X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fpacket_locl.h;h=0ff4cccf3b071dd214fe5f4734eab18934f3013c;hp=778ec774bc52ffd5d75298a22dee8b9aa13c331f;hb=d70a562714199c9a4eb835efe7b22c9a7017e7e5;hpb=310115448188415e270bb0bef958c7c130939838 diff --git a/ssl/packet_locl.h b/ssl/packet_locl.h index 778ec774bc..0ff4cccf3b 100644 --- a/ssl/packet_locl.h +++ b/ssl/packet_locl.h @@ -1,59 +1,10 @@ -/* ssl/packet_locl.h */ /* - * Written by Matt Caswell for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #ifndef HEADER_PACKET_LOCL_H @@ -63,7 +14,9 @@ # include # include # include -# include "e_os.h" +# include + +# include "internal/numbers.h" # ifdef __cplusplus extern "C" { @@ -71,13 +24,13 @@ extern "C" { typedef struct { /* Pointer to where we are currently reading from */ - unsigned char *curr; + const unsigned char *curr; /* Number of bytes remaining */ size_t remaining; } PACKET; /* Internal unchecked shorthand; don't use outside this file. */ -static inline void packet_forward(PACKET *pkt, size_t len) +static ossl_inline void packet_forward(PACKET *pkt, size_t len) { pkt->curr += len; pkt->remaining -= len; @@ -86,18 +39,26 @@ static inline void packet_forward(PACKET *pkt, size_t len) /* * Returns the number of bytes remaining to be read in the PACKET */ -__owur static inline size_t PACKET_remaining(const PACKET *pkt) +static ossl_inline size_t PACKET_remaining(const PACKET *pkt) { return pkt->remaining; } +/* + * Returns a pointer to the first byte after the packet data. + * Useful for integrating with non-PACKET parsing code. + * Specifically, we use PACKET_end() to verify that a d2i_... call + * has consumed the entire packet contents. + */ +static ossl_inline const unsigned char *PACKET_end(const PACKET *pkt) +{ + return pkt->curr + pkt->remaining; +} /* * Returns a pointer to the PACKET's current position. * For use in non-PACKETized APIs. - * TODO(openssl-team): this should return 'const unsigned char*' but can't - * currently because legacy code passes 'unsigned char*'s around. */ -static inline unsigned char *PACKET_data(const PACKET *pkt) +static ossl_inline const unsigned char *PACKET_data(const PACKET *pkt) { return pkt->curr; } @@ -107,10 +68,12 @@ static inline unsigned char *PACKET_data(const PACKET *pkt) * copy of the data so |buf| must be present for the whole time that the PACKET * is being used. */ -static inline int PACKET_buf_init(PACKET *pkt, unsigned char *buf, size_t len) +__owur static ossl_inline int PACKET_buf_init(PACKET *pkt, + const unsigned char *buf, + size_t len) { /* Sanity check for negative values. */ - if (buf + len < buf) + if (len > (size_t)(SIZE_MAX / 2)) return 0; pkt->curr = buf; @@ -119,7 +82,7 @@ static inline int PACKET_buf_init(PACKET *pkt, unsigned char *buf, size_t len) } /* Initialize a PACKET to hold zero bytes. */ -static inline void PACKET_null_init(PACKET *pkt) +static ossl_inline void PACKET_null_init(PACKET *pkt) { pkt->curr = NULL; pkt->remaining = 0; @@ -130,8 +93,9 @@ static inline void PACKET_null_init(PACKET *pkt) * bytes read from |ptr|. Returns 0 otherwise (lengths or contents not equal). * If lengths are equal, performs the comparison in constant time. */ -__owur static inline int PACKET_equal(const PACKET *pkt, const void *ptr, - size_t num) { +__owur static ossl_inline int PACKET_equal(const PACKET *pkt, const void *ptr, + size_t num) +{ if (PACKET_remaining(pkt) != num) return 