/src/hpn-ssh/sshbuf-misc.c

Source (jump to first uncovered line)
/*  $OpenBSD: sshbuf-misc.c,v 1.18 2022/01/22 00:43:43 djm Exp $  */
/*
 * Copyright (c) 2011 Damien Miller
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include "includes.h"

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <errno.h>
#include <stdlib.h>
#ifdef HAVE_STDINT_H
# include <stdint.h>
#endif
#include <stdio.h>
#include <limits.h>
#include <string.h>
#include <resolv.h>
#include <ctype.h>
#include <unistd.h>

#include "ssherr.h"
#define SSHBUF_INTERNAL
#include "sshbuf.h"

void
sshbuf_dump_data(const void *s, size_t len, FILE *f)
{
  size_t i, j;
  const u_char *p = (const u_char *)s;

  for (i = 0; i < len; i += 16) {
    fprintf(f, "%.4zu: ", i);
    for (j = i; j < i + 16; j++) {
      if (j < len)
        fprintf(f, "%02x ", p[j]);
      else
        fprintf(f, "   ");
    }
    fprintf(f, " ");
    for (j = i; j < i + 16; j++) {
      if (j < len) {
        if  (isascii(p[j]) && isprint(p[j]))
          fprintf(f, "%c", p[j]);
        else
          fprintf(f, ".");
      }
    }
    fprintf(f, "\n");
  }
}

void
sshbuf_dump(const struct sshbuf *buf, FILE *f)
{
  fprintf(f, "buffer len = %zu\n", sshbuf_len(buf));
  sshbuf_dump_data(sshbuf_ptr(buf), sshbuf_len(buf), f);
}

char *
sshbuf_dtob16(struct sshbuf *buf)
{
  size_t i, j, len = sshbuf_len(buf);
  const u_char *p = sshbuf_ptr(buf);
  char *ret;
  const char hex[] = "0123456789abcdef";

  if (len == 0)
    return strdup("");
  if (SIZE_MAX / 2 <= len || (ret = malloc(len * 2 + 1)) == NULL)
    return NULL;
  for (i = j = 0; i < len; i++) {
    ret[j++] = hex[(p[i] >> 4) & 0xf];
    ret[j++] = hex[p[i] & 0xf];
  }
  ret[j] = '\0';
  return ret;
}

int
sshbuf_dtob64(const struct sshbuf *d, struct sshbuf *b64, int wrap)
{
  size_t i, slen = 0;
  char *s = NULL;
  int r;

  if (d == NULL || b64 == NULL || sshbuf_len(d) >= SIZE_MAX / 2)
    return SSH_ERR_INVALID_ARGUMENT;
  if (sshbuf_len(d) == 0)
    return 0;
  slen = ((sshbuf_len(d) + 2) / 3) * 4 + 1;
  if ((s = malloc(slen)) == NULL)
    return SSH_ERR_ALLOC_FAIL;
  if (b64_ntop(sshbuf_ptr(d), sshbuf_len(d), s, slen) == -1) {
    r = SSH_ERR_INTERNAL_ERROR;
    goto fail;
  }
  if (wrap) {
    for (i = 0; s[i] != '\0'; i++) {
      if ((r = sshbuf_put_u8(b64, s[i])) != 0)
        goto fail;
      if (i % 70 == 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
        goto fail;
    }
    if ((i - 1) % 70 != 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
      goto fail;
  } else {
    if ((r = sshbuf_put(b64, s, strlen(s))) != 0)
      goto fail;
  }
  /* Success */
  r = 0;
 fail:
  freezero(s, slen);
  return r;
}

char *
sshbuf_dtob64_string(const struct sshbuf *buf, int wrap)
{
  struct sshbuf *tmp;
  char *ret;

  if ((tmp = sshbuf_new()) == NULL)
    return NULL;
  if (sshbuf_dtob64(buf, tmp, wrap) != 0) {
    sshbuf_free(tmp);
    return NULL;
  }
  ret = sshbuf_dup_string(tmp);
  sshbuf_free(tmp);
  return ret;
}

int
sshbuf_b64tod(struct sshbuf *buf, const char *b64)
{
  size_t plen = strlen(b64);
  int nlen, r;
  u_char *p;

