1 /* $OpenBSD: sshbuf-getput-basic.c,v 1.7 2017/06/01 04:51:58 djm Exp $ */
3 * Copyright (c) 2011 Damien Miller
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 #define SSHBUF_INTERNAL
21 #include <sys/types.h>
33 sshbuf_get(struct sshbuf *buf, void *v, size_t len)
35 const u_char *p = sshbuf_ptr(buf);
38 if ((r = sshbuf_consume(buf, len)) < 0)
40 if (v != NULL && len != 0)
46 sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp)
48 const u_char *p = sshbuf_ptr(buf);
51 if ((r = sshbuf_consume(buf, 8)) < 0)
59 sshbuf_get_u32(struct sshbuf *buf, u_int32_t *valp)
61 const u_char *p = sshbuf_ptr(buf);
64 if ((r = sshbuf_consume(buf, 4)) < 0)
72 sshbuf_get_u16(struct sshbuf *buf, u_int16_t *valp)
74 const u_char *p = sshbuf_ptr(buf);
77 if ((r = sshbuf_consume(buf, 2)) < 0)
85 sshbuf_get_u8(struct sshbuf *buf, u_char *valp)
87 const u_char *p = sshbuf_ptr(buf);
90 if ((r = sshbuf_consume(buf, 1)) < 0)
98 sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp)
108 if ((r = sshbuf_get_string_direct(buf, &val, &len)) < 0)
111 if ((*valp = malloc(len + 1)) == NULL) {
112 SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
113 return SSH_ERR_ALLOC_FAIL;
116 memcpy(*valp, val, len);
125 sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp)
135 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) < 0)
141 if (sshbuf_consume(buf, len + 4) != 0) {
142 /* Shouldn't happen */
143 SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
145 return SSH_ERR_INTERNAL_ERROR;
151 sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp,
155 const u_char *p = sshbuf_ptr(buf);
161 if (sshbuf_len(buf) < 4) {
162 SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE"));
163 return SSH_ERR_MESSAGE_INCOMPLETE;
166 if (len > SSHBUF_SIZE_MAX - 4) {
167 SSHBUF_DBG(("SSH_ERR_STRING_TOO_LARGE"));
168 return SSH_ERR_STRING_TOO_LARGE;
170 if (sshbuf_len(buf) - 4 < len) {
171 SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE"));
172 return SSH_ERR_MESSAGE_INCOMPLETE;
182 sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp)
192 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0)
194 /* Allow a \0 only at the end of the string */
196 (z = memchr(p , '\0', len)) != NULL && z < p + len - 1) {
197 SSHBUF_DBG(("SSH_ERR_INVALID_FORMAT"));
198 return SSH_ERR_INVALID_FORMAT;
200 if ((r = sshbuf_skip_string(buf)) != 0)
203 if ((*valp = malloc(len + 1)) == NULL) {
204 SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
205 return SSH_ERR_ALLOC_FAIL;
208 memcpy(*valp, p, len);
217 sshbuf_get_stringb(struct sshbuf *buf, struct sshbuf *v)
224 * Use sshbuf_peek_string_direct() to figure out if there is
225 * a complete string in 'buf' and copy the string directly
228 if ((r = sshbuf_peek_string_direct(buf, NULL, NULL)) != 0 ||
229 (r = sshbuf_get_u32(buf, &len)) != 0 ||
230 (r = sshbuf_reserve(v, len, &p)) != 0 ||
231 (r = sshbuf_get(buf, p, len)) != 0)
237 sshbuf_put(struct sshbuf *buf, const void *v, size_t len)
242 if ((r = sshbuf_reserve(buf, len, &p)) < 0)
250 sshbuf_putb(struct sshbuf *buf, const struct sshbuf *v)
252 return sshbuf_put(buf, sshbuf_ptr(v), sshbuf_len(v));
256 sshbuf_putf(struct sshbuf *buf, const char *fmt, ...)
262 r = sshbuf_putfv(buf, fmt, ap);
268 sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap)
275 if ((len = vsnprintf(NULL, 0, fmt, ap2)) < 0) {
276 r = SSH_ERR_INVALID_ARGUMENT;
281 goto out; /* Nothing to do */
285 if ((r = sshbuf_reserve(buf, (size_t)len + 1, &p)) < 0)
287 if ((r = vsnprintf((char *)p, len + 1, fmt, ap2)) != len) {
288 r = SSH_ERR_INTERNAL_ERROR;
289 goto out; /* Shouldn't happen */
291 /* Consume terminating \0 */
292 if ((r = sshbuf_consume_end(buf, 1)) != 0)
301 sshbuf_put_u64(struct sshbuf *buf, u_int64_t val)
306 if ((r = sshbuf_reserve(buf, 8, &p)) < 0)
313 sshbuf_put_u32(struct sshbuf *buf, u_int32_t val)
318 if ((r = sshbuf_reserve(buf, 4, &p)) < 0)
325 sshbuf_put_u16(struct sshbuf *buf, u_int16_t val)
330 if ((r = sshbuf_reserve(buf, 2, &p)) < 0)
337 sshbuf_put_u8(struct sshbuf *buf, u_char val)
342 if ((r = sshbuf_reserve(buf, 1, &p)) < 0)
349 sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len)
354 if (len > SSHBUF_SIZE_MAX - 4) {
355 SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE"));
356 return SSH_ERR_NO_BUFFER_SPACE;
358 if ((r = sshbuf_reserve(buf, len + 4, &d)) < 0)
362 memcpy(d + 4, v, len);
367 sshbuf_put_cstring(struct sshbuf *buf, const char *v)
369 return sshbuf_put_string(buf, v, v == NULL ? 0 : strlen(v));
373 sshbuf_put_stringb(struct sshbuf *buf, const struct sshbuf *v)
375 return sshbuf_put_string(buf, sshbuf_ptr(v), sshbuf_len(v));
379 sshbuf_froms(struct sshbuf *buf, struct sshbuf **bufp)
386 if (buf == NULL || bufp == NULL)
387 return SSH_ERR_INVALID_ARGUMENT;
389 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) != 0)
391 if ((ret = sshbuf_from(p, len)) == NULL)
392 return SSH_ERR_ALLOC_FAIL;
393 if ((r = sshbuf_consume(buf, len + 4)) != 0 || /* Shouldn't happen */
394 (r = sshbuf_set_parent(ret, buf)) != 0) {
403 sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len)
406 const u_char *s = (const u_char *)v;
409 if (len > SSHBUF_SIZE_MAX - 5) {
410 SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE"));
411 return SSH_ERR_NO_BUFFER_SPACE;
413 /* Skip leading zero bytes */
414 for (; len > 0 && *s == 0; len--, s++)
417 * If most significant bit is set then prepend a zero byte to
418 * avoid interpretation as a negative number.