0; return CRYPTO_memcmp(pkt->curr, ptr, num) == 0; @@ -142,15 +106,14 @@ __owur static inline int PACKET_equal(const PACKET *pkt, const void *ptr, * Data is not copied: the |subpkt| packet will share its underlying buffer with * the original |pkt|, so data wrapped by |pkt| must outlive the |subpkt|. */ -__owur static inline int PACKET_peek_sub_packet(const PACKET *pkt, - PACKET *subpkt, size_t len) +__owur static ossl_inline int PACKET_peek_sub_packet(const PACKET *pkt, + PACKET *subpkt, + size_t len) { if (PACKET_remaining(pkt) < len) return 0; - PACKET_buf_init(subpkt, pkt->curr, len); - - return 1; + return PACKET_buf_init(subpkt, pkt->curr, len); } /* @@ -158,8 +121,9 @@ __owur static inline int PACKET_peek_sub_packet(const PACKET *pkt, * copied: the |subpkt| packet will share its underlying buffer with the * original |pkt|, so data wrapped by |pkt| must outlive the |subpkt|. */ -__owur static inline int PACKET_get_sub_packet(PACKET *pkt, PACKET *subpkt, - size_t len) +__owur static ossl_inline int PACKET_get_sub_packet(PACKET *pkt, + PACKET *subpkt, + size_t len) { if (!PACKET_peek_sub_packet(pkt, subpkt, len)) return 0; @@ -169,16 +133,17 @@ __owur static inline int PACKET_get_sub_packet(PACKET *pkt, PACKET *subpkt, return 1; } -/* Peek ahead at 2 bytes in network order from |pkt| and store the value in +/* + * Peek ahead at 2 bytes in network order from |pkt| and store the value in * |*data| */ -__owur static inline int PACKET_peek_net_2(const PACKET *pkt, - unsigned int *data) +__owur static ossl_inline int PACKET_peek_net_2(const PACKET *pkt, + unsigned int *data) { if (PACKET_remaining(pkt) < 2) return 0; - *data = ((unsigned int)(*pkt->curr)) << 8; + *data = ((unsigned int)(*pkt->curr)) << 8; *data |= *(pkt->curr + 1); return 1; @@ -186,7 +151,8 @@ __owur static inline int PACKET_peek_net_2(const PACKET *pkt, /* Equivalent of n2s */ /* Get 2 bytes in network order from |pkt| and store the value in |*data| */ -__owur static inline int PACKET_get_net_2(PACKET *pkt, unsigned int *data) +__owur static ossl_inline int PACKET_get_net_2(PACKET *pkt, + unsigned int *data) { if (!PACKET_peek_net_2(pkt, data)) return 0; @@ -196,17 +162,18 @@ __owur static inline int PACKET_get_net_2(PACKET *pkt, unsigned int *data) return 1; } -/* Peek ahead at 3 bytes in network order from |pkt| and store the value in +/* + * Peek ahead at 3 bytes in network order from |pkt| and store the value in * |*data| */ -__owur static inline int PACKET_peek_net_3(const PACKET *pkt, - unsigned long *data) +__owur static ossl_inline int PACKET_peek_net_3(const PACKET *pkt, + unsigned long *data) { if (PACKET_remaining(pkt) < 3) return 0; - *data = ((unsigned long)(*pkt->curr)) << 16; - *data |= ((unsigned long)(*(pkt->curr + 1))) << 8; + *data = ((unsigned long)(*pkt->curr)) << 16; + *data |= ((unsigned long)(*(pkt->curr + 1))) << 8; *data |= *(pkt->curr + 2); return 1; @@ -214,7 +181,8 @@ __owur static inline int PACKET_peek_net_3(const PACKET *pkt, /* Equivalent of n2l3 */ /* Get 3 bytes in network order from |pkt| and store the value in |*data| */ -__owur static inline int PACKET_get_net_3(PACKET *pkt, unsigned long *data) +__owur static ossl_inline int PACKET_get_net_3(PACKET *pkt, + unsigned long *data) { if (!PACKET_peek_net_3(pkt, data)) return 0; @@ -224,26 +192,28 @@ __owur static inline int PACKET_get_net_3(PACKET *pkt, unsigned long *data) return 