diff options
author | Christian Grothoff <christian@grothoff.org> | 2018-05-20 23:40:20 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2018-05-20 23:40:20 +0200 |
commit | d080cb1ed80a0e528b2b755ee48ca18cb670175e (patch) | |
tree | d8c0edab6035e4d38138b303566e972fbf8b8c5f /src/gnsrecord | |
parent | 0a8c135eedab5213b31c21b3d4b800e5f0f6041f (diff) | |
download | gnunet-d080cb1ed80a0e528b2b755ee48ca18cb670175e.tar.gz gnunet-d080cb1ed80a0e528b2b755ee48ca18cb670175e.zip |
check return values from GNSRECORD_record_serialize/size always
Diffstat (limited to 'src/gnsrecord')
-rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 83 | ||||
-rw-r--r-- | src/gnsrecord/gnsrecord_serialization.c | 34 |
2 files changed, 76 insertions, 41 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 6d59a545a..6d3887392 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
@@ -87,9 +87,8 @@ block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
87 | const struct GNUNET_GNSRECORD_Data *rd, | 87 | const struct GNUNET_GNSRECORD_Data *rd, |
88 | unsigned int rd_count) | 88 | unsigned int rd_count) |
89 | { | 89 | { |
90 | size_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, | 90 | ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, |
91 | rd); | 91 | rd); |
92 | char payload[sizeof (uint32_t) + payload_len]; | ||
93 | struct GNUNET_GNSRECORD_Block *block; | 92 | struct GNUNET_GNSRECORD_Block *block; |
94 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; | 93 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; |
95 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 94 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
@@ -98,8 +97,16 @@ block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
98 | uint32_t rd_count_nbo; | 97 | uint32_t rd_count_nbo; |
99 | struct GNUNET_TIME_Absolute now; | 98 | struct GNUNET_TIME_Absolute now; |
100 | 99 | ||
100 | if (payload_len < 0) | ||
101 | { | ||
102 | GNUNET_break (0); | ||
103 | return NULL; | ||
104 | } | ||
101 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) | 105 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) |
106 | { | ||
107 | GNUNET_break (0); | ||
102 | return NULL; | 108 | return NULL; |
109 | } | ||
103 | /* convert relative to absolute times */ | 110 | /* convert relative to absolute times */ |
104 | now = GNUNET_TIME_absolute_get (); | 111 | now = GNUNET_TIME_absolute_get (); |
105 | for (unsigned int i=0;i<rd_count;i++) | 112 | for (unsigned int i=0;i<rd_count;i++) |
@@ -117,39 +124,43 @@ block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
117 | } | 124 | } |
118 | /* serialize */ | 125 | /* serialize */ |
119 | rd_count_nbo = htonl (rd_count); | 126 | rd_count_nbo = htonl (rd_count); |
120 | GNUNET_memcpy (payload, | 127 | { |
121 | &rd_count_nbo, | 128 | char payload[sizeof (uint32_t) + payload_len]; |
122 | sizeof (uint32_t)); | 129 | |
123 | GNUNET_assert (payload_len == | 130 | GNUNET_memcpy (payload, |
124 | GNUNET_GNSRECORD_records_serialize (rd_count, | 131 | &rd_count_nbo, |
125 | rdc, | 132 | sizeof (uint32_t)); |
126 | payload_len, | 133 | GNUNET_assert (payload_len == |
127 | &payload[sizeof (uint32_t)])); | 134 | GNUNET_GNSRECORD_records_serialize (rd_count, |
128 | block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + | 135 | rdc, |
129 | sizeof (uint32_t) + | 136 | payload_len, |
130 | