[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gsasl branch, master, updated. gsasl-1-2-91-ge204d1d
|
From: |
Simon Josefsson |
|
Subject: |
[SCM] GNU gsasl branch, master, updated. gsasl-1-2-91-ge204d1d |
|
Date: |
Wed, 16 Sep 2009 14:14:14 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=e204d1dcba18cbdf7ef4e9e930ed2b95dba0ba14
The branch, master has been updated
via e204d1dcba18cbdf7ef4e9e930ed2b95dba0ba14 (commit)
from 7e55269433985bf446e5c04b98a9434e1ac94814 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e204d1dcba18cbdf7ef4e9e930ed2b95dba0ba14
Author: Simon Josefsson <address@hidden>
Date: Wed Sep 16 16:14:10 2009 +0200
SCRAM: Handle non-zero terminated strings.
-----------------------------------------------------------------------
Summary of changes:
lib/scram/client.c | 10 +--
lib/scram/parser.c | 278 ++++++++++++++++++++++++++++++----------------------
lib/scram/parser.h | 8 +-
lib/scram/server.c | 21 ++--
4 files changed, 175 insertions(+), 142 deletions(-)
diff --git a/lib/scram/client.c b/lib/scram/client.c
index 26cab0c..ef464c0 100644
--- a/lib/scram/client.c
+++ b/lib/scram/client.c
@@ -197,10 +197,7 @@ _gsasl_scram_sha1_client_step (Gsasl_session * sctx,
case 1:
{
- if (strlen (input) != input_len)
- return GSASL_MECHANISM_PARSE_ERROR;
-
- if (scram_parse_server_first (input, &state->sf) < 0)
+ if (scram_parse_server_first (input, input_len, &state->sf) < 0)
return GSASL_MECHANISM_PARSE_ERROR;
if (strlen (state->sf.nonce) < strlen (state->cf.client_nonce) ||
@@ -364,10 +361,7 @@ _gsasl_scram_sha1_client_step (Gsasl_session * sctx,
case 2:
{
- if (strlen (input) != input_len)
- return GSASL_MECHANISM_PARSE_ERROR;
-
- if (scram_parse_server_final (input, &state->sl) < 0)
+ if (scram_parse_server_final (input, input_len, &state->sl) < 0)
return GSASL_MECHANISM_PARSE_ERROR;
if (strcmp (state->sl.verifier, state->serversignature) != 0)
diff --git a/lib/scram/parser.c b/lib/scram/parser.c
index 869289d..0f2fa2c 100644
--- a/lib/scram/parser.c
+++ b/lib/scram/parser.c
@@ -37,107 +37,123 @@
#include "validate.h"
int
-scram_parse_client_first (const char *str,
+scram_parse_client_first (const char *str, size_t len,
struct scram_client_first *cf)
{
/* Minimum client first string is 'n,,n=a,r=b'. */
if (strlen (str) < 10)
return -1;
- if (*str != 'p' && *str != 'n' && *str != 'y')
+ if (len == 0 || *str != 'n')
+ /* FIXME parse non-'n' cbflags */
return -1;
+ cf->cbflag = *str;
+ str++, len--;
- cf->cbflag = *str++;
- if (cf->cbflag == 'p')
- {
- /* FIXME parse cbname */
- return -1;
- }
-
- if (*str++ != ',')
+ if (len == 0 || *str != ',')
return -1;
+ str++, len--;
+ if (len == 0)
+ return -1;
if (*str == 'a')
{
- char *p;
- size_t len;
+ const char *p;
+ size_t l;
- p = strchr (str, ',');
+ p = memchr (str, ',', len);
if (!p)
return -1;
- len = p - str;
+ l = p - str;
+ if (len < l)
+ return -1;
- cf->authzid = malloc (len + 1);
+ cf->authzid = malloc (l + 1);
if (!cf->authzid)
return -1;
- memcpy (cf->authzid, str, len);
- cf->authzid[len] = '\0';
+ memcpy (cf->authzid, str, l);
+ cf->authzid[l] = '\0';
/* FIXME decode authzid */
str = p;