  if (plen == 0)
    return 0;
  if ((p = malloc(plen)) == NULL)
    return SSH_ERR_ALLOC_FAIL;
  if ((nlen = b64_pton(b64, p, plen)) < 0) {
    freezero(p, plen);
    return SSH_ERR_INVALID_FORMAT;
  }
  if ((r = sshbuf_put(buf, p, nlen)) < 0) {
    freezero(p, plen);
    return r;
  }
  freezero(p, plen);
  return 0;
}

int
sshbuf_dtourlb64(const struct sshbuf *d, struct sshbuf *b64, int wrap)
{
  int r = SSH_ERR_INTERNAL_ERROR;
  u_char *p;
  struct sshbuf *b = NULL;
  size_t i, l;

  if ((b = sshbuf_new()) == NULL)
    return SSH_ERR_ALLOC_FAIL;
  /* Encode using regular base64; we'll transform it once done */
  if ((r = sshbuf_dtob64(d, b, wrap)) != 0)
    goto out;
  /* remove padding from end of encoded string*/
  for (;;) {
    l = sshbuf_len(b);
    if (l <= 1 || sshbuf_ptr(b) == NULL) {
      r = SSH_ERR_INTERNAL_ERROR;
      goto out;
    }
    if (sshbuf_ptr(b)[l - 1] != '=')
      break;
    if ((r = sshbuf_consume_end(b, 1)) != 0)
      goto out;
  }
  /* Replace characters with rfc4648 equivalents */
  l = sshbuf_len(b);
  if ((p = sshbuf_mutable_ptr(b)) == NULL) {
    r = SSH_ERR_INTERNAL_ERROR;
    goto out;
  }
  for (i = 0; i < l; i++) {
    if (p[i] == '+')
      p[i] = '-';
    else if (p[i] == '/')
      p[i] = '_';
  }
  r = sshbuf_putb(b64, b);
 out:
  sshbuf_free(b);
  return r;
}

char *
sshbuf_dup_string(struct sshbuf *buf)
{
  const u_char *p = NULL, *s = sshbuf_ptr(buf);
  size_t l = sshbuf_len(buf);
  char *r;

  if (s == NULL || l > SIZE_MAX)
    return NULL;
  /* accept a nul only as the last character in the buffer */
  if (l > 0 && (p = memchr(s, '\0', l)) != NULL) {
    if (p != s + l - 1)
      return NULL;
    l--; /* the nul is put back below */
  }
  if ((r = malloc(l + 1)) == NULL)
    return NULL;
  if (l > 0)
    memcpy(r, s, l);
  r[l] = '\0';
  return r;
}

int
sshbuf_cmp(const struct sshbuf *b, size_t offset,
    const void *s, size_t len)
{
  if (sshbuf_ptr(b) == NULL)
    return SSH_ERR_INTERNAL_ERROR;
  if (offset > SSHBUF_SIZE_MAX || len > SSHBUF_SIZE_MAX || len == 0)
    return SSH_ERR_INVALID_ARGUMENT;
  if (offset + len > sshbuf_len(b))
    return SSH_ERR_MESSAGE_INCOMPLETE;
  if (timingsafe_bcmp(sshbuf_ptr(b) + offset, s, len) != 0)
    return SSH_ERR_INVALID_FORMAT;
  return 0;
}

int
sshbuf_find(const struct sshbuf *b, size_t start_offset,
    const void *s, size_t len, size_t *offsetp)
{
  void *p;

  if (offsetp != NULL)
    *offsetp = 0;
  if (sshbuf_ptr(b) == NULL)
    return SSH_ERR_INTERNAL_ERROR;
  if (start_offset > SSHBUF_SIZE_MAX || len > SSHBUF_SIZE_MAX || len == 0)
    return SSH_ERR_INVALID_ARGUMENT;
  if (start_offset > sshbuf_len(b) || start_offset + len > sshbuf_len(b))
    return SSH_ERR_MESSAGE_INCOMPLETE;
  if ((p = memmem(sshbuf_ptr(b) + start_offset,
      sshbuf_len(b) - start_offset, s, len)) == NULL)
    return SSH_ERR_INVALID_FORMAT;
  if (offsetp != NULL)
    *offsetp = (const u_char *)p - sshbuf_ptr(b);
  return 0;
}

int
sshbuf_read(int fd, struct sshbuf *buf, size_t maxlen, size_t *rlen)
{
  int r, oerrno;
  size_t adjust;
  ssize_t rr;
  u_char *d;

  if (rlen != NULL)
    *rlen = 0;
  if ((r = sshbuf_reserve(buf, maxlen, &d)) != 0)
    return r;
  rr = read(fd, d, maxlen);
  oerrno = errno;

