X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fpacket.c;h=87473fbbce9fdb44ccf60929d2b4792b539b8aa1;hp=d984938b6d08ea3171a56d9267ce1cc65d8f639e;hb=0247086d9a0713e18a0f16949039a40fdb63ff7e;hpb=de451856f08364ad6c6659b6eacbe820edc2aab9 diff --git a/ssl/packet.c b/ssl/packet.c index d984938b6d..87473fbbce 100644 --- a/ssl/packet.c +++ b/ssl/packet.c @@ -7,33 +7,74 @@ * https://www.openssl.org/source/license.html */ +#include #include "packet_locl.h" #define DEFAULT_BUF_SIZE 256 int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes) { + if (!WPACKET_reserve_bytes(pkt, len, allocbytes)) + return 0; + + pkt->written += len; + pkt->curr += len; + return 1; +} + +int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len, + unsigned char **allocbytes, size_t lenbytes) +{ + if (!WPACKET_start_sub_packet_len__(pkt, lenbytes) + || !WPACKET_allocate_bytes(pkt, len, allocbytes) + || !WPACKET_close(pkt)) + return 0; + + return 1; +} + +#define GETBUF(p) (((p)->staticbuf != NULL) \ + ? (p)->staticbuf : (unsigned char *)(p)->buf->data) + +int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes) +{ + /* Internal API, so should not fail */ + assert(pkt->subs != NULL && len != 0); if (pkt->subs == NULL || len == 0) return 0; if (pkt->maxsize - pkt->written < len) return 0; - if (pkt->buf->length - pkt->written < len) { + if (pkt->staticbuf == NULL && (pkt->buf->length - pkt->written < len)) { size_t newlen; + size_t reflen; + + reflen = (len > pkt->buf->length) ? len : pkt->buf->length; - if (pkt->buf->length > SIZE_MAX / 2) { + if (reflen > SIZE_MAX / 2) { newlen = SIZE_MAX; } else { - newlen = (pkt->buf->length == 0) ? DEFAULT_BUF_SIZE - : pkt->buf->length * 2; + newlen = reflen * 2; + if (newlen < DEFAULT_BUF_SIZE) + newlen = DEFAULT_BUF_SIZE; } if (BUF_MEM_grow(pkt->buf, newlen) == 0) return 0; } - pkt->written += len; - *allocbytes = (unsigned char *)pkt->buf->data + pkt->curr; - pkt->curr += len; + if (allocbytes != NULL) + *allocbytes = WPACKET_get_curr(pkt); + + return 1; +} + +int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len, + unsigned char **allocbytes, size_t lenbytes) +{ + if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes)) + return 0; + + *allocbytes += lenbytes; return 1; } @@ -42,22 +83,16 @@ static size_t maxmaxsize(size_t lenbytes) { if (lenbytes >= sizeof(size_t) || lenbytes == 0) return SIZE_MAX; - else - return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes; + + return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes; } -int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes) +static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes) { unsigned char *lenchars; - /* Sanity check */ - if (buf == NULL) - return 0; - - pkt->buf = buf; pkt->curr = 0; pkt->written = 0; - pkt->maxsize = maxmaxsize(lenbytes); pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs)); if (pkt->subs == NULL) @@ -74,11 +109,42 @@ int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes) pkt->subs = NULL; return 0; } - pkt->subs->packet_len = lenchars - (unsigned char *)pkt->buf->data; + pkt->subs->packet_len = lenchars - GETBUF(pkt); return 1; } +int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len, + size_t lenbytes) +{ + size_t max = maxmaxsize(lenbytes); + + /* Internal API, so should not fail */ + assert(buf != NULL && len > 0); + if (buf == NULL || len == 0) + return 0; + + pkt->staticbuf = buf; + pkt->buf = NULL; + pkt->maxsize = (max < len) ? max : len; + + return wpacket_intern_init_len(pkt, lenbytes); +} + +int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes) +{ + /* Internal API, so should not fail */ + assert(buf != NULL); + if (buf == NULL) + return 0; + + pkt->staticbuf = NULL; + pkt->buf = buf; + pkt->maxsize = maxmaxsize(lenbytes); + + return wpacket_intern_init_len(pkt, lenbytes); +} + int WPACKET_init(WPACKET *pkt, BUF_MEM *buf) { return WPACKET_init_len(pkt, buf, 0); @@ -86,6 +152,8 @@ int WPACKET_init(WPACKET *pkt, BUF_MEM *buf) int WPACKET_set_flags(WPACKET *pkt, unsigned int flags) { + /* Internal API, so should not fail */ + assert(pkt->subs != NULL); if (pkt->subs == NULL) return 0; @@ -94,22 +162,43 @@ int WPACKET_set_flags(WPACKET *pkt, unsigned int flags) return 1; } +/* Store the |value| of length |len| at location |data| */ +static int put_value(unsigned char *data, size_t value, size_t len) +{ + for (data += len - 1; len > 0; len--) { + *data = (unsigned char)(value & 0xff); + data--; + value >>= 8; + } + + /* Check whether we could fit the value in the assigned number of bytes */ + if (value > 0) + return 0; + + return 1; +} + /* - * Internal helper function used by WPACKET_close() and WPACKET_finish() to - * close a sub-packet and write out its length if necessary. + * Internal helper function used by WPACKET_close(), WPACKET_finish() and + * WPACKET_fill_lengths() to close a sub-packet and write out its length if + * necessary. If |doclose| is 0 then it goes through the motions of closing + * (i.e. it fills in all the lengths), but doesn't actually close anything. */ -static int wpacket_intern_close(WPACKET *pkt) +static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose) { - WPACKET_SUB *sub = pkt->subs; size_t packlen = pkt->written - sub->pwritten; if (packlen == 0 - && sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) + && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0) return 0; if (packlen == 0 && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) { + /* We can't handle this case. Return an error */ + if (!doclose) + return 0; + /* Deallocate any bytes allocated for the length of the WPACKET */ if ((pkt->curr - sub->lenbytes) == sub->packet_len) { pkt->written -= sub->lenbytes; @@ -122,44 +211,61 @@ static int wpacket_intern_close(WPACKET *pkt) } /* Write out the WPACKET length if needed */ - if (sub->lenbytes > 0) { - size_t lenbytes; - - for (lenbytes = sub->lenbytes; lenbytes > 0; lenbytes--) { - pkt->buf->data[sub->packet_len + lenbytes - 1] - = (unsigned char)(packlen & 0xff); - packlen >>= 8; - } - if (packlen > 0) { - /* - * We've extended beyond the max allowed for the number of len bytes - */ + if (sub->lenbytes > 0 + && !put_value(&GETBUF(pkt)[sub->packet_len], packlen, + sub->lenbytes)) return 0; - } + + if (doclose) { + pkt->subs = sub->parent; + OPENSSL_free(sub); } - pkt->subs = sub->parent; - OPENSSL_free(sub); + return 1; +} + +int WPACKET_fill_lengths(WPACKET *pkt) +{ + WPACKET_SUB *sub; + + assert(pkt->subs != NULL); + if (pkt->subs == NULL) + return 0; + + sub = pkt->subs; + do { + if (!wpacket_intern_close(pkt, sub, 0)) + return 0; + sub = sub->parent; + } while (sub != NULL); return 1; } int WPACKET_close(WPACKET *pkt) { + /* + * Internal API, so should not fail - but we do negative testing of this + * so no assert (otherwise the tests fail) + */ if (pkt->subs == NULL || pkt->subs->parent == NULL) return 0; - return wpacket_intern_close(pkt); + return wpacket_intern_close(pkt, pkt->subs, 1); } int WPACKET_finish(WPACKET *pkt) { int ret; + /* + * Internal API, so should not fail - but we do negative testing of this + * so no assert (otherwise the tests fail) + */ if (pkt->subs == NULL || pkt->subs->parent != NULL) return 0; - ret = wpacket_intern_close(pkt); + ret = wpacket_intern_close(pkt, pkt->subs, 1); if (ret) { OPENSSL_free(pkt->subs); pkt->subs = NULL; @@ -168,11 +274,13 @@ int WPACKET_finish(WPACKET *pkt) return ret; } -int WPACKET_start_sub_packet_len(WPACKET *pkt, size_t lenbytes) +int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes) { WPACKET_SUB *sub; unsigned char *lenchars; + /* Internal API, so should not fail */ + assert(pkt->subs != NULL); if (pkt->subs == NULL) return 0; @@ -192,32 +300,27 @@ int WPACKET_start_sub_packet_len(WPACKET *pkt, size_t lenbytes) if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) return 0; - sub->packet_len = lenchars - (unsigned char *)pkt->buf->data; + /* Convert to an offset in case the underlying BUF_MEM gets realloc'd */ + sub->packet_len = lenchars - GETBUF(pkt); return 1; } int WPACKET_start_sub_packet(WPACKET *pkt) { - return WPACKET_start_sub_packet_len(pkt, 0); + return WPACKET_start_sub_packet_len__(pkt, 0); } -int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t size) +int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t size) { unsigned char *data; - if (size > sizeof(unsigned int) - || !WPACKET_allocate_bytes(pkt, size, &data)) - return 0; - - for (data += size - 1; size > 0; size--) { - *data = (unsigned char)(val & 0xff); - data--; - val >>= 8; - } + /* Internal API, so should not fail */ + assert(size <= sizeof(unsigned int)); - /* Check whether we could fit the value in the assigned number of bytes */ - if (val > 0) + if (size > sizeof(unsigned int) + || !WPACKET_allocate_bytes(pkt, size, &data) + || !put_value(data, val, size)) return 0; return 1; @@ -228,6 +331,8 @@ int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize) WPACKET_SUB *sub; size_t lenbytes; + /* Internal API, so should not fail */ + assert(pkt->subs != NULL); if (pkt->subs == NULL) return 0; @@ -262,9 +367,10 @@ int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len) return 1; } -int WPACKET_sub_memcpy(WPACKET *pkt, const void *src, size_t len, size_t lenbytes) +int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len, + size_t lenbytes) { - if (!WPACKET_start_sub_packet_len(pkt, lenbytes) + if (!WPACKET_start_sub_packet_len__(pkt, lenbytes) || !WPACKET_memcpy(pkt, src, len) || !WPACKET_close(pkt)) return 0; @@ -274,6 +380,8 @@ int WPACKET_sub_memcpy(WPACKET *pkt, const void *src, size_t len, size_t lenbyte int WPACKET_get_total_written(WPACKET *pkt, size_t *written) { + /* Internal API, so should not fail */ + assert(written != NULL); if (written == NULL) return 0; @@ -284,6 +392,8 @@ int WPACKET_get_total_written(WPACKET *pkt, size_t *written) int WPACKET_get_length(WPACKET *pkt, size_t *len) { + /* Internal API, so should not fail */ + assert(pkt->subs != NULL && len != NULL); if (pkt->subs == NULL || len == NULL) return 0; @@ -292,6 +402,11 @@ int WPACKET_get_length(WPACKET *pkt, size_t *len) return 1; } +unsigned char *WPACKET_get_curr(WPACKET *pkt) +{ + return GETBUF(pkt) + pkt->curr; +} + void WPACKET_cleanup(WPACKET *pkt) { WPACKET_SUB *sub, *parent;