+ len -= l;
}
- if (*str++ != ',')
+ if (len == 0 || *str != ',')
return -1;
+ str++, len--;
- if (*str++ != 'n')
+ if (len == 0 || *str != 'n')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
{
- char *p;
- size_t len;
+ const char *p;
+ size_t l;
- p = strchr (str, ',');
+ p = memchr (str, ',', len);
if (!p)
return -1;
- len = p - str;
+ l = p - str;
+ if (len < l)
+ return -1;
- cf->username = malloc (len + 1);
+ cf->username = malloc (l + 1);
if (!cf->username)
return -1;
- memcpy (cf->username, str, len);
- cf->username[len] = '\0';
+ memcpy (cf->username, str, l);
+ cf->username[l] = '\0';
/* FIXME decode username */
str = p;
+ len -= l;
}
- if (*str++ != ',')
+ if (len == 0 || *str != ',')
return -1;
+ str++, len--;
- if (*str++ != 'r')
+ if (len == 0 || *str != 'r')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
{
- char *p;
- size_t len;
+ const char *p;
+ size_t l;
- p = strchrnul (str, ',');
+ p = memchr (str, ',', len);
+ if (!p)
+ p = str + len;
if (!p)
return -1;
- len = p - str;
+ l = p - str;
+ if (len < l)
+ return -1;
- cf->client_nonce = malloc (len + 1);
+ cf->client_nonce = malloc (l + 1);
if (!cf->client_nonce)
return -1;
- memcpy (cf->client_nonce, str, len);
- cf->client_nonce[len] = '\0';
+ memcpy (cf->client_nonce, str, l);
+ cf->client_nonce[l] = '\0';
str = p;
+ len -= l;
}
/* FIXME check that any extension fields follow valid syntax. */
@@ -149,97 +165,105 @@ scram_parse_client_first (const char *str,
}
int
-scram_parse_server_first (const char *str,
+scram_parse_server_first (const char *str, size_t len,
struct scram_server_first *sf)
{
/* Minimum server first string is 'r=ab,s=biws,i=1'. */
if (strlen (str) < 15)
return -1;
- if (*str++ != 'r')
+ if (len == 0 || *str != 'r')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
{
- char *p;
- size_t len;
+ const char *p;
+ size_t l;
- p = strchr (str, ',');
+ p = memchr (str, ',', len);
if (!p)
return -1;
- len = p - str;
+ l = p - str;
+ if (len < l)
+ return -1;
- sf->nonce = malloc (len + 1);
+ sf->nonce = malloc (l + 1);
if (!sf->nonce)
return -1;
- memcpy (sf->nonce, str, len);
- sf->nonce[len] = '\0';
+ memcpy (sf->nonce, str, l);
+ sf->nonce[l] = '\0';
str = p;
+ len -= l;
}
- if (*str++ != ',')
+ if (len == 0 || *str != ',')
return -1;
+ str++, len--;
- if (*str++ != 's')
+ if (len == 0 || *str != 's')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
{
- char *p;
- size_t len;
+ const char *p;
+ size_t l;
- p = strchr (str, ',');
+ p = memchr (str, ',', len);
if (!p)
return -1;
- len = p - str;
+ l = p - str;
+ if (len < l)
+ return -1;
- sf->salt = malloc (len + 1);
+ sf->salt = malloc (l + 1);
if (!sf->salt)
return -1;
- memcpy (sf->salt, str, len);
- sf->salt[len] = '\0';
+ memcpy (sf->salt, str, l);
+ sf->salt[l] = '\0';
str = p;
+ len -= l;
}
- if (*str++ != ',')
+ if (len == 0 || *str != ',')
return -1;
+ str++, len--;
- if (*str++ != 'i')
+ if (len == 0 || *str != 'i')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
- {
- const char *p;
-
- sf->iter = 0;
- for (p = str; *p >= '0' && *p <= '9'; p++)
- {
- size_t last_iter = sf->iter;
-
