upstream: revert previous; it was broken (spotted by Theo)

OpenBSD-Commit-ID: 457c79afaca2f89ec2606405c1059b98b30d8b0d
This commit is contained in:
djm@openbsd.org 2022-05-25 06:03:44 +00:00 committed by Damien Miller
parent 9e0d02ef7c
commit 9d8c80f8a3
4 changed files with 35 additions and 36 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshbuf-getput-basic.c,v 1.12 2022/05/25 00:31:13 djm Exp $ */ /* $OpenBSD: sshbuf-getput-basic.c,v 1.13 2022/05/25 06:03:44 djm Exp $ */
/* /*
* Copyright (c) 2011 Damien Miller * Copyright (c) 2011 Damien Miller
* *
@ -198,7 +198,7 @@ sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp)
return r; return r;
if (valp != NULL) { if (valp != NULL) {
if ((*valp = malloc(len + 1)) == NULL) { if ((*valp = malloc(len + 1)) == NULL) {
SSHBUF_DBG("SSH_ERR_ALLOC_FAIL"); SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
} }
if (len != 0) if (len != 0)
@ -229,7 +229,7 @@ sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp)
*lenp = len; *lenp = len;
if (sshbuf_consume(buf, len + 4) != 0) { if (sshbuf_consume(buf, len + 4) != 0) {
/* Shouldn't happen */ /* Shouldn't happen */
SSHBUF_DBG("SSH_ERR_INTERNAL_ERROR"); SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
SSHBUF_ABORT(); SSHBUF_ABORT();
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
} }
@ -248,16 +248,16 @@ sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp,
if (lenp != NULL) if (lenp != NULL)
*lenp = 0; *lenp = 0;
if (sshbuf_len(buf) < 4) { if (sshbuf_len(buf) < 4) {
SSHBUF_DBG("SSH_ERR_MESSAGE_INCOMPLETE"); SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE"));
return SSH_ERR_MESSAGE_INCOMPLETE; return SSH_ERR_MESSAGE_INCOMPLETE;
} }
len = PEEK_U32(p); len = PEEK_U32(p);
if (len > SSHBUF_SIZE_MAX - 4) { if (len > SSHBUF_SIZE_MAX - 4) {
SSHBUF_DBG("SSH_ERR_STRING_TOO_LARGE"); SSHBUF_DBG(("SSH_ERR_STRING_TOO_LARGE"));
return SSH_ERR_STRING_TOO_LARGE; return SSH_ERR_STRING_TOO_LARGE;
} }
if (sshbuf_len(buf) - 4 < len) { if (sshbuf_len(buf) - 4 < len) {
SSHBUF_DBG("SSH_ERR_MESSAGE_INCOMPLETE"); SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE"));
return SSH_ERR_MESSAGE_INCOMPLETE; return SSH_ERR_MESSAGE_INCOMPLETE;
} }
if (valp != NULL) if (valp != NULL)
@ -283,14 +283,14 @@ sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp)
/* Allow a \0 only at the end of the string */ /* Allow a \0 only at the end of the string */
if (len > 0 && if (len > 0 &&
(z = memchr(p , '\0', len)) != NULL && z < p + len - 1) { (z = memchr(p , '\0', len)) != NULL && z < p + len - 1) {
SSHBUF_DBG("SSH_ERR_INVALID_FORMAT"); SSHBUF_DBG(("SSH_ERR_INVALID_FORMAT"));
return SSH_ERR_INVALID_FORMAT; return SSH_ERR_INVALID_FORMAT;
} }
if ((r = sshbuf_skip_string(buf)) != 0) if ((r = sshbuf_skip_string(buf)) != 0)
return -1; return -1;
if (valp != NULL) { if (valp != NULL) {
if ((*valp = malloc(len + 1)) == NULL) { if ((*valp = malloc(len + 1)) == NULL) {
SSHBUF_DBG("SSH_ERR_ALLOC_FAIL"); SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
} }
if (len != 0) if (len != 0)
@ -517,7 +517,7 @@ sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len)
int r; int r;
if (len > SSHBUF_SIZE_MAX - 4) { if (len > SSHBUF_SIZE_MAX - 4) {
SSHBUF_DBG("SSH_ERR_NO_BUFFER_SPACE"); SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE"));
return SSH_ERR_NO_BUFFER_SPACE; return SSH_ERR_NO_BUFFER_SPACE;
} }
if ((r = sshbuf_reserve(buf, len + 4, &d)) < 0) if ((r = sshbuf_reserve(buf, len + 4, &d)) < 0)
@ -575,7 +575,7 @@ sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len)
int r, prepend; int r, prepend;
if (len > SSHBUF_SIZE_MAX - 5) { if (len > SSHBUF_SIZE_MAX - 5) {
SSHBUF_DBG("SSH_ERR_NO_BUFFER_SPACE"); SSHBUF_DBG(("SSH_ERR_NO_BUFFER_SPACE"));
return SSH_ERR_NO_BUFFER_SPACE; return SSH_ERR_NO_BUFFER_SPACE;
} }
/* Skip leading zero bytes */ /* Skip leading zero bytes */
@ -625,7 +625,7 @@ sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
*lenp = len; *lenp = len;
if (sshbuf_consume(buf, olen + 4) != 0) { if (sshbuf_consume(buf, olen + 4) != 0) {
/* Shouldn't happen */ /* Shouldn't happen */
SSHBUF_DBG("SSH_ERR_INTERNAL_ERROR"); SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
SSHBUF_ABORT(); SSHBUF_ABORT();
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
} }

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshbuf-getput-crypto.c,v 1.9 2022/05/25 00:31:13 djm Exp $ */ /* $OpenBSD: sshbuf-getput-crypto.c,v 1.10 2022/05/25 06:03:44 djm Exp $ */
/* /*
* Copyright (c) 2011 Damien Miller * Copyright (c) 2011 Damien Miller
* *
@ -84,7 +84,7 @@ sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g)
/* Skip string */ /* Skip string */
if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) { if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) {
/* Shouldn't happen */ /* Shouldn't happen */
SSHBUF_DBG("SSH_ERR_INTERNAL_ERROR"); SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
SSHBUF_ABORT(); SSHBUF_ABORT();
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
} }
@ -100,7 +100,7 @@ sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v)
size_t len; size_t len;
if (pt == NULL) { if (pt == NULL) {
SSHBUF_DBG("SSH_ERR_ALLOC_FAIL"); SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
} }
if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) { if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) {
@ -119,7 +119,7 @@ sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v)
/* Skip string */ /* Skip string */
if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) { if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) {
/* Shouldn't happen */ /* Shouldn't happen */
SSHBUF_DBG("SSH_ERR_INTERNAL_ERROR"); SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
SSHBUF_ABORT(); SSHBUF_ABORT();
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
} }

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshbuf.c,v 1.17 2022/05/25 00:31:13 djm Exp $ */ /* $OpenBSD: sshbuf.c,v 1.18 2022/05/25 06:03:44 djm Exp $ */
/* /*
* Copyright (c) 2011 Damien Miller * Copyright (c) 2011 Damien Miller
* *
@ -41,7 +41,7 @@ sshbuf_check_sanity(const struct sshbuf *buf)
buf->size > buf->alloc || buf->size > buf->alloc ||
buf->off > buf->size)) { buf->off > buf->size)) {
/* Do not try to recover from corrupted buffer internals */ /* Do not try to recover from corrupted buffer internals */
SSHBUF_DBG("SSH_ERR_INTERNAL_ERROR"); SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
ssh_signal(SIGSEGV, SIG_DFL); ssh_signal(SIGSEGV, SIG_DFL);
raise(SIGSEGV); raise(SIGSEGV);
return SSH_ERR_INTERNAL_ERROR; return SSH_ERR_INTERNAL_ERROR;
@ -52,7 +52,7 @@ sshbuf_check_sanity(const struct sshbuf *buf)
static void static void
sshbuf_maybe_pack(struct sshbuf *buf, int force) sshbuf_maybe_pack(struct sshbuf *buf, int force)
{ {
SSHBUF_DBG("force %d", force); SSHBUF_DBG(("force %d", force));
SSHBUF_TELL("pre-pack"); SSHBUF_TELL("pre-pack");
if (buf->off == 0 || buf->readonly || buf->refcount > 1) if (buf->off == 0 || buf->readonly || buf->refcount > 1)
return; return;
@ -223,7 +223,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size)
u_char *dp; u_char *dp;
int r; int r;
SSHBUF_DBG("set max buf = %p len = %zu", buf, max_size); SSHBUF_DBG(("set max buf = %p len = %zu", buf, max_size));
if ((r = sshbuf_check_sanity(buf)) != 0) if ((r = sshbuf_check_sanity(buf)) != 0)
return r; return r;
if (max_size == buf->max_size) if (max_size == buf->max_size)
@ -241,7 +241,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size)
rlen = ROUNDUP(buf->size, SSHBUF_SIZE_INC); rlen = ROUNDUP(buf->size, SSHBUF_SIZE_INC);
if (rlen > max_size) if (rlen > max_size)
rlen = max_size; rlen = max_size;
SSHBUF_DBG("new alloc = %zu", rlen); SSHBUF_DBG(("new alloc = %zu", rlen));
if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL) if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL)
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
buf->cd = buf->d = dp; buf->cd = buf->d = dp;
@ -309,7 +309,7 @@ sshbuf_allocate(struct sshbuf *buf, size_t len)
u_char *dp; u_char *dp;
int r; int r;
SSHBUF_DBG("allocate buf = %p len = %zu", buf, len); SSHBUF_DBG(("allocate buf = %p len = %zu", buf, len));
if ((r = sshbuf_check_reserve(buf, len)) != 0) if ((r = sshbuf_check_reserve(buf, len)) != 0)
return r; return r;
/* /*
@ -327,12 +327,12 @@ sshbuf_allocate(struct sshbuf *buf, size_t len)
*/ */
need = len + buf->size - buf->alloc; need = len + buf->size - buf->alloc;
rlen = ROUNDUP(buf->alloc + need, SSHBUF_SIZE_INC); rlen = ROUNDUP(buf->alloc + need, SSHBUF_SIZE_INC);
SSHBUF_DBG("need %zu initial rlen %zu", need, rlen); SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen));
if (rlen > buf->max_size) if (rlen > buf->max_size)
rlen = buf->alloc + need; rlen = buf->alloc + need;
SSHBUF_DBG("adjusted rlen %zu", rlen); SSHBUF_DBG(("adjusted rlen %zu", rlen));
if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL) { if ((dp = recallocarray(buf->d, buf->alloc, rlen, 1)) == NULL) {
SSHBUF_DBG("realloc fail"); SSHBUF_DBG(("realloc fail"));
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
} }
buf->alloc = rlen; buf->alloc = rlen;
@ -354,7 +354,7 @@ sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp)
if (dpp != NULL) if (dpp != NULL)
*dpp = NULL; *dpp = NULL;
SSHBUF_DBG("reserve buf = %p len = %zu", buf, len); SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len));
if ((r = sshbuf_allocate(buf, len)) != 0) if ((r = sshbuf_allocate(buf, len)) != 0)
return r; return r;
@ -370,7 +370,7 @@ sshbuf_consume(struct sshbuf *buf, size_t len)
{ {
int r; int r;
SSHBUF_DBG("len = %zu", len); SSHBUF_DBG(("len = %zu", len));
if ((r = sshbuf_check_sanity(buf)) != 0) if ((r = sshbuf_check_sanity(buf)) != 0)
return r; return r;
if (len == 0) if (len == 0)
@ -390,7 +390,7 @@ sshbuf_consume_end(struct sshbuf *buf, size_t len)
{ {
int r; int r;
SSHBUF_DBG("len = %zu", len); SSHBUF_DBG(("len = %zu", len));
if ((r = sshbuf_check_sanity(buf)) != 0) if ((r = sshbuf_check_sanity(buf)) != 0)
return r; return r;
if (len == 0) if (len == 0)

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshbuf.h,v 1.26 2022/05/25 00:31:13 djm Exp $ */ /* $OpenBSD: sshbuf.h,v 1.27 2022/05/25 06:03:44 djm Exp $ */
/* /*
* Copyright (c) 2011 Damien Miller * Copyright (c) 2011 Damien Miller
* *
@ -395,17 +395,16 @@ u_int sshbuf_refcount(const struct sshbuf *buf);
# ifdef SSHBUF_DEBUG # ifdef SSHBUF_DEBUG
# define SSHBUF_TELL(what) do { \ # define SSHBUF_TELL(what) do { \
fprintf(stderr, \ printf("%s:%d %s: %s size %zu alloc %zu off %zu max %zu\n", \
"%s:%d %s: %s size %zu alloc %zu off %zu max %zu\n", \
__FILE__, __LINE__, __func__, what, \ __FILE__, __LINE__, __func__, what, \
buf->size, buf->alloc, buf->off, buf->max_size); \ buf->size, buf->alloc, buf->off, buf->max_size); \
fflush(stderr); \ fflush(stdout); \
} while (0) } while (0)
# define SSHBUF_DBG(...) do { \ # define SSHBUF_DBG(x) do { \
fprintf(stderr, "%s:%d %s: ", __FILE__, __LINE__, __func__); \ printf("%s:%d %s: ", __FILE__, __LINE__, __func__); \
fprintf(stderr, __VA_ARGS__); \ printf x; \
fprintf(stderr, "\n"); \ printf("\n"); \
fflush(stderr); \ fflush(stdout); \
} while (0) } while (0)
# else # else
# define SSHBUF_TELL(what) # define SSHBUF_TELL(what)