/src/openssl/crypto/x509/x509_obj.c

Source (jump to first uncovered line)
/*
 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/buffer.h>
#include "internal/x509_int.h"

/*
 * Limit to ensure we don't overflow: much greater than
 * anything encountered in practice.
 */

#define NAME_ONELINE_MAX    (1024 * 1024)

char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
{
    const X509_NAME_ENTRY *ne;
    int i;
    int n, lold, l, l1, l2, num, j, type;
    const char *s;
    char *p;
    unsigned char *q;
    BUF_MEM *b = NULL;
    static const char hex[17] = "0123456789ABCDEF";
    int gs_doit[4];
    char tmp_buf[80];
#ifdef CHARSET_EBCDIC
    unsigned char ebcdic_buf[1024];
#endif

    if (buf == NULL) {
        if ((b = BUF_MEM_new()) == NULL)
            goto err;
        if (!BUF_MEM_grow(b, 200))
            goto err;
        b->data[0] = '\0';
        len = 200;
    } else if (len == 0) {
        return NULL;
    }
    if (a == NULL) {
        if (b) {
            buf = b->data;
            OPENSSL_free(b);
        }
        strncpy(buf, "NO X509_NAME", len);
        buf[len - 1] = '\0';
        return buf;
    }

    len--;                      /* space for '\0' */
    l = 0;
    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
        ne = sk_X509_NAME_ENTRY_value(a->entries, i);
        n = OBJ_obj2nid(ne->object);
        if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
            i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
            s = tmp_buf;
        }
        l1 = strlen(s);

        type = ne->value->type;
        num = ne->value->length;
        if (num > NAME_ONELINE_MAX) {
            X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
            goto end;
        }
        q = ne->value->data;
#ifdef CHARSET_EBCDIC
        if (type == V_ASN1_GENERALSTRING ||
            type == V_ASN1_VISIBLESTRING ||
            type == V_ASN1_PRINTABLESTRING ||
            type == V_ASN1_TELETEXSTRING ||
            type == V_ASN1_IA5STRING) {
            if (num > (int)sizeof(ebcdic_buf))
                num = sizeof(ebcdic_buf);
            ascii2ebcdic(ebcdic_buf, q, num);
            q = ebcdic_buf;
        }
#endif

        if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
            for (j = 0; j < num; j++)
                if (q[j] != 0)
                    gs_doit[j & 3] = 1;

            if (gs_doit[0] | gs_doit[1] | gs_doit[2])
                gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
            else {
                gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
                gs_doit[3] = 1;
            }
        } else
            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;

        for (l2 = j = 0; j < num; j++) {
            if (!gs_doit[j & 3])
                continue;
            l2++;
#ifndef CHARSET_EBCDIC
            if ((q[j] < ' ') || (q[j] > '~'))
                l2 += 3;
#else
            if ((os_toascii[q[j]] < os_toascii[' ']) ||
                (os_toascii[q[j]] > os_toascii['~']))
                l2 += 3;
#endif
        }

        lold = l;
        l += 1 + l1 + 1 + l2;
        if (l > NAME_ONELINE_MAX) {
            X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
            goto end;
        }
        if (b != NULL) {
            if (!BUF_MEM_grow(b, l + 1))
                goto err;
            p = &(b->data[lold]);
        } else if (l > len) {
            break;
        } else
            p = &(buf[lold]);
        *(p++) = '/';
        memcpy(p, s, (unsigned int)l1);
        p += l1;
        *(p++) = '=';

#ifndef CHARSET_EBCDIC          /* q was assigned above already. */
        q = ne->value->data;
#endif

        for (j = 0; j < num; j++) {
            if (!gs_doit[j & 3])
                continue;
#ifndef CHARSET_EBCDIC
            n = q[j];
            if ((n < ' ') || (n > '~')) {
                *(p++) = '\\';
                *(p++) = 'x';
                *(p++) = hex[(n >> 4) & 0x0f];
                *(p++) = hex[n & 0x0f];
            } else
                *(p++) = n;
#else
            n = os_toascii[q[j]];
            if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
                *(p++) = '\\';
                *(p++) = 'x';
                *(p++) = hex[(n >> 4) & 0x0f];
                *(p++) = hex[n & 0x0f];
            } else
                *(p++) = q[j];
#endif
        }
        *p = '\0';
    }
    if (b != NULL) {
        p = b->data;
        OPENSSL_free(b);
    } else
        p = buf;
    if (i == 0)
        *p = '\0';
    return p;
 err:
    X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
 end:
    BUF_MEM_free(b);
    return NULL;
}

Coverage Report

Created: 2018-08-29 13:53

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the OpenSSL license (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "internal/cryptlib.h"
12		#include <openssl/objects.h>
13		#include <openssl/x509.h>
14		#include <openssl/buffer.h>
15		#include "internal/x509_int.h"
16
17		/*
18		* Limit to ensure we don't overflow: much greater than
19		* anything encountered in practice.
20		*/
21
22	0	#define NAME_ONELINE_MAX (1024 * 1024)
23
24		char X509_NAME_oneline(const X509_NAME a, char *buf, int len)
25	0	{
26	0	const X509_NAME_ENTRY *ne;
27	0	int i;
28	0	int n, lold, l, l1, l2, num, j, type;
29	0	const char *s;
30	0	char *p;
31	0	unsigned char *q;
32	0	BUF_MEM *b = NULL;
33	0	static const char hex[17] = "0123456789ABCDEF";
34	0	int gs_doit[4];
35	0	char tmp_buf[80];
36		#ifdef CHARSET_EBCDIC
37		unsigned char ebcdic_buf[1024];
38		#endif
39
40	0	if (buf == NULL) {
41	0	if ((b = BUF_MEM_new()) == NULL)
42	0	goto err;
43	0	if (!BUF_MEM_grow(b, 200))
44	0	goto err;
45	0	b->data[0] = '\0';
46	0	len = 200;
47	0	} else if (len == 0) {
48	0	return NULL;
49	0	}
50	0	if (a == NULL) {
51	0	if (b) {
52	0	buf = b->data;
53	0	OPENSSL_free(b);
54	0	}
55	0	strncpy(buf, "NO X509_NAME", len);
56	0	buf[len - 1] = '\0';
57	0	return buf;
58	0	}
59	0
60	0	len--; /* space for '\0' */
61	0	l = 0;
62	0	for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
63	0	ne = sk_X509_NAME_ENTRY_value(a->entries, i);
64	0	n = OBJ_obj2nid(ne->object);
65	0	if ((n == NID_undef) \|\| ((s = OBJ_nid2sn(n)) == NULL)) {
66	0	i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
67	0	s = tmp_buf;
68	0	}
69	0	l1 = strlen(s);
70	0
71	0	type = ne->value->type;
72	0	num = ne->value->length;
73	0	if (num > NAME_ONELINE_MAX) {
74	0	X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
75	0	goto end;
76	0	}
77	0	q = ne->value->data;
78		#ifdef CHARSET_EBCDIC
79		if (type == V_ASN1_GENERALSTRING \|\|
80		type == V_ASN1_VISIBLESTRING \|\|
81		type == V_ASN1_PRINTABLESTRING \|\|
82		type == V_ASN1_TELETEXSTRING \|\|
83		type == V_ASN1_IA5STRING) {
84		if (num > (int)sizeof(ebcdic_buf))
85		num = sizeof(ebcdic_buf);
86		ascii2ebcdic(ebcdic_buf, q, num);
87		q = ebcdic_buf;
88		}
89		#endif
90
91	0	if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
92	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
93	0	for (j = 0; j < num; j++)
94	0	if (q[j] != 0)
95	0	gs_doit[j & 3] = 1;
96	0
97	0	if (gs_doit[0] \| gs_doit[1] \| gs_doit[2])
98	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
99	0	else {
100	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
101	0	gs_doit[3] = 1;
102	0	}
103	0	} else
104	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
105	0
106	0	for (l2 = j = 0; j < num; j++) {
107	0	if (!gs_doit[j & 3])
108	0	continue;
109	0	l2++;
110	0	#ifndef CHARSET_EBCDIC
111	0	if ((q[j] < ' ') \|\| (q[j] > '~'))
112	0	l2 += 3;
113		#else
114		if ((os_toascii[q[j]] < os_toascii[' ']) \|\|
115		(os_toascii[q[j]] > os_toascii['~']))
116		l2 += 3;
117		#endif
118		}
119	0
120	0	lold = l;
121	0	l += 1 + l1 + 1 + l2;
122	0	if (l > NAME_ONELINE_MAX) {
123	0	X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
124	0	goto end;
125	0	}
126	0	if (b != NULL) {
127	0	if (!BUF_MEM_grow(b, l + 1))
128	0	goto err;
129	0	p = &(b->data[lold]);
130	0	} else if (l > len) {
131	0	break;
132	0	} else
133	0	p = &(buf[lold]);
134	0	*(p++) = '/';
135	0	memcpy(p, s, (unsigned int)l1);
136	0	p += l1;
137	0	*(p++) = '=';
138	0
139	0	#ifndef CHARSET_EBCDIC /* q was assigned above already. */
140	0	q = ne->value->data;
141	0	#endif
142	0
143	0	for (j = 0; j < num; j++) {
144	0	if (!gs_doit[j & 3])
145	0	continue;
146	0	#ifndef CHARSET_EBCDIC
147	0	n = q[j];
148	0	if ((n < ' ') \|\| (n > '~')) {
149	0	*(p++) = '\\';
150	0	*(p++) = 'x';
151	0	*(p++) = hex[(n >> 4) & 0x0f];
152	0	*(p++) = hex[n & 0x0f];
153	0	} else
154	0	*(p++) = n;
155		#else
156		n = os_toascii[q[j]];
157		if ((n < os_toascii[' ']) \|\| (n > os_toascii['~'])) {
158		*(p++) = '\\';
159		*(p++) = 'x';
160		*(p++) = hex[(n >> 4) & 0x0f];
161		*(p++) = hex[n & 0x0f];
162		} else
163		*(p++) = q[j];
164		#endif
165		}
166	0	*p = '\0';
167	0	}
168	0	if (b != NULL) {
169	0	p = b->data;
170	0	OPENSSL_free(b);
171	0	} else
172	0	p = buf;
173	0	if (i == 0)
174	0	*p = '\0';
175	0	return p;
176	0	err:
177	0	X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
178	0	end:
179	0	BUF_MEM_free(b);
180	0	return NULL;
181	0	}