summaryrefslogtreecommitdiffstats
path: root/crypto/openssh/buffer.c
diff options
context:
space:
mode:
authordes <des@FreeBSD.org>2016-01-19 16:18:26 +0000
committerdes <des@FreeBSD.org>2016-01-19 16:18:26 +0000
commit14172c52f89fa504003826ed2e4e2c0ac246505d (patch)
treebc48bd740145eea64393ed391fc1d972c83f991c /crypto/openssh/buffer.c
parent456370e53073cd38d0ddc4001283f1c131d1428e (diff)
parent64c731d52472fb486558425128009691392e0bef (diff)
downloadFreeBSD-src-14172c52f89fa504003826ed2e4e2c0ac246505d.zip
FreeBSD-src-14172c52f89fa504003826ed2e4e2c0ac246505d.tar.gz
Upgrade to OpenSSH 6.7p1, retaining libwrap support (which has been removed
upstream) and a number of security fixes which we had already backported. MFC after: 1 week
Diffstat (limited to 'crypto/openssh/buffer.c')
-rw-r--r--crypto/openssh/buffer.c245
1 files changed, 55 insertions, 190 deletions
diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c
index 5c05a75..fcf2901 100644
--- a/crypto/openssh/buffer.c
+++ b/crypto/openssh/buffer.c
@@ -1,254 +1,119 @@
-/* $OpenBSD: buffer.c,v 1.35 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: buffer.c,v 1.36 2014/04/30 05:29:56 djm Exp $ */
+
/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- * Functions for manipulating fifo buffers (that can grow if needed).
+ * Copyright (c) 2012 Damien Miller <djm@mindrot.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
*
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+/* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */
+
#include "includes.h"
__RCSID("$FreeBSD$");
-#include <sys/param.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <stdarg.h>
-#include <stdlib.h>
+#include <sys/types.h>
-#include "xmalloc.h"
#include "buffer.h"
#include "log.h"
-
-#define BUFFER_MAX_CHUNK 0x100000
-#define BUFFER_MAX_LEN 0xa00000
-#define BUFFER_ALLOCSZ 0x008000
-
-/* Initializes the buffer structure. */
-
-void
-buffer_init(Buffer *buffer)
-{
- const u_int len = 4096;
-
- buffer->alloc = 0;
- buffer->buf = xmalloc(len);
- buffer->alloc = len;
- buffer->offset = 0;
- buffer->end = 0;
-}
-
-/* Frees any memory used for the buffer. */
-
-void
-buffer_free(Buffer *buffer)
-{
- if (buffer->alloc > 0) {
- explicit_bzero(buffer->buf, buffer->alloc);
- buffer->alloc = 0;
- free(buffer->buf);
- }
-}
-
-/*
- * Clears any data from the buffer, making it empty. This does not actually
- * zero the memory.
- */
-
-void
-buffer_clear(Buffer *buffer)
-{
- buffer->offset = 0;
- buffer->end = 0;
-}
-
-/* Appends data to the buffer, expanding it if necessary. */
+#include "ssherr.h"
void
buffer_append(Buffer *buffer, const void *data, u_int len)
{
- void *p;
- p = buffer_append_space(buffer, len);
- memcpy(p, data, len);
-}
+ int ret;
-static int
-buffer_compact(Buffer *buffer)
-{
- /*
- * If the buffer is quite empty, but all data is at the end, move the
- * data to the beginning.
- */
- if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) {
- memmove(buffer->buf, buffer->buf + buffer->offset,
- buffer->end - buffer->offset);
- buffer->end -= buffer->offset;
- buffer->offset = 0;
- return (1);
- }
- return (0);
+ if ((ret = sshbuf_put(buffer, data, len)) != 0)
+ fatal("%s: %s", __func__, ssh_err(ret));
}
-/*
- * Appends space to the buffer, expanding the buffer if necessary. This does
- * not actually copy the data into the buffer, but instead returns a pointer
- * to the allocated region.
- */
-
void *
buffer_append_space(Buffer *buffer, u_int len)
{
- u_int newlen;
- void *p;
+ int ret;
+ u_char *p;
- if (len > BUFFER_MAX_CHUNK)
- fatal("buffer_append_space: len %u not supported", len);
-
- /* If the buffer is empty, start using it from the beginning. */
- if (buffer->offset == buffer->end) {
- buffer->offset = 0;
- buffer->end = 0;
- }
-restart:
- /* If there is enough space to store all data, store it now. */
- if (buffer->end + len < buffer->alloc) {
- p = buffer->buf + buffer->end;
- buffer->end += len;
- return p;
- }
-
- /* Compact data back to the start of the buffer if necessary */
- if (buffer_compact(buffer))
- goto restart;
-
- /* Increase the size of the buffer and retry. */
- newlen = roundup(buffer->alloc + len, BUFFER_ALLOCSZ);
- if (newlen > BUFFER_MAX_LEN)
- fatal("buffer_append_space: alloc %u not supported",
- newlen);
- buffer->buf = xrealloc(buffer->buf, 1, newlen);
- buffer->alloc = newlen;
- goto restart;
- /* NOTREACHED */
+ if ((ret = sshbuf_reserve(buffer, len, &p)) != 0)
+ fatal("%s: %s", __func__, ssh_err(ret));
+ return p;
}
-/*
- * Check whether an allocation of 'len' will fit in the buffer
- * This must follow the same math as buffer_append_space
- */
int
buffer_check_alloc(Buffer *buffer, u_int len)
{
- if (buffer->offset == buffer->end) {
- buffer->offset = 0;
- buffer->end = 0;
- }
- restart:
- if (buffer->end + len < buffer->alloc)
- return (1);
- if (buffer_compact(buffer))
- goto restart;
- if (roundup(buffer->alloc + len, BUFFER_ALLOCSZ) <= BUFFER_MAX_LEN)
- return (1);
- return (0);
-}
-
-/* Returns the number of bytes of data in the buffer. */
+ int ret = sshbuf_check_reserve(buffer, len);
-u_int
-buffer_len(const Buffer *buffer)
-{
- return buffer->end - buffer->offset;
+ if (ret == 0)
+ return 1;
+ if (ret == SSH_ERR_NO_BUFFER_SPACE)
+ return 0;
+ fatal("%s: %s", __func__, ssh_err(ret));
}
-/* Gets data from the beginning of the buffer. */
-
int
buffer_get_ret(Buffer *buffer, void *buf, u_int len)
{
- if (len > buffer->end - buffer->offset) {
- error("buffer_get_ret: trying to get more bytes %d than in buffer %d",
- len, buffer->end - buffer->offset);
- return (-1);
+ int ret;
+
+ if ((ret = sshbuf_get(buffer, buf, len)) != 0) {
+ error("%s: %s", __func__, ssh_err(ret));
+ return -1;
}
- memcpy(buf, buffer->buf + buffer->offset, len);
- buffer->offset += len;
- return (0);
+ return 0;
}
void
buffer_get(Buffer *buffer, void *buf, u_int len)
{
if (buffer_get_ret(buffer, buf, len) == -1)
- fatal("buffer_get: buffer error");
+ fatal("%s: buffer error", __func__);
}
-/* Consumes the given number of bytes from the beginning of the buffer. */
-
int
buffer_consume_ret(Buffer *buffer, u_int bytes)
{
- if (bytes > buffer->end - buffer->offset) {
- error("buffer_consume_ret: trying to get more bytes than in buffer");
- return (-1);
- }
- buffer->offset += bytes;
- return (0);
+ int ret = sshbuf_consume(buffer, bytes);
+
+ if (ret == 0)
+ return 0;
+ if (ret == SSH_ERR_MESSAGE_INCOMPLETE)
+ return -1;
+ fatal("%s: %s", __func__, ssh_err(ret));
}
void
buffer_consume(Buffer *buffer, u_int bytes)
{
if (buffer_consume_ret(buffer, bytes) == -1)
- fatal("buffer_consume: buffer error");
+ fatal("%s: buffer error", __func__);
}
-/* Consumes the given number of bytes from the end of the buffer. */
-
int
buffer_consume_end_ret(Buffer *buffer, u_int bytes)
{
- if (bytes > buffer->end - buffer->offset)
- return (-1);
- buffer->end -= bytes;
- return (0);
+ int ret = sshbuf_consume_end(buffer, bytes);
+
+ if (ret == 0)
+ return 0;
+ if (ret == SSH_ERR_MESSAGE_INCOMPLETE)
+ return -1;
+ fatal("%s: %s", __func__, ssh_err(ret));
}
void
buffer_consume_end(Buffer *buffer, u_int bytes)
{
if (buffer_consume_end_ret(buffer, bytes) == -1)
- fatal("buffer_consume_end: trying to get more bytes than in buffer");
-}
-
-/* Returns a pointer to the first used byte in the buffer. */
-
-void *
-buffer_ptr(const Buffer *buffer)
-{
- return buffer->buf + buffer->offset;
+ fatal("%s: buffer error", __func__);
}
-/* Dumps the contents of the buffer to stderr. */
-void
-buffer_dump(const Buffer *buffer)
-{
- u_int i;
- u_char *ucp = buffer->buf;
-
- for (i = buffer->offset; i < buffer->end; i++) {
- fprintf(stderr, "%02x", ucp[i]);
- if ((i-buffer->offset)%16==15)
- fprintf(stderr, "\r\n");
- else if ((i-buffer->offset)%2==1)
- fprintf(stderr, " ");
- }
- fprintf(stderr, "\r\n");
-}
OpenPOWER on IntegriCloud