- sf->iter = sf->iter * 10 + (*p - '0');
+ sf->iter = 0;
+ for (; len > 0 && *str >= '0' && *str <= '9'; str++, len--)
+ {
+ size_t last_iter = sf->iter;
- /* Protect against wrap arounds. */
- if (sf->iter < last_iter)
- return -1;
- }
+ sf->iter = sf->iter * 10 + (*str - '0');
- if (*p != ',' && *p != '\0')
- return -1;
+ /* Protect against wrap arounds. */
+ if (sf->iter < last_iter)
+ return -1;
+ }
- str = p;
- }
+ if (len > 0 && *str != ',')
+ return -1;
/* FIXME check that any extension fields follow valid syntax. */
@@ -250,89 +274,103 @@ scram_parse_server_first (const char *str,
}
int
-scram_parse_client_final (const char *str,
+scram_parse_client_final (const char *str, size_t len,
struct scram_client_final *cl)
{
/* Minimum client final string is 'c=biws,r=ab,p=ab=='. */
if (strlen (str) < 18)
return -1;
- if (*str++ != 'c')
+ if (len == 0 || *str != 'c')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
{
- char *p;
- size_t len;
+ const char *p;
+ size_t l;
- p = strchr (str, ',');
+ p = memchr (str, ',', len);
if (!p)
return -1;
- len = p - str;
+ l = p - str;
+ if (len < l)
+ return -1;
- cl->cbind = malloc (len + 1);
+ cl->cbind = malloc (l + 1);
if (!cl->cbind)
return -1;
- memcpy (cl->cbind, str, len);
- cl->cbind[len] = '\0';
+ memcpy (cl->cbind, str, l);
+ cl->cbind[l] = '\0';
str = p;
+ len -= l;
}
- if (*str++ != ',')
+ if (len == 0 || *str != ',')
return -1;
+ str++, len--;
- if (*str++ != 'r')
+ if (len == 0 || *str != 'r')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
{
- char *p;
- size_t len;
+ const char *p;
+ size_t l;
- p = strchr (str, ',');
+ p = memchr (str, ',', len);
if (!p)
return -1;
- len = p - str;
+ l = p - str;
+ if (len < l)
+ return -1;
- cl->nonce = malloc (len + 1);
+ cl->nonce = malloc (l + 1);
if (!cl->nonce)
return -1;
- memcpy (cl->nonce, str, len);
- cl->nonce[len] = '\0';
+ memcpy (cl->nonce, str, l);
+ cl->nonce[l] = '\0';
str = p;
+ len -= l;
}
/* FIXME check that any extension fields follow valid syntax. */
- if (*str++ != ',')
+ if (len == 0 || *str != ',')
return -1;
+ str++, len--;
- if (*str++ != 'p')
+ if (len == 0 || *str != 'p')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
- {
- size_t len = strlen (str);
+ /* Sanity check proof. */
+ if (memchr (str, '\0', len))
+ return -1;
- cl->proof = malloc (len + 1);
- if (!cl->proof)
- return -1;
+ cl->proof = malloc (len + 1);
+ if (!cl->proof)
+ return -1;
- memcpy (cl->proof, str, len);
- cl->proof[len] = '\0';
- }
+ memcpy (cl->proof, str, len);
+ cl->proof[len] = '\0';
if (scram_valid_client_final (cl) < 0)
return -1;
@@ -341,29 +379,31 @@ scram_parse_client_final (const char *str,
}
int
-scram_parse_server_final (const char *str,
+scram_parse_server_final (const char *str, size_t len,
struct scram_server_final *sl)
{
/* Minimum client final string is 'v=ab=='. */
if (strlen (str) < 6)
return -1;
- if (*str++ != 'v')
+ if (len == 0 || *str != 'v')
return -1;
+ str++, len--;
- if (*str++ != '=')
+ if (len == 0 || *str != '=')
return -1;
+ str++, len--;
- {
- size_t len = strlen (str);
+ /* Sanity check proof. */
+ if (memchr (str, '\0', len))
+ return -1;