420 prepend = len > 0 && (s[0] & 0x80) != 0;
421 if ((r = sshbuf_reserve(buf, len + 4 + prepend, &d)) < 0)
423 POKE_U32(d, len + prepend);
427 memcpy(d + 4 + prepend, s, len);
432 sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
433 const u_char **valp, size_t *lenp)
439 if ((r = sshbuf_peek_string_direct(buf, &d, &olen)) < 0)
442 /* Refuse negative (MSB set) bignums */
443 if ((len != 0 && (*d & 0x80) != 0))
444 return SSH_ERR_BIGNUM_IS_NEGATIVE;
445 /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */
446 if (len > SSHBUF_MAX_BIGNUM + 1 ||
447 (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0))
448 return SSH_ERR_BIGNUM_TOO_LARGE;
449 /* Trim leading zeros */
450 while (len > 0 && *d == 0x00) {
458 if (sshbuf_consume(buf, olen + 4) != 0) {
459 /* Shouldn't happen */
460 SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
462 return SSH_ERR_INTERNAL_ERROR;
471 sshbuf_put_passwd(struct sshbuf *buf, const struct passwd *pwent)
476 * We never send pointer values of struct passwd.
477 * It is safe from wild pointer even if a new pointer member is added.
480 if ((r = sshbuf_put_u64(buf, sizeof(*pwent)) != 0) ||
481 (r = sshbuf_put_cstring(buf, pwent->pw_name)) != 0 ||
482 (r = sshbuf_put_cstring(buf, "*")) != 0 ||
483 (r = sshbuf_put_u32(buf, pwent->pw_uid)) != 0 ||
484 (r = sshbuf_put_u32(buf, pwent->pw_gid)) != 0 ||
485 #ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
486 (r = sshbuf_put_time(buf, pwent->pw_change)) != 0 ||
488 #ifdef HAVE_STRUCT_PASSWD_PW_GECOS
489 (r = sshbuf_put_cstring(buf, pwent->pw_gecos)) != 0 ||
491 #ifdef HAVE_STRUCT_PASSWD_PW_CLASS
492 (r = sshbuf_put_cstring(buf, pwent->pw_class)) != 0 ||
494 (r = sshbuf_put_cstring(buf, pwent->pw_dir)) != 0 ||
495 (r = sshbuf_put_cstring(buf, pwent->pw_shell)) != 0 ||
496 #ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
497 (r = sshbuf_put_time(buf, pwent->pw_expire)) != 0 ||
499 (r = sshbuf_put_u32(buf, pwent->pw_fields)) != 0) {
509 sshbuf_get_passwd(struct sshbuf *buf)
515 /* check if size of struct passwd is as same as sender's size */
516 r = sshbuf_get_u64(buf, &len);
517 if (r != 0 || len != sizeof(*pw))
520 pw = xcalloc(1, sizeof(*pw));
521 if (sshbuf_get_cstring(buf, &pw->pw_name, NULL) != 0 ||
522 sshbuf_get_cstring(buf, &pw->pw_passwd, NULL) != 0 ||
523 sshbuf_get_u32(buf, &pw->pw_uid) != 0 ||
524 sshbuf_get_u32(buf, &pw->pw_gid) != 0 ||
525 #ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
526 sshbuf_get_time(buf, &pw->pw_change) != 0 ||
528 #ifdef HAVE_STRUCT_PASSWD_PW_GECOS
529 sshbuf_get_cstring(buf, &pw->pw_gecos, NULL) != 0 ||
531 #ifdef HAVE_STRUCT_PASSWD_PW_CLASS
532 sshbuf_get_cstring(buf, &pw->pw_class, NULL) != 0 ||
534 sshbuf_get_cstring(buf, &pw->pw_dir, NULL) != 0 ||
535 sshbuf_get_cstring(buf, &pw->pw_shell, NULL) != 0 ||
536 #ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
537 sshbuf_get_time(buf, &pw->pw_expire) != 0 ||
539 sshbuf_get_u32(buf, &pw->pw_fields) != 0) {
540 sshbuf_free_passwd(pw);
547 * free struct passwd obtained from sshbuf_get_passwd.
550 sshbuf_free_passwd(struct passwd *pwent)
554 free(pwent->pw_shell);
556 #ifdef HAVE_STRUCT_PASSWD_PW_CLASS
557 free(pwent->pw_class);
559 #ifdef HAVE_STRUCT_PASSWD_PW_GECOS
560 free(pwent->pw_gecos);
562 free(pwent->pw_passwd);
563 free(pwent->pw_name);