  /* Adjust the buffer to include only what was actually read */
  if ((adjust = maxlen - (rr > 0 ? rr : 0)) != 0) {
    if ((r = sshbuf_consume_end(buf, adjust)) != 0) {
      /* avoid returning uninitialised data to caller */
      memset(d + rr, '\0', adjust);
      return SSH_ERR_INTERNAL_ERROR; /* shouldn't happen */
    }
  }
  if (rr < 0) {
    errno = oerrno;
    return SSH_ERR_SYSTEM_ERROR;
  } else if (rr == 0) {
    errno = EPIPE;
    return SSH_ERR_SYSTEM_ERROR;
  }
  /* success */
  if (rlen != NULL) {
    *rlen = (size_t)rr;
  }
  return 0;
}

Coverage Report

Created: 2024-07-27 06:06

Line	Count	Source (jump to first uncovered line)
1		/* $OpenBSD: sshbuf-misc.c,v 1.18 2022/01/22 00:43:43 djm Exp $ */
2		/*
3		* Copyright (c) 2011 Damien Miller
4		*
5		* Permission to use, copy, modify, and distribute this software for any
6		* purpose with or without fee is hereby granted, provided that the above
7		* copyright notice and this permission notice appear in all copies.
8		*
9		* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10		* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11		* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12		* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13		* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14		* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15		* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16		*/
17
18		#include "includes.h"
19
20		#include <sys/types.h>
21		#include <sys/socket.h>
22		#include <netinet/in.h>
23		#include <errno.h>
24		#include <stdlib.h>
25		#ifdef HAVE_STDINT_H
26		# include <stdint.h>
27		#endif
28		#include <stdio.h>
29		#include <limits.h>
30		#include <string.h>
31		#include <resolv.h>
32		#include <ctype.h>
33		#include <unistd.h>
34
35		#include "ssherr.h"
36		#define SSHBUF_INTERNAL
37		#include "sshbuf.h"
38
39		void
40		sshbuf_dump_data(const void s, size_t len, FILE f)
41	0	{
42	0	size_t i, j;
43	0	const u_char p = (const u_char )s;
44
45	0	for (i = 0; i < len; i += 16) {
46	0	fprintf(f, "%.4zu: ", i);
47	0	for (j = i; j < i + 16; j++) {
48	0	if (j < len)
49	0	fprintf(f, "%02x ", p[j]);
50	0	else
51	0	fprintf(f, " ");
52	0	}
53	0	fprintf(f, " ");
54	0	for (j = i; j < i + 16; j++) {
55	0	if (j < len) {
56	0	if (isascii(p[j]) && isprint(p[j]))
57	0	fprintf(f, "%c", p[j]);
58	0	else
59	0	fprintf(f, ".");
60	0	}
61	0	}
62	0	fprintf(f, "\n");
63	0	}
64	0	}
65
66		void
67		sshbuf_dump(const struct sshbuf buf, FILE f)
68	0	{
69	0	fprintf(f, "buffer len = %zu\n", sshbuf_len(buf));
70	0	sshbuf_dump_data(sshbuf_ptr(buf), sshbuf_len(buf), f);
71	0	}
72
73		char *
74		sshbuf_dtob16(struct sshbuf *buf)
75	0	{
76	0	size_t i, j, len = sshbuf_len(buf);
77	0	const u_char *p = sshbuf_ptr(buf);
78	0	char *ret;
79	0	const char hex[] = "0123456789abcdef";
80
81	0	if (len == 0)
82	0	return strdup("");
83	0	if (SIZE_MAX / 2 <= len \|\| (ret = malloc(len * 2 + 1)) == NULL)
84	0	return NULL;
85	0	for (i = j = 0; i < len; i++) {
