diff options
| author | Christian Grothoff <christian@grothoff.org> | 2018-05-13 21:17:12 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2018-05-13 21:17:12 +0200 |
| commit | 98ac2b34f979cf10da24c984e690dabf7b34794b (patch) | |
| tree | ed4fd15409066b5403f02c23aab9e14b179bc874 /src/gnsrecord | |
| parent | fa2978883e1585b1eeff3a22b7a9b4f174a45ca3 (diff) | |
| download | gnunet-98ac2b34f979cf10da24c984e690dabf7b34794b.tar.gz gnunet-98ac2b34f979cf10da24c984e690dabf7b34794b.zip | |
add some extra GNS-record well-formedness checks if logging is enabled
Diffstat (limited to 'src/gnsrecord')
| -rw-r--r-- | src/gnsrecord/gnsrecord.c | 12 | ||||
| -rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 29 | ||||
| -rw-r--r-- | src/gnsrecord/gnsrecord_serialization.c | 42 |
3 files changed, 64 insertions, 19 deletions
diff --git a/src/gnsrecord/gnsrecord.c b/src/gnsrecord/gnsrecord.c index 8fc039fc6..ece1665fc 100644 --- a/src/gnsrecord/gnsrecord.c +++ b/src/gnsrecord/gnsrecord.c | |||
| @@ -114,10 +114,9 @@ init () | |||
| 114 | void __attribute__ ((destructor)) | 114 | void __attribute__ ((destructor)) |
| 115 | GNSRECORD_fini () | 115 | GNSRECORD_fini () |
| 116 | { | 116 | { |
| 117 | unsigned int i; | ||
| 118 | struct Plugin *plugin; | 117 | struct Plugin *plugin; |
| 119 | 118 | ||
| 120 | for (i = 0; i < num_plugins; i++) | 119 | for (unsigned int i = 0; i < num_plugins; i++) |
| 121 | { | 120 | { |
| 122 | plugin = gns_plugins[i]; | 121 | plugin = gns_plugins[i]; |
| 123 | GNUNET_break (NULL == | 122 | GNUNET_break (NULL == |
| @@ -146,12 +145,11 @@ GNUNET_GNSRECORD_value_to_string (uint32_t type, | |||
| 146 | const void *data, | 145 | const void *data, |
| 147 | size_t data_size) | 146 | size_t data_size) |
| 148 | { | 147 | { |
| 149 | unsigned int i; | ||
| 150 | struct Plugin *plugin; | 148 | struct Plugin *plugin; |
| 151 | char *ret; | 149 | char *ret; |
| 152 | 150 | ||
| 153 | init (); | 151 | init (); |
| 154 | for (i = 0; i < num_plugins; i++) | 152 | for (unsigned int i = 0; i < num_plugins; i++) |
| 155 | { | 153 | { |
| 156 | plugin = gns_plugins[i]; | 154 | plugin = gns_plugins[i]; |
| 157 | if (NULL != (ret = plugin->api->value_to_string (plugin->api->cls, | 155 | if (NULL != (ret = plugin->api->value_to_string (plugin->api->cls, |
| @@ -180,11 +178,10 @@ GNUNET_GNSRECORD_string_to_value (uint32_t type, | |||
| 180 | void **data, | 178 | void **data, |
| 181 | size_t *data_size) | 179 | size_t *data_size) |
| 182 | { | 180 | { |
| 183 | unsigned int i; | ||
| 184 | struct Plugin *plugin; | 181 | struct Plugin *plugin; |
| 185 | 182 | ||
| 186 | init (); | 183 | init (); |
| 187 | for (i = 0; i < num_plugins; i++) | 184 | for (unsigned int i = 0; i < num_plugins; i++) |
| 188 | { | 185 | { |
| 189 | plugin = gns_plugins[i]; | 186 | plugin = gns_plugins[i]; |
| 190 | if (GNUNET_OK == plugin->api->string_to_value (plugin->api->cls, | 187 | if (GNUNET_OK == plugin->api->string_to_value (plugin->api->cls, |
| @@ -234,14 +231,13 @@ GNUNET_GNSRECORD_typename_to_number (const char *dns_typename) | |||
| 234 | const char * | 231 | const char * |
| 235 | GNUNET_GNSRECORD_number_to_typename (uint32_t type) | 232 | GNUNET_GNSRECORD_number_to_typename (uint32_t type) |
| 236 | { | 233 | { |
| 237 | unsigned int i; | ||
| 238 | struct Plugin *plugin; | 234 | struct Plugin *plugin; |
| 239 | const char * ret; | 235 | const char * ret; |
| 240 | 236 | ||
| 241 | if (GNUNET_GNSRECORD_TYPE_ANY == type) | 237 | if (GNUNET_GNSRECORD_TYPE_ANY == type) |
| 242 | return "ANY"; | 238 | return "ANY"; |
| 243 | init (); | 239 | init (); |
| 244 | for (i = 0; i < num_plugins; i++) | 240 | for (unsigned int i = 0; i < num_plugins; i++) |
| 245 | { | 241 | { |
| 246 | plugin = gns_plugins[i]; | 242 | plugin = gns_plugins[i]; |
| 247 | if (NULL != (ret = plugin->api->number_to_typename (plugin->api->cls, | 243 | if (NULL != (ret = plugin->api->number_to_typename (plugin->api->cls, |