- sl->verifier = malloc (len + 1);
- if (!sl->verifier)
- return -1;
+ sl->verifier = malloc (len + 1);
+ if (!sl->verifier)
+ return -1;
- memcpy (sl->verifier, str, len);
- sl->verifier[len] = '\0';
- }
+ memcpy (sl->verifier, str, len);
+ sl->verifier[len] = '\0';
if (scram_valid_server_final (sl) < 0)
return -1;
diff --git a/lib/scram/parser.h b/lib/scram/parser.h
index 24e7e19..a43f8d7 100644
--- a/lib/scram/parser.h
+++ b/lib/scram/parser.h
@@ -26,16 +26,16 @@
/* Get token types. */
#include "tokens.h"
-extern int scram_parse_client_first (const char *str,
+extern int scram_parse_client_first (const char *str, size_t len,
struct scram_client_first *cf);
-extern int scram_parse_server_first (const char *str,
+extern int scram_parse_server_first (const char *str, size_t len,
struct scram_server_first *cf);
-extern int scram_parse_client_final (const char *str,
+extern int scram_parse_client_final (const char *str, size_t len,
struct scram_client_final *cl);
-extern int scram_parse_server_final (const char *str,
+extern int scram_parse_server_final (const char *str, size_t len,
struct scram_server_final *sl);
#endif /* SCRAM_PARSER_H */
diff --git a/lib/scram/server.c b/lib/scram/server.c
index 0ef5f49..931966f 100644
--- a/lib/scram/server.c
+++ b/lib/scram/server.c
@@ -122,10 +122,10 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx,
{
case 0:
{
- if (strlen (input) != input_len)
- return GSASL_MECHANISM_PARSE_ERROR;
+ if (input_len == 0)
+ return GSASL_NEEDS_MORE;
- if (scram_parse_client_first (input, &state->cf) < 0)
+ if (scram_parse_client_first (input, input_len, &state->cf) < 0)
return GSASL_MECHANISM_PARSE_ERROR;
/* We don't support channel bindings. */
@@ -146,18 +146,20 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx,
const char *p;
/* Save "bare" for next step. */
- p = strchr (input, ',');
+ p = memchr (input, ',', input_len);
if (!p)
return GSASL_AUTHENTICATION_ERROR;
p++;
- p = strchr (p, ',');
+ p = memchr (p, ',', input_len - (p - input));
if (!p)
return GSASL_AUTHENTICATION_ERROR;
p++;
- state->cfmb_str = strdup (p);
+ state->cfmb_str = malloc (input_len - (p - input) + 1);
if (!state->cfmb_str)
return GSASL_MALLOC_ERROR;
+ memcpy (state->cfmb_str, p, input_len - (p - input));
+ state->cfmb_str[input_len - (p - input)] = '\0';
}
/* Create new nonce. */
@@ -207,10 +209,7 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx,
case 1:
{
- if (strlen (input) != input_len)
- return GSASL_MECHANISM_PARSE_ERROR;
-
- if (scram_parse_client_final (input, &state->cl) < 0)
+ if (scram_parse_client_final (input, input_len, &state->cl) < 0)
return GSASL_MECHANISM_PARSE_ERROR;
if (strcmp (state->cl.nonce, state->sf.nonce) != 0)
@@ -285,7 +284,7 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx,
int n;
/* Get client-final-message-without-proof. */
- p = strstr (input, ",p=");
+ p = memmem (input, input_len, ",p=", 3);
if (!p)
return GSASL_MECHANISM_PARSE_ERROR;
len = p - input;
hooks/post-receive
--
GNU gsasl
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gsasl branch, master, updated. gsasl-1-2-91-ge204d1d,
Simon Josefsson <=