Simplify the overflow checks in WPACKET_allocate_bytes()

[openssl.git] / ssl / packet.c

/*
 * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "packet_locl.h"

#define DEFAULT_BUF_SIZE    256

int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
{
    if (pkt->subs == NULL || len == 0)
        return 0;

    if (pkt->maxsize - pkt->written < len)
        return 0;

    if (pkt->buf->length - pkt->written < len) {
        size_t newlen;

        if (pkt->buf->length > SIZE_MAX / 2) {
            newlen = SIZE_MAX;
        } else {
            if (pkt->buf->length == 0)
                newlen = DEFAULT_BUF_SIZE;
            else
                newlen = pkt->buf->length * 2;
        }
        if (BUF_MEM_grow(pkt->buf, newlen) == 0)
            return 0;
        if (pkt->curr == NULL) {
            /*
             * Can happen if initialised with a BUF_MEM that hasn't been
             * pre-allocated.
             */
            pkt->curr = (unsigned char *)pkt->buf->data;
        }
    }
    pkt->written += len;
    *allocbytes = pkt->curr;
    pkt->curr += len;

    return 1;
}

static size_t maxmaxsize(size_t lenbytes)
{
    if (lenbytes >= sizeof(size_t) || lenbytes == 0)
        return SIZE_MAX;
    else
        return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
}

int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
{
    /* Sanity check */
    if (buf == NULL)
        return 0;

    pkt->buf = buf;
    pkt->curr = (unsigned char *)buf->data;
    pkt->written = 0;
    pkt->maxsize = maxmaxsize(lenbytes);

    pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs));
    if (pkt->subs == NULL)
        return 0;

    if (lenbytes == 0)
        return 1;

    pkt->subs->pwritten = lenbytes;
    pkt->subs->lenbytes = lenbytes;

    if (!WPACKET_allocate_bytes(pkt, lenbytes, &(pkt->subs->packet_len))) {
        OPENSSL_free(pkt->subs);
        pkt->subs = NULL;
        return 0;
    }

    return 1;
}

int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
{
    return WPACKET_init_len(pkt, buf, 0);
}

int WPACKET_set_packet_len(WPACKET *pkt, unsigned char *packet_len,
                           size_t lenbytes)
{
    size_t maxmax;

    /* We only allow this to be set once */
    if (pkt->subs == NULL || pkt->subs->lenbytes != 0)
        return 0;

    pkt->subs->lenbytes = lenbytes;
    pkt->subs->packet_len = packet_len;

    maxmax = maxmaxsize(lenbytes);
    if (pkt->maxsize > maxmax)
        pkt->maxsize = maxmax;

    return 1;
}

int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
{
    if (pkt->subs == NULL)
        return 0;

    pkt->subs->flags = flags;

    return 1;
}


/*
 * Internal helper function used by WPACKET_close() and WPACKET_finish() to
 * close a sub-packet and write out its length if necessary.
 */
static int wpacket_intern_close(WPACKET *pkt)
{
    size_t packlen;
    WPACKET_SUB *sub = pkt->subs;

    packlen = pkt->written - sub->pwritten;
    if (packlen == 0
            && sub->flags & OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH)
        return 0;

    if (packlen == 0
            && sub->flags & OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
        /* Deallocate any bytes allocated for the length of the WPACKET */
        if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
            pkt->written -= sub->lenbytes;
            pkt->curr -= sub->lenbytes;
        }

        /* Don't write out the packet length */
        sub->packet_len = NULL;
    }

    /* Write out the WPACKET length if needed */
    if (sub->packet_len != NULL) {
        size_t lenbytes;

        lenbytes = sub->lenbytes;

        for (; lenbytes > 0; lenbytes--) {
            sub->packet_len[lenbytes - 1]
                = (unsigned char)(packlen & 0xff);
            packlen >>= 8;
        }
        if (packlen > 0) {
            /*
             * We've extended beyond the max allowed for the number of len bytes
             */
            return 0;
        }
    }

    pkt->subs = sub->parent;
    OPENSSL_free(sub);

    return 1;
}

int WPACKET_close(WPACKET *pkt)
{
    if (pkt->subs == NULL || pkt->subs->parent == NULL)
        return 0;

    return wpacket_intern_close(pkt);
}

int WPACKET_finish(WPACKET *pkt)
{
    int ret;

    if (pkt->subs == NULL || pkt->subs->parent != NULL)
        return 0;

    ret = wpacket_intern_close(pkt);

    if (ret) {
        OPENSSL_free(pkt->subs);
        pkt->subs = NULL;
    }
    return ret;
}

int WPACKET_start_sub_packet_len(WPACKET *pkt, size_t lenbytes)
{
    WPACKET_SUB *sub;

    if (pkt->subs == NULL)
        return 0;

    sub = OPENSSL_zalloc(sizeof(*sub));
    if (sub == NULL)
        return 0;

    sub->parent = pkt->subs;
    pkt->subs = sub;
    sub->pwritten = pkt->written + lenbytes;
    sub->lenbytes = lenbytes;

    if (lenbytes == 0) {
        sub->packet_len = NULL;
        return 1;
    }

    if (!WPACKET_allocate_bytes(pkt, lenbytes, &sub->packet_len)) {
        return 0;
    }

    return 1;
}

int WPACKET_start_sub_packet(WPACKET *pkt)
{
    return WPACKET_start_sub_packet_len(pkt, 0);
}

int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes)
{
    unsigned char *data;

    if (bytes > sizeof(unsigned int)
            || !WPACKET_allocate_bytes(pkt, bytes, &data))
        return 0;

    data += bytes - 1;
    for (; bytes > 0; bytes--) {
        *data = (unsigned char)(val & 0xff);
        data--;
        val >>= 8;
    }

    /* Check whether we could fit the value in the assigned number of bytes */
    if (val > 0)
        return 0;

    return 1;
}

int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
{
    WPACKET_SUB *sub;
    size_t lenbytes;

    if (pkt->subs == NULL)
        return 0;

    /* Find the WPACKET_SUB for the top level */
    for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent);

    lenbytes = sub->lenbytes;
    if (lenbytes == 0)
        lenbytes = sizeof(pkt->maxsize);

    if (maxmaxsize(lenbytes) < maxsize || maxsize < pkt->written)
        return 0;

    pkt->maxsize = maxsize;

    return 1;
}

int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
{
    unsigned char *dest;

    if (len == 0)
        return 1;

    if (!WPACKET_allocate_bytes(pkt, len, &dest))
        return 0;

    memcpy(dest, src, len);

    return 1;
}

int WPACKET_sub_memcpy(WPACKET *pkt, const void *src, size_t len, size_t lenbytes)
{
    if (!WPACKET_start_sub_packet_len(pkt, lenbytes)
            || !WPACKET_memcpy(pkt, src, len)
            || !WPACKET_close(pkt))
        return 0;

    return 1;
}

int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
{
    if (written == NULL)
        return 0;

    *written = pkt->written;

    return 1;
}

int WPACKET_get_length(WPACKET *pkt, size_t *len)
{
    if (pkt->subs == NULL || len == NULL)
        return 0;

    *len = pkt->written - pkt->subs->pwritten;

    return 1;
}

void WPACKET_cleanup(WPACKET *pkt)
{
    WPACKET_SUB *sub, *parent;

    for (sub = pkt->subs; sub != NULL; sub = parent) {
        parent = sub->parent;
        OPENSSL_free(sub);
    }
    pkt->subs = NULL;
}