86	0	ret[j++] = hex[(p[i] >> 4) & 0xf];
87	0	ret[j++] = hex[p[i] & 0xf];
88	0	}
89	0	ret[j] = '\0';
90	0	return ret;
91	0	}
92
93		int
94		sshbuf_dtob64(const struct sshbuf d, struct sshbuf b64, int wrap)
95	0	{
96	0	size_t i, slen = 0;
97	0	char *s = NULL;
98	0	int r;
99
100	0	if (d == NULL \|\| b64 == NULL \|\| sshbuf_len(d) >= SIZE_MAX / 2)
101	0	return SSH_ERR_INVALID_ARGUMENT;
102	0	if (sshbuf_len(d) == 0)
103	0	return 0;
104	0	slen = ((sshbuf_len(d) + 2) / 3) * 4 + 1;
105	0	if ((s = malloc(slen)) == NULL)
106	0	return SSH_ERR_ALLOC_FAIL;
107	0	if (b64_ntop(sshbuf_ptr(d), sshbuf_len(d), s, slen) == -1) {
108	0	r = SSH_ERR_INTERNAL_ERROR;
109	0	goto fail;
110	0	}
111	0	if (wrap) {
112	0	for (i = 0; s[i] != '\0'; i++) {
113	0	if ((r = sshbuf_put_u8(b64, s[i])) != 0)
114	0	goto fail;
115	0	if (i % 70 == 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
116	0	goto fail;
117	0	}
118	0	if ((i - 1) % 70 != 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
119	0	goto fail;
120	0	} else {
121	0	if ((r = sshbuf_put(b64, s, strlen(s))) != 0)
122	0	goto fail;
123	0	}
124		/* Success */
125	0	r = 0;
126	0	fail:
127	0	freezero(s, slen);
128	0	return r;
129	0	}
130
131		char *
132		sshbuf_dtob64_string(const struct sshbuf *buf, int wrap)
133	0	{
134	0	struct sshbuf *tmp;
135	0	char *ret;
136
137	0	if ((tmp = sshbuf_new()) == NULL)
138	0	return NULL;
139	0	if (sshbuf_dtob64(buf, tmp, wrap) != 0) {
140	0	sshbuf_free(tmp);
141	0	return NULL;
142	0	}
143	0	ret = sshbuf_dup_string(tmp);
144	0	sshbuf_free(tmp);
145	0	return ret;
146	0	}
147
148		int
149		sshbuf_b64tod(struct sshbuf buf, const char b64)
150	0	{
151	0	size_t plen = strlen(b64);
152	0	int nlen, r;
153	0	u_char *p;
154
155	0	if (plen == 0)
156	0	return 0;
157	0	if ((p = malloc(plen)) == NULL)
158	0	return SSH_ERR_ALLOC_FAIL;
159	0	if ((nlen = b64_pton(b64, p, plen)) < 0) {
160	0	freezero(p, plen);
161	0	return SSH_ERR_INVALID_FORMAT;
162	0	}
163	0	if ((r = sshbuf_put(buf, p, nlen)) < 0) {
164	0	freezero(p, plen);
165	0	return r;
166	0	}
167	0	freezero(p, plen);
168	0	return 0;
169	0	}
170
171		int
172		sshbuf_dtourlb64(const struct sshbuf d, struct sshbuf b64, int wrap)
173	0	{
174	0	int r = SSH_ERR_INTERNAL_ERROR;
175	0	u_char *p;
176	0	struct sshbuf *b = NULL;
177	0	size_t i, l;
178
179	0	if ((b = sshbuf_new()) == NULL)
180	0	return SSH_ERR_ALLOC_FAIL;
181		/* Encode using regular base64; we'll transform it once done */
182	0	if ((r = sshbuf_dtob64(d, b, wrap)) != 0)
183	0	goto out;
184		/* remove padding from end of encoded string*/
185	0	for (;;) {
186	0	l = sshbuf_len(b);
187	0	if (l <= 1 \|\| sshbuf_ptr(b) == NULL) {
188	0	r = SSH_ERR_INTERNAL_ERROR;
189	0	goto out;
190	0	}
191	0	if (sshbuf_ptr(b)[l - 1] != '=')
192	0	break;
193	0	if ((r = sshbuf_consume_end(b, 1)) != 0)
194	0	goto out;
195	0	}
196		/* Replace characters with rfc4648 equivalents */
197	0	l = sshbuf_len(b);
198	0	if ((p = sshbuf_mutable_ptr(b)) == NULL) {
199	0	r = SSH_ERR_INTERNAL_ERROR;
200	0	goto out;
201	0	}
202	0	for (i = 0; i < l; i++) {
