X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fpacket.c;h=3479f1fed8b2a0d4421aef199455d425411fa16b;hp=4823b16a6e3157b8dbda5b9cecb06d38570699db;hb=604c853d453282a3ef4d7d1ed8cbae57097c3813;hpb=9bf85bf9c52359813b5f9f6709b381497671d625 diff --git a/ssl/packet.c b/ssl/packet.c index 4823b16a6e..3479f1fed8 100644 --- a/ssl/packet.c +++ b/ssl/packet.c @@ -7,45 +7,74 @@ * https://www.openssl.org/source/license.html */ +#include #include "packet_locl.h" #define DEFAULT_BUF_SIZE 256 int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes) { - if (pkt->subs == NULL || len == 0) + if (!WPACKET_reserve_bytes(pkt, len, allocbytes)) return 0; - if (SIZE_MAX - pkt->written < len) + pkt->written += len; + pkt->curr += len; + return 1; +} + +int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len, + unsigned char **allocbytes, size_t lenbytes) +{ + if (!WPACKET_start_sub_packet_len__(pkt, lenbytes) + || !WPACKET_allocate_bytes(pkt, len, allocbytes) + || !WPACKET_close(pkt)) + return 0; + + return 1; +} + +#define GETBUF(p) (((p)->staticbuf != NULL) \ + ? (p)->staticbuf : (unsigned char *)(p)->buf->data) + +int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes) +{ + /* Internal API, so should not fail */ + assert(pkt->subs != NULL && len != 0); + if (pkt->subs == NULL || len == 0) return 0; - if (pkt->written + len > pkt->maxsize) + if (pkt->maxsize - pkt->written < len) return 0; - if (pkt->buf->length - pkt->written < len) { + if (pkt->staticbuf == NULL && (pkt->buf->length - pkt->written < len)) { size_t newlen; + size_t reflen; + + reflen = (len > pkt->buf->length) ? len : pkt->buf->length; - if (pkt->buf->length > SIZE_MAX / 2) { + if (reflen > SIZE_MAX / 2) { newlen = SIZE_MAX; } else { - if (pkt->buf->length == 0) + newlen = reflen * 2; + if (newlen < DEFAULT_BUF_SIZE) newlen = DEFAULT_BUF_SIZE; - else - newlen = pkt->buf->length * 2; } if (BUF_MEM_grow(pkt->buf, newlen) == 0) return 0; - if (pkt->curr == NULL) { - /* - * Can happen if initialised with a BUF_MEM that hasn't been - * pre-allocated. - */ - pkt->curr = (unsigned char *)pkt->buf->data; - } } - pkt->written += len; - *allocbytes = pkt->curr; - pkt->curr += len; + if (allocbytes != NULL) + *allocbytes = WPACKET_get_curr(pkt); + + return 1; +} + +int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len, + unsigned char **allocbytes, size_t lenbytes) +{ + if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes)) + return 0; + + *allocbytes += lenbytes; return 1; } @@ -54,20 +83,16 @@ static size_t maxmaxsize(size_t lenbytes) { if (lenbytes >= sizeof(size_t) || lenbytes == 0) return SIZE_MAX; - else - return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes; + + return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes; } -int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes) +static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes) { - /* Sanity check */ - if (buf == NULL) - return 0; + unsigned char *lenchars; - pkt->buf = buf; - pkt->curr = (unsigned char *)buf->data; + pkt->curr = 0; pkt->written = 0; - pkt->maxsize = maxmaxsize(lenbytes); pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs)); if (pkt->subs == NULL) @@ -79,41 +104,56 @@ int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes) pkt->subs->pwritten = lenbytes; pkt->subs->lenbytes = lenbytes; - if (!WPACKET_allocate_bytes(pkt, lenbytes, &(pkt->subs->packet_len))) { + if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) { OPENSSL_free(pkt->subs); pkt->subs = NULL; return 0; } + pkt->subs->packet_len = lenchars - GETBUF(pkt); return 1; } -int WPACKET_init(WPACKET *pkt, BUF_MEM *buf) +int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len, + size_t lenbytes) { - return WPACKET_init_len(pkt, buf, 0); + size_t max = maxmaxsize(lenbytes); + + /* Internal API, so should not fail */ + assert(buf != NULL && len > 0); + if (buf == NULL || len == 0) + return 0; + + pkt->staticbuf = buf; + pkt->buf = NULL; + pkt->maxsize = (max < len) ? max : len; + + return wpacket_intern_init_len(pkt, lenbytes); } -int WPACKET_set_packet_len(WPACKET *pkt, unsigned char *packet_len, - size_t lenbytes) +int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes) { - size_t maxmax; - - /* We only allow this to be set once */ - if (pkt->subs == NULL || pkt->subs->lenbytes != 0) + /* Internal API, so should not fail */ + assert(buf != NULL); + if (buf == NULL) return 0; - pkt->subs->lenbytes = lenbytes; - pkt->subs->packet_len = packet_len; + pkt->staticbuf = NULL; + pkt->buf = buf; + pkt->maxsize = maxmaxsize(lenbytes); - maxmax = maxmaxsize(lenbytes); - if (pkt->maxsize > maxmax) - pkt->maxsize = maxmax; + return wpacket_intern_init_len(pkt, lenbytes); +} - return 1; +int WPACKET_init(WPACKET *pkt, BUF_MEM *buf) +{ + return WPACKET_init_len(pkt, buf, 0); } int WPACKET_set_flags(WPACKET *pkt, unsigned int flags) { + /* Internal API, so should not fail */ + assert(pkt->subs != NULL); if (pkt->subs == NULL) return 0; @@ -122,23 +162,43 @@ int WPACKET_set_flags(WPACKET *pkt, unsigned int flags) return 1; } +/* Store the |value| of length |len| at location |data| */ +static int put_value(unsigned char *data, size_t value, size_t len) +{ + for (data += len - 1; len > 0; len--) { + *data = (unsigned char)(value & 0xff); + data--; + value >>= 8; + } + + /* Check whether we could fit the value in the assigned number of bytes */ + if (value > 0) + return 0; + + return 1; +} + /* - * Internal helper function used by WPACKET_close() and WPACKET_finish() to - * close a sub-packet and write out its length if necessary. + * Internal helper function used by WPACKET_close(), WPACKET_finish() and + * WPACKET_fill_lengths() to close a sub-packet and write out its length if + * necessary. If |doclose| is 0 then it goes through the motions of closing + * (i.e. it fills in all the lengths), but doesn't actually close anything. */ -static int wpacket_intern_close(WPACKET *pkt) +static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose) { - size_t packlen; - WPACKET_SUB *sub = pkt->subs; + size_t packlen = pkt->written - sub->pwritten; - packlen = pkt->written - sub->pwritten; if (packlen == 0 - && sub->flags & OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH) + && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0) return 0; if (packlen == 0 - && sub->flags & OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) { + && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) { + /* We can't handle this case. Return an error */ + if (!doclose) + return 0; + /* Deallocate any bytes allocated for the length of the WPACKET */ if ((pkt->curr - sub->lenbytes) == sub->packet_len) { pkt->written -= sub->lenbytes; @@ -146,62 +206,79 @@ static int wpacket_intern_close(WPACKET *pkt) } /* Don't write out the packet length */ - sub->packet_len = NULL; + sub->packet_len = 0; + sub->lenbytes = 0; } /* Write out the WPACKET length if needed */ - if (sub->packet_len != NULL) { - size_t lenbytes; + if (sub->lenbytes > 0 + && !put_value(&GETBUF(pkt)[sub->packet_len], packlen, + sub->lenbytes)) + return 0; - lenbytes = sub->lenbytes; + if (doclose) { + pkt->subs = sub->parent; + OPENSSL_free(sub); + } - for (; lenbytes > 0; lenbytes--) { - sub->packet_len[lenbytes - 1] - = (unsigned char)(packlen & 0xff); - packlen >>= 8; - } - if (packlen > 0) { - /* - * We've extended beyond the max allowed for the number of len bytes - */ + return 1; +} + +int WPACKET_fill_lengths(WPACKET *pkt) +{ + WPACKET_SUB *sub; + + assert(pkt->subs != NULL); + if (pkt->subs == NULL) + return 0; + + for (sub = pkt->subs; sub != NULL; sub = sub->parent) { + if (!wpacket_intern_close(pkt, sub, 0)) return 0; - } } - pkt->subs = sub->parent; - OPENSSL_free(sub); - return 1; } int WPACKET_close(WPACKET *pkt) { + /* + * Internal API, so should not fail - but we do negative testing of this + * so no assert (otherwise the tests fail) + */ if (pkt->subs == NULL || pkt->subs->parent == NULL) return 0; - return wpacket_intern_close(pkt); + return wpacket_intern_close(pkt, pkt->subs, 1); } int WPACKET_finish(WPACKET *pkt) { int ret; + /* + * Internal API, so should not fail - but we do negative testing of this + * so no assert (otherwise the tests fail) + */ if (pkt->subs == NULL || pkt->subs->parent != NULL) return 0; - ret = wpacket_intern_close(pkt); - + ret = wpacket_intern_close(pkt, pkt->subs, 1); if (ret) { OPENSSL_free(pkt->subs); pkt->subs = NULL; } + return ret; } -int WPACKET_start_sub_packet_len(WPACKET *pkt, size_t lenbytes) +int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes) { WPACKET_SUB *sub; + unsigned char *lenchars; + /* Internal API, so should not fail */ + assert(pkt->subs != NULL); if (pkt->subs == NULL) return 0; @@ -215,39 +292,33 @@ int WPACKET_start_sub_packet_len(WPACKET *pkt, size_t lenbytes) sub->lenbytes = lenbytes; if (lenbytes == 0) { - sub->packet_len = NULL; + sub->packet_len = 0; return 1; } - if (!WPACKET_allocate_bytes(pkt, lenbytes, &sub->packet_len)) { + if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) return 0; - } + /* Convert to an offset in case the underlying BUF_MEM gets realloc'd */ + sub->packet_len = lenchars - GETBUF(pkt); return 1; } int WPACKET_start_sub_packet(WPACKET *pkt) { - return WPACKET_start_sub_packet_len(pkt, 0); + return WPACKET_start_sub_packet_len__(pkt, 0); } -int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes) +int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t size) { unsigned char *data; - if (bytes > sizeof(unsigned int) - || !WPACKET_allocate_bytes(pkt, bytes, &data)) - return 0; + /* Internal API, so should not fail */ + assert(size <= sizeof(unsigned int)); - data += bytes - 1; - for (; bytes > 0; bytes--) { - *data = (unsigned char)(val & 0xff); - data--; - val >>= 8; - } - - /* Check whether we could fit the value in the assigned number of bytes */ - if (val > 0) + if (size > sizeof(unsigned int) + || !WPACKET_allocate_bytes(pkt, size, &data) + || !put_value(data, val, size)) return 0; return 1; @@ -258,11 +329,14 @@ int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize) WPACKET_SUB *sub; size_t lenbytes; + /* Internal API, so should not fail */ + assert(pkt->subs != NULL); if (pkt->subs == NULL) return 0; /* Find the WPACKET_SUB for the top level */ - for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent); + for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent) + continue; lenbytes = sub->lenbytes; if (lenbytes == 0) @@ -291,9 +365,10 @@ int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len) return 1; } -int WPACKET_sub_memcpy(WPACKET *pkt, const void *src, size_t len, size_t lenbytes) +int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len, + size_t lenbytes) { - if (!WPACKET_start_sub_packet_len(pkt, lenbytes) + if (!WPACKET_start_sub_packet_len__(pkt, lenbytes) || !WPACKET_memcpy(pkt, src, len) || !WPACKET_close(pkt)) return 0; @@ -303,6 +378,8 @@ int WPACKET_sub_memcpy(WPACKET *pkt, const void *src, size_t len, size_t lenbyte int WPACKET_get_total_written(WPACKET *pkt, size_t *written) { + /* Internal API, so should not fail */ + assert(written != NULL); if (written == NULL) return 0; @@ -313,6 +390,8 @@ int WPACKET_get_total_written(WPACKET *pkt, size_t *written) int WPACKET_get_length(WPACKET *pkt, size_t *len) { + /* Internal API, so should not fail */ + assert(pkt->subs != NULL && len != NULL); if (pkt->subs == NULL || len == NULL) return 0; @@ -321,6 +400,11 @@ int WPACKET_get_length(WPACKET *pkt, size_t *len) return 1; } +unsigned char *WPACKET_get_curr(WPACKET *pkt) +{ + return GETBUF(pkt) + pkt->curr; +} + void WPACKET_cleanup(WPACKET *pkt) { WPACKET_SUB *sub, *parent;