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index cebc842f3..6d59a545a 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* | 1 | /* |
| 2 | This file is part of GNUnet. | 2 | This file is part of GNUnet. |
| 3 | Copyright (C) 2009-2013 GNUnet e.V. | 3 | Copyright (C) 2009-2013, 2018 GNUnet e.V. |
| 4 | 4 | ||
| 5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
| 6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
| @@ -94,7 +94,7 @@ block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 94 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; | 94 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; |
| 95 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 95 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
| 96 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; | 96 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; |
| 97 | struct GNUNET_GNSRECORD_Data rdc[rd_count]; | 97 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL(rd_count)]; |
| 98 | uint32_t rd_count_nbo; | 98 | uint32_t rd_count_nbo; |
| 99 | struct GNUNET_TIME_Absolute now; | 99 | struct GNUNET_TIME_Absolute now; |
| 100 | 100 | ||
| @@ -246,6 +246,7 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 246 | GNUNET_CRYPTO_ecdsa_key_get_public (key, | 246 | GNUNET_CRYPTO_ecdsa_key_get_public (key, |
| 247 | &line->pkey); | 247 | &line->pkey); |
| 248 | } | 248 | } |
| 249 | #undef CSIZE | ||
| 249 | return block_create (key, | 250 | return block_create (key, |
| 250 | &line->pkey, | 251 | &line->pkey, |
| 251 | expire, | 252 | expire, |
| @@ -304,18 +305,21 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, | |||
| 304 | GNUNET_break_op (0); | 305 | GNUNET_break_op (0); |
| 305 | return GNUNET_SYSERR; | 306 | return GNUNET_SYSERR; |
| 306 | } | 307 | } |
| 307 | derive_block_aes_key (&iv, &skey, label, zone_key); | 308 | derive_block_aes_key (&iv, |
| 309 | &skey, | ||
| 310 | label, | ||
| 311 | zone_key); | ||
| 308 | { | 312 | { |
| 309 | char payload[payload_len]; | 313 | char payload[payload_len]; |
| 310 | uint32_t rd_count; | 314 | uint32_t rd_count; |
| 311 | 315 | ||
| 312 | GNUNET_break (payload_len == | 316 | GNUNET_break (payload_len == |
| 313 | GNUNET_CRYPTO_symmetric_decrypt (&block[1], payload_len, | 317 | GNUNET_CRYPTO_symmetric_decrypt (&block[1], payload_len, |
| 314 | &skey, &iv, | 318 | &skey, &iv, |
| 315 | payload)); | 319 | payload)); |
| 316 | GNUNET_memcpy (&rd_count, | 320 | GNUNET_memcpy (&rd_count, |
| 317 | payload, | 321 | payload, |
| 318 | sizeof (uint32_t)); | 322 | sizeof (uint32_t)); |
| 319 | rd_count = ntohl (rd_count); | 323 | rd_count = ntohl (rd_count); |
| 320 | if (rd_count > 2048) | 324 | if (rd_count > 2048) |
| 321 | { | 325 | { |
| @@ -324,7 +328,7 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, | |||
| 324 | return GNUNET_SYSERR; | 328 | return GNUNET_SYSERR; |
| 325 | } | 329 | } |
| 326 | { | 330 | { |
| 327 | struct GNUNET_GNSRECORD_Data rd[rd_count]; | 331 | struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL(rd_count)]; |
| 328 | unsigned int j; | 332 | unsigned int j; |
| 329 | struct GNUNET_TIME_Absolute now; | 333 | struct GNUNET_TIME_Absolute now; |
| 330 | 334 | ||
| @@ -359,10 +363,13 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, | |||
| 359 | continue; | 363 | continue; |
| 360 | if (rd[i].expiration_time < now.abs_value_us) | 364 | if (rd[i].expiration_time < now.abs_value_us) |
| 361 | include_record = GNUNET_NO; /* Shadow record is expired */ | 365 | include_record = GNUNET_NO; /* Shadow record is expired */ |
| 362 | if ((rd[k].record_type == rd[i].record_type) | 366 | if ( (rd[k].record_type == rd[i].record_type) && |
| 363 | && (rd[k].expiration_time >= now.abs_value_us) | 367 | (rd[k].expiration_time >= now.abs_value_us) && |
| 364 | && (0 == (rd[k].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD))) | 368 | (0 == (rd[k].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD)) ) |
| 369 | { | ||