203	0	if (p[i] == '+')
204	0	p[i] = '-';
205	0	else if (p[i] == '/')
206	0	p[i] = '_';
207	0	}
208	0	r = sshbuf_putb(b64, b);
209	0	out:
210	0	sshbuf_free(b);
211	0	return r;
212	0	}
213
214		char *
215		sshbuf_dup_string(struct sshbuf *buf)
216	0	{
217	0	const u_char p = NULL, s = sshbuf_ptr(buf);
218	0	size_t l = sshbuf_len(buf);
219	0	char *r;
220
221	0	if (s == NULL \|\| l > SIZE_MAX)
222	0	return NULL;
223		/* accept a nul only as the last character in the buffer */
224	0	if (l > 0 && (p = memchr(s, '\0', l)) != NULL) {
225	0	if (p != s + l - 1)
226	0	return NULL;
227	0	l--; /* the nul is put back below */
228	0	}
229	0	if ((r = malloc(l + 1)) == NULL)
230	0	return NULL;
231	0	if (l > 0)
232	0	memcpy(r, s, l);
233	0	r[l] = '\0';
234	0	return r;
235	0	}
236
237		int
238		sshbuf_cmp(const struct sshbuf *b, size_t offset,
239		const void *s, size_t len)
240	0	{
241	0	if (sshbuf_ptr(b) == NULL)
242	0	return SSH_ERR_INTERNAL_ERROR;
243	0	if (offset > SSHBUF_SIZE_MAX \|\| len > SSHBUF_SIZE_MAX \|\| len == 0)
244	0	return SSH_ERR_INVALID_ARGUMENT;
245	0	if (offset + len > sshbuf_len(b))
246	0	return SSH_ERR_MESSAGE_INCOMPLETE;
247	0	if (timingsafe_bcmp(sshbuf_ptr(b) + offset, s, len) != 0)
248	0	return SSH_ERR_INVALID_FORMAT;
249	0	return 0;
250	0	}
251
252		int
253		sshbuf_find(const struct sshbuf *b, size_t start_offset,
254		const void s, size_t len, size_t offsetp)
255	0	{
256	0	void *p;
257
258	0	if (offsetp != NULL)
259	0	*offsetp = 0;
260	0	if (sshbuf_ptr(b) == NULL)
261	0	return SSH_ERR_INTERNAL_ERROR;
262	0	if (start_offset > SSHBUF_SIZE_MAX \|\| len > SSHBUF_SIZE_MAX \|\| len == 0)
263	0	return SSH_ERR_INVALID_ARGUMENT;
264	0	if (start_offset > sshbuf_len(b) \|\| start_offset + len > sshbuf_len(b))
265	0	return SSH_ERR_MESSAGE_INCOMPLETE;
266	0	if ((p = memmem(sshbuf_ptr(b) + start_offset,
267	0	sshbuf_len(b) - start_offset, s, len)) == NULL)
268	0	return SSH_ERR_INVALID_FORMAT;
269	0	if (offsetp != NULL)
270	0	offsetp = (const u_char )p - sshbuf_ptr(b);
271	0	return 0;
272	0	}
273
274		int
275		sshbuf_read(int fd, struct sshbuf buf, size_t maxlen, size_t rlen)
276	0	{
277	0	int r, oerrno;
278	0	size_t adjust;
279	0	ssize_t rr;
280	0	u_char *d;
281
282	0	if (rlen != NULL)
283	0	*rlen = 0;
284	0	if ((r = sshbuf_reserve(buf, maxlen, &d)) != 0)
285	0	return r;
286	0	rr = read(fd, d, maxlen);
287	0	oerrno = errno;
288
289		/* Adjust the buffer to include only what was actually read */
290	0	if ((adjust = maxlen - (rr > 0 ? rr : 0)) != 0) {
291	0	if ((r = sshbuf_consume_end(buf, adjust)) != 0) {
292		/* avoid returning uninitialised data to caller */
293	0	memset(d + rr, '\0', adjust);
294	0	return SSH_ERR_INTERNAL_ERROR; /* shouldn't happen */
295	0	}
296	0	}
297	0	if (rr < 0) {
298	0	errno = oerrno;
299	0	return SSH_ERR_SYSTEM_ERROR;
300	0	} else if (rr == 0) {
301	0	errno = EPIPE;
302	0	return SSH_ERR_SYSTEM_ERROR;
303	0	}
304		/* success */
305	0	if (rlen != NULL) {
306	0	*rlen = (size_t)rr;
307	0	}
308	0	return 0;
309	0	}