diff options
author | Greg Hudson <ghudson@mit.edu> | 2014-05-05 00:05:54 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2014-05-17 18:45:28 -0400 |
commit | 1263ed281d1f50b97399137b90344a75e991129c (patch) | |
tree | feb4727ef0c420e2b5438ba838310625421410f5 /src/include | |
parent | ccd989bdc2656b153bc226462e0c13800810ae04 (diff) | |
download | krb5-1263ed281d1f50b97399137b90344a75e991129c.zip krb5-1263ed281d1f50b97399137b90344a75e991129c.tar.gz krb5-1263ed281d1f50b97399137b90344a75e991129c.tar.bz2 |
Add k5-input.h
Add a header containing a declaration for struct k5input and static
inline functions to use it. A k5input structure can be used to safely
extract bytes and integers from a fixed-sized input buffer without
overrunning the buffer. It supports deferred error checking (similar
to k5buf) by returning dummy values and storing a status value in the
input structure.
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/k5-input.h | 143 |
1 files changed, 143 insertions, 0 deletions
diff --git a/src/include/k5-input.h b/src/include/k5-input.h new file mode 100644 index 0000000..d42ebce --- /dev/null +++ b/src/include/k5-input.h @@ -0,0 +1,143 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* include/k5-input.h - k5input helper functions */ +/* + * Copyright (C) 2014 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef K5_INPUT_H +#define K5_INPUT_H + +#include "k5-int.h" + +/* + * The k5input module defines helpers for safely consuming a fixed-sized block + * of memory. If an overrun or allocation failure occurs at any step, + * subsequent functions will return default values until the error is detected + * by looking at the status field. + */ + +struct k5input { + const unsigned char *ptr; + size_t len; + krb5_error_code status; +}; + +static inline void +k5_input_init(struct k5input *in, const void *ptr, size_t len) +{ + in->ptr = ptr; + in->len = len; + in->status = 0; +} + +/* Only set the status value of in if it hasn't already been set, so status + * reflects the first thing to go wrong. */ +static inline void +k5_input_set_status(struct k5input *in, krb5_error_code status) +{ + if (!in->status) + in->status = status; +} + +static inline const unsigned char * +k5_input_get_bytes(struct k5input *in, size_t len) +{ + if (in->len < len) + k5_input_set_status(in, EINVAL); + if (in->status) + return NULL; + in->len -= len; + in->ptr += len; + return in->ptr - len; +} + +static inline unsigned char +k5_input_get_byte(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 1); + return (ptr == NULL) ? '\0' : *ptr; +} + +static inline uint16_t +k5_input_get_uint16_be(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 2); + return (ptr == NULL) ? 0 : load_16_be(ptr); +} + +static inline uint16_t +k5_input_get_uint16_le(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 2); + return (ptr == NULL) ? 0 : load_16_le(ptr); +} + +static inline uint16_t +k5_input_get_uint16_n(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 2); + return (ptr == NULL) ? 0 : load_16_n(ptr); +} + +static inline uint32_t +k5_input_get_uint32_be(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 4); + return (ptr == NULL) ? 0 : load_32_be(ptr); +} + +static inline uint32_t +k5_input_get_uint32_le(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 4); + return (ptr == NULL) ? 0 : load_32_le(ptr); +} + +static inline uint32_t +k5_input_get_uint32_n(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 4); + return (ptr == NULL) ? 0 : load_32_n(ptr); +} + +static inline uint64_t +k5_input_get_uint64_be(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 8); + return (ptr == NULL) ? 0 : load_64_be(ptr); +} + +static inline uint64_t +k5_input_get_uint64_le(struct k5input *in) +{ + const unsigned char *ptr = k5_input_get_bytes(in, 8); + return (ptr == NULL) ? 0 : load_64_le(ptr); +} + +#endif /* K5_BUF_H */ |