1; } -/* Peek ahead at 4 bytes in network order from |pkt| and store the value in +/* + * Peek ahead at 4 bytes in network order from |pkt| and store the value in * |*data| */ -__owur static inline int PACKET_peek_net_4(const PACKET *pkt, - unsigned long *data) +__owur static ossl_inline int PACKET_peek_net_4(const PACKET *pkt, + unsigned long *data) { if (PACKET_remaining(pkt) < 4) return 0; - *data = ((unsigned long)(*pkt->curr)) << 24; + *data = ((unsigned long)(*pkt->curr)) << 24; *data |= ((unsigned long)(*(pkt->curr + 1))) << 16; - *data |= ((unsigned long)(*(pkt->curr + 2))) << 8; - *data |= *(pkt->curr+3); + *data |= ((unsigned long)(*(pkt->curr + 2))) << 8; + *data |= *(pkt->curr + 3); return 1; } /* Equivalent of n2l */ /* Get 4 bytes in network order from |pkt| and store the value in |*data| */ -__owur static inline int PACKET_get_net_4(PACKET *pkt, unsigned long *data) +__owur static ossl_inline int PACKET_get_net_4(PACKET *pkt, + unsigned long *data) { if (!PACKET_peek_net_4(pkt, data)) return 0; @@ -254,7 +224,8 @@ __owur static inline int PACKET_get_net_4(PACKET *pkt, unsigned long *data) } /* Peek ahead at 1 byte from |pkt| and store the value in |*data| */ -__owur static inline int PACKET_peek_1(const PACKET *pkt, unsigned int *data) +__owur static ossl_inline int PACKET_peek_1(const PACKET *pkt, + unsigned int *data) { if (!PACKET_remaining(pkt)) return 0; @@ -265,7 +236,7 @@ __owur static inline int PACKET_peek_1(const PACKET *pkt, unsigned int *data) } /* Get 1 byte from |pkt| and store the value in |*data| */ -__owur static inline int PACKET_get_1(PACKET *pkt, unsigned int *data) +__owur static ossl_inline int PACKET_get_1(PACKET *pkt, unsigned int *data) { if (!PACKET_peek_1(pkt, data)) return 0; @@ -279,13 +250,14 @@ __owur static inline int PACKET_get_1(PACKET *pkt, unsigned int *data) * Peek ahead at 4 bytes in reverse network order from |pkt| and store the value * in |*data| */ -__owur static inline int PACKET_peek_4(const PACKET *pkt, unsigned long *data) +__owur static ossl_inline int PACKET_peek_4(const PACKET *pkt, + unsigned long *data) { if (PACKET_remaining(pkt) < 4) return 0; - *data = *pkt->curr; - *data |= ((unsigned long)(*(pkt->curr + 1))) << 8; + *data = *pkt->curr; + *data |= ((unsigned long)(*(pkt->curr + 1))) << 8; *data |= ((unsigned long)(*(pkt->curr + 2))) << 16; *data |= ((unsigned long)(*(pkt->curr + 3))) << 24; @@ -297,7 +269,7 @@ __owur static inline int PACKET_peek_4(const PACKET *pkt, unsigned long *data) * Get 4 bytes in reverse network order from |pkt| and store the value in * |*data| */ -__owur static inline int PACKET_get_4(PACKET *pkt, unsigned long *data) +__owur static ossl_inline int PACKET_get_4(PACKET *pkt, unsigned long *data) { if (!PACKET_peek_4(pkt, data)) return 0; @@ -313,8 +285,9 @@ __owur static inline int PACKET_get_4(PACKET *pkt, unsigned long *data) * caller should not free this data directly (it will be freed when the * underlying buffer gets freed */ -__owur static inline int PACKET_peek_bytes(const PACKET *pkt, unsigned char **data, - size_t len) +__owur static ossl_inline int PACKET_peek_bytes(const PACKET *pkt, + const unsigned char **data, + size_t len) { if (PACKET_remaining(pkt) < len) return 0; @@ -330,8 +303,9 @@ __owur static inline int PACKET_peek_bytes(const PACKET *pkt, unsigned char **da * not free this data directly (it will be freed when the