942 if (element_size && count - 1 > UINT32_MAX / element_size) {
943 return NDR_ERR_RANGE;
944 }
945
946 save_offset = ndr->offset;
947 NDR_CHECK(ndr_pull_advance(ndr, (count - 1) * element_size));
948 NDR_PULL_NEED_BYTES(ndr, element_size);
949
950 for (i = 0; i < element_size; i++) {
951 if (ndr->data[ndr->offset+i] != 0) {
952 ndr->offset = save_offset;
953
954 return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "String terminator not present or outside string boundaries");
955 }
956 }
957
958 ndr->offset = save_offset;
959
960 return NDR_ERR_SUCCESS;
961 }
962
963 _PUBLIC_ enum ndr_err_code ndr_pull_charset(struct ndr_pull *ndr, ndr_flags_type ndr_flags, const char **var, uint32_t length, uint8_t byte_mul, charset_t chset)
964 {
965 size_t converted_size;
966
967 if (length == 0) {
968 *var = talloc_strdup(ndr->current_mem_ctx, "");
969 if (*var == NULL) {
970 return ndr_pull_error(ndr, NDR_ERR_ALLOC,
971 "Failed to talloc_strdup() in ndr_pull_charset()");
972 }
973 return NDR_ERR_SUCCESS;
974 }
975
976 if (NDR_BE(ndr) && chset == CH_UTF16) {
977 chset = CH_UTF16BE;
978 }
979
980 if ((byte_mul != 0) && (length > UINT32_MAX/byte_mul)) {
981 return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, "length overflow");
982 }
983 NDR_PULL_NEED_BYTES(ndr, length*byte_mul);
984
985 if (!convert_string_talloc(ndr->current_mem_ctx, chset, CH_UNIX,
986 ndr->data+ndr->offset, length*byte_mul,
987 var,
988 &converted_size))
989 {
990 return ndr_pull_error(ndr, NDR_ERR_CHARCNV,
991 "Bad character conversion");
992 }
993 NDR_CHECK(ndr_pull_advance(ndr, length*byte_mul));
994
995 return NDR_ERR_SUCCESS;
996 }
997
998 _PUBLIC_ enum ndr_err_code ndr_pull_charset_to_null(struct ndr_pull *ndr, ndr_flags_type ndr_flags, const char **var, uint32_t length, uint8_t byte_mul, charset_t chset)
999 {
1000 size_t converted_size;
1001 uint32_t str_len;
1002
1003 if (length == 0) {
1004 *var = talloc_strdup(ndr->current_mem_ctx, "");
1005 if (*var == NULL) {
1006 return ndr_pull_error(ndr, NDR_ERR_ALLOC,
1007 "Failed to talloc_strdup() in ndr_pull_charset_to_null()");
1008 }
1009 return NDR_ERR_SUCCESS;
1010 }
1011
1012 if (NDR_BE(ndr) && chset == CH_UTF16) {
1013 chset = CH_UTF16BE;
1014 }
1015
1016 if ((byte_mul != 0) && (length > UINT32_MAX/byte_mul)) {
1017 return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, "length overflow");
1018 }
1019 NDR_PULL_NEED_BYTES(ndr, length*byte_mul);
1020
1021 str_len = ndr_string_n_length(ndr->data+ndr->offset, length, byte_mul);
1022 if (str_len == 0) {
1023 return ndr_pull_error(ndr, NDR_ERR_LENGTH,
1024 "Invalid length");
1025 }
1026
1027 if (!convert_string_talloc(ndr->current_mem_ctx, chset, CH_UNIX,
1028 ndr->data+ndr->offset, str_len*byte_mul,
1029 var,
1030 &converted_size))
1031 {
1032 return ndr_pull_error(ndr, NDR_ERR_CHARCNV,
1033 "Bad character conversion");
1034 }
1035 NDR_CHECK(ndr_pull_advance(ndr, length*byte_mul));
1036
1037 return NDR_ERR_SUCCESS;
1038 }
1039
1040 _PUBLIC_ enum ndr_err_code ndr_push_charset(struct ndr_push *ndr, ndr_flags_type ndr_flags, const char *var, uint32_t length, uint8_t byte_mul, charset_t chset)
1041 {
1042 size_t required;
1043
1044 if (NDR_BE(ndr) && chset == CH_UTF16) {
1045 chset = CH_UTF16BE;
1046 }
1047
1048 if ((byte_mul != 0) && (length > SIZE_MAX/byte_mul)) {
1049 return ndr_push_error(ndr, NDR_ERR_LENGTH, "length overflow");
1050 }
1051 required = byte_mul * length;
1052
1053 NDR_PUSH_NEED_BYTES(ndr, required);
1054
1055 if (required) {
1056 size_t size = 0;
1057
1058 if (var == NULL) {
1059 return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer");
1060 }
1061
1062 if (!convert_string(CH_UNIX, chset,
1063 var, strlen(var),
1064 ndr->data+ndr->offset, required, &size)) {
1065 return ndr_push_error(ndr, NDR_ERR_CHARCNV,
1066 "Bad character conversion");
1067 }
1068
1069 /* Make sure the remaining part of the string is filled with zeroes */
1070 if (size < required) {
1071 memset(ndr->data+ndr->offset+size, 0, required-size);
1072 }
1073 }
1074
1075 ndr->offset += required;
1076
1077 return NDR_ERR_SUCCESS;
1078 }
1079
1080 _PUBLIC_ enum ndr_err_code ndr_push_charset_to_null(struct ndr_push *ndr, ndr_flags_type ndr_flags, const char *var, uint32_t length, uint8_t byte_mul, charset_t chset)
1081 {
1082 const char *str = var;
1083
1084 if (str == NULL) {
1085 str = "\0"; /* i.e. two zero bytes, for UTF16 null word. */
1086 length = 1;
1087 }
1088
1089 return ndr_push_charset(ndr, ndr_flags, str, length, byte_mul, chset);
1090 }
1091
1092 /* Return number of elements in a string in the specified charset */
1093 _PUBLIC_ uint32_t ndr_charset_length(const void *var, charset_t chset)
1094 {
1095 switch (chset) {
1096 /* case CH_UTF16: this has the same value as CH_UTF16LE */
1097 case CH_UTF16LE:
1098 case CH_UTF16BE:
1099 case CH_UTF16MUNGED:
1100 case CH_UTF8:
1101 return strlen_m_ext_term((const char *)var, CH_UNIX, chset);
1102 case CH_DOS:
1103 case CH_UNIX:
1104 return strlen((const char *)var)+1;
1105 default:
1106 /* Fallback, this should never happen */
1107 return strlen((const char *)var)+1;
1108 }
1109 }
GSS-enabled samba4