| 365 | include_record = GNUNET_NO; /* We have a non-expired, non-shadow record of the same type */ | 370 | include_record = GNUNET_NO; /* We have a non-expired, non-shadow record of the same type */ |
| 371 | break; | ||
| 372 | } | ||
| 366 | } | 373 | } |
| 367 | if (GNUNET_YES == include_record) | 374 | if (GNUNET_YES == include_record) |
| 368 | { | 375 | { |
diff --git a/src/gnsrecord/gnsrecord_serialization.c b/src/gnsrecord/gnsrecord_serialization.c index 56521945d..1db27464f 100644 --- a/src/gnsrecord/gnsrecord_serialization.c +++ b/src/gnsrecord/gnsrecord_serialization.c | |||
| @@ -127,17 +127,38 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, | |||
| 127 | rec.record_type = htonl (rd[i].record_type); | 127 | rec.record_type = htonl (rd[i].record_type); |
| 128 | rec.flags = htonl (rd[i].flags); | 128 | rec.flags = htonl (rd[i].flags); |
| 129 | if (off + sizeof (rec) > dest_size) | 129 | if (off + sizeof (rec) > dest_size) |
| 130 | { | ||
| 131 | GNUNET_break (0); | ||
| 130 | return -1; | 132 | return -1; |
| 133 | } | ||
| 131 | GNUNET_memcpy (&dest[off], | 134 | GNUNET_memcpy (&dest[off], |
| 132 | &rec, | 135 | &rec, |
| 133 | sizeof (rec)); | 136 | sizeof (rec)); |
| 134 | off += sizeof (rec); | 137 | off += sizeof (rec); |
| 135 | if (off + rd[i].data_size > dest_size) | 138 | if (off + rd[i].data_size > dest_size) |
| 139 | { | ||
| 140 | GNUNET_break (0); | ||
| 136 | return -1; | 141 | return -1; |
| 142 | } | ||
| 137 | GNUNET_memcpy (&dest[off], | 143 | GNUNET_memcpy (&dest[off], |
| 138 | rd[i].data, | 144 | rd[i].data, |
| 139 | rd[i].data_size); | 145 | rd[i].data_size); |
| 140 | off += rd[i].data_size; | 146 | off += rd[i].data_size; |
| 147 | #if GNUNET_EXTRA_LOGGING | ||
| 148 | { | ||
| 149 | char *str; | ||
| 150 | |||
| 151 | str = GNUNET_GNSRECORD_value_to_string (rd[i].record_type, | ||
| 152 | rd[i].data, | ||
| 153 | rd[i].data_size); | ||
| 154 | if (NULL == str) | ||
| 155 | { | ||
| 156 | GNUNET_break_op (0); | ||
| 157 | return GNUNET_SYSERR; | ||
| 158 | } | ||
| 159 | GNUNET_free (str); | ||
| 160 | } | ||
| 161 | #endif | ||
| 141 | } | 162 | } |
| 142 | return off; | 163 | return off; |
| 143 | } | 164 | } |
| @@ -165,7 +186,10 @@ GNUNET_GNSRECORD_records_deserialize (size_t len, | |||
| 165 | for (unsigned int i=0;i<rd_count;i++) | 186 | for (unsigned int i=0;i<rd_count;i++) |
| 166 | { | 187 | { |
| 167 | if (off + sizeof (rec) > len) | 188 | if (off + sizeof (rec) > len) |
| 189 | { | ||
| 190 | GNUNET_break_op (0); | ||
| 168 | return GNUNET_SYSERR; | 191 | return GNUNET_SYSERR; |
| 192 | } | ||
| 169 | GNUNET_memcpy (&rec, | 193 | GNUNET_memcpy (&rec, |
| 170 | &src[off], | 194 | &src[off], |
| 171 | sizeof (rec)); | 195 | sizeof (rec)); |
| @@ -175,9 +199,27 @@ GNUNET_GNSRECORD_records_deserialize (size_t len, | |||
| 175 | dest[i].flags = ntohl (rec.flags); | 199 | dest[i].flags = ntohl (rec.flags); |
| 176 | off += sizeof (rec); | 200 | off += sizeof (rec); |
| 177 | if (off + dest[i].data_size > len) | 201 | if (off + dest[i].data_size > len) |
| 202 | { | ||
| 203 | GNUNET_break_op (0); | ||
| 178 | return GNUNET_SYSERR; | 204 | return GNUNET_SYSERR; |
| 205 | } | ||
| 179 | dest[i].data = &src[off]; | 206 | dest[i].data = &src[off]; |
| 180 | off += dest[i].data_size; | 207 | off += dest[i].data_size; |
| 208 | #if GNUNET_EXTRA_LOGGING | ||
| 209 | { | ||
| 210 | char *str; | ||
| 211 | |||
| 212 | str = GNUNET_GNSRECORD_value_to_string (dest[i].record_type, | ||
| 213 | dest[i].data, | ||
| 214 | dest[i].data_size); | ||
| 215 | if (NULL == str) | ||
| 216 | { | ||
| 217 | GNUNET_break_op (0); | ||
| 218 | return GNUNET_SYSERR; | ||
| 219 | } | ||
| 220 | GNUNET_free (str); | ||
| 221 | } | ||
| 222 | #endif | ||
| 181 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 223 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
| 182 | "Deserialized record %u with flags %d and expiration time %llu\n", | 224 | "Deserialized record %u with flags %d and expiration time %llu\n", |
| 183 | i, | 225 | i, |