underlying buffer gets * freed */ -__owur static inline int PACKET_get_bytes(PACKET *pkt, unsigned char **data, - size_t len) +__owur static ossl_inline int PACKET_get_bytes(PACKET *pkt, + const unsigned char **data, + size_t len) { if (!PACKET_peek_bytes(pkt, data, len)) return 0; @@ -342,8 +316,9 @@ __owur static inline int PACKET_get_bytes(PACKET *pkt, unsigned char **data, } /* Peek ahead at |len| bytes from |pkt| and copy them to |data| */ -__owur static inline int PACKET_peek_copy_bytes(const PACKET *pkt, - unsigned char *data, size_t len) +__owur static ossl_inline int PACKET_peek_copy_bytes(const PACKET *pkt, + unsigned char *data, + size_t len) { if (PACKET_remaining(pkt) < len) return 0; @@ -357,8 +332,9 @@ __owur static inline int PACKET_peek_copy_bytes(const PACKET *pkt, * Read |len| bytes from |pkt| and copy them to |data|. * The caller is responsible for ensuring that |data| can hold |len| bytes. */ -__owur static inline int PACKET_copy_bytes(PACKET *pkt, unsigned char *data, - size_t len) +__owur static ossl_inline int PACKET_copy_bytes(PACKET *pkt, + unsigned char *data, + size_t len) { if (!PACKET_peek_copy_bytes(pkt, data, len)) return 0; @@ -375,8 +351,10 @@ __owur static inline int PACKET_copy_bytes(PACKET *pkt, unsigned char *data, * Does not forward PACKET position (because it is typically the last thing * done with a given PACKET). */ -__owur static inline int PACKET_copy_all(const PACKET *pkt, unsigned char *dest, - size_t dest_len, size_t *len) { +__owur static ossl_inline int PACKET_copy_all(const PACKET *pkt, + unsigned char *dest, + size_t dest_len, size_t *len) +{ if (PACKET_remaining(pkt) > dest_len) { *len = 0; return 0; @@ -395,8 +373,8 @@ __owur static inline int PACKET_copy_all(const PACKET *pkt, unsigned char *dest, * Does not forward PACKET position (because it is typically the last thing * done with a given PACKET). */ -__owur static inline int PACKET_memdup(const PACKET *pkt, unsigned char **data, - size_t *len) +__owur static ossl_inline int PACKET_memdup(const PACKET *pkt, + unsigned char **data, size_t *len) { size_t length; @@ -409,8 +387,7 @@ __owur static inline int PACKET_memdup(const PACKET *pkt, unsigned char **data, if (length == 0) return 1; - *data = BUF_memdup(pkt->curr, length); - + *data = OPENSSL_memdup(pkt->curr, length); if (*data == NULL) return 0; @@ -428,17 +405,23 @@ __owur static inline int PACKET_memdup(const PACKET *pkt, unsigned char **data, * Does not forward PACKET position (because it is typically the last thing done * with a given PACKET). */ -__owur static inline int PACKET_strndup(const PACKET *pkt, char **data) +__owur static ossl_inline int PACKET_strndup(const PACKET *pkt, char **data) { OPENSSL_free(*data); /* This will succeed on an empty packet, unless pkt->curr == NULL. */ - *data = BUF_strndup((const char*)pkt->curr, PACKET_remaining(pkt)); + *data = OPENSSL_strndup((const char *)pkt->curr, PACKET_remaining(pkt)); return (*data != NULL); } +/* Returns 1 if |pkt| contains at least one 0-byte, 0 otherwise. */ +static ossl_inline int PACKET_contains_zero_byte(const PACKET *pkt) +{ + return memchr(pkt->curr, 0, pkt->remaining) != NULL; +} + /* Move the current reading position forward |len| bytes */ -__owur static inline int PACKET_forward(PACKET *pkt, size_t len) +__owur static ossl_inline int PACKET_forward(PACKET *pkt, size_t len) { if (PACKET_remaining(pkt) < len) return 0; @@ -455,13 +438,36 @@ __owur static inline int PACKET_forward(PACKET *pkt, size_t len) * the original |pkt|, so data wrapped by |pkt| must outlive the |subpkt|. * Upon failure, the original |pkt| and |subpkt| are not modified. */ -__owur static inline int PACKET_get_length_prefixed_1(PACKET *pkt, PACKET *subpkt) +__owur static ossl_inline int PACKET_get_length_prefixed_1(PACKET *pkt, + PACKET *subpkt) +{ + unsigned int length; + const unsigned char *data; + PACKET tmp = *pkt; + if (!PACKET_get_1(&tmp, &length) || + !PACKET_get_bytes(&tmp, &data, (size_t)length)) { + return 0; + } + + *pkt = tmp; + subpkt->curr = data; + subpkt->remaining = length; + + return 1; +} + +/* + * Like PACKET_get_length_prefixed_1, but additionally, fails when there are + * leftover bytes in |pkt|. + */ +__owur static ossl_inline int PACKET_as_length_prefixed_1(PACKET *pkt, PACKET *subpkt) { unsigned int length; - unsigned char *data; + const unsigned char *data; PACKET tmp = *pkt; if (!PACKET_get_1(&tmp, &length) || - !PACKET_get_bytes(&tmp, &data, (size_t)length)) { + !PACKET_get_bytes(&tmp, &data, (size_t)length) || + PACKET_remaining(&tmp) != 0) { return 0; } @@ -479,13 +485,39 @@ __owur static inline int PACKET_get_length_prefixed_1(PACKET *pkt, PACKET *subpk * the original |pkt|, so data wrapped by |pkt| must outlive the |subpkt|. * Upon failure, the original |pkt| and |subpkt| are not modified. */ -__owur static inline int PACKET_get_length_prefixed_2(PACKET *pkt, PACKET *subpkt) +__owur static ossl_inline int PACKET_get_length_prefixed_2(PACKET *pkt, + PACKET *subpkt) +{ + unsigned int length; + const unsigned char *data; + PACKET tmp = *pkt; + + if (!PACKET_get_net_2(&tmp, &length) || + !PACKET_get_bytes(&tmp, &data, (size_t)length)) { + return 0; + } + + *pkt = tmp; + subpkt->curr = data; + subpkt->remaining = length; + + return 1; +} + +/* + * Like PACKET_get_length_prefixed_2, but additionally, fails when there are + * leftover bytes in |pkt|. + */ +__owur static ossl_inline int PACKET_as_length_prefixed_2(PACKET *pkt, + PACKET *subpkt) { unsigned int length; - unsigned char *data; + const unsigned char *data; PACKET tmp = *pkt; + if (!PACKET_get_net_2(&tmp, &length) || - !PACKET_get_bytes(&tmp, &data, (size_t)length)) { + !PACKET_get_bytes(&tmp, &data, (size_t)length) || + PACKET_remaining(&tmp) != 0) { return 0; } @@ -503,24 +535,25 @@ __owur static inline int PACKET_get_length_prefixed_2(PACKET *pkt, PACKET *subpk * the original |pkt|, so data wrapped by |pkt| must outlive the |subpkt|. * Upon failure, the original |pkt| and |subpkt| are not modified. */ -__owur static inline int PACKET_get_length_prefixed_3(PACKET *pkt, PACKET *subpkt) +__owur static ossl_inline int PACKET_get_length_prefixed_3(PACKET *pkt, + PACKET *subpkt) { - unsigned long length; - unsigned char *data; - PACKET tmp = *pkt; - if (!PACKET_get_net_3(&tmp, &length) || - !PACKET_get_bytes(&tmp, &data, (size_t)length)) { - return 0; - } + unsigned long length; + const unsigned char *data; + PACKET tmp = *pkt; + if (!PACKET_get_net_3(&tmp, &length) || + !PACKET_get_bytes(&tmp, &data, (size_t)length)) { + return 0; + } - *pkt = tmp; - subpkt->curr = data; - subpkt->remaining = length; + *pkt = tmp; + subpkt->curr = data; + subpkt->remaining = length; - return 1; + return 1; } # ifdef __cplusplus } # endif -#endif /* HEADER_PACKET_LOCL_H */ +#endif /* HEADER_PACKET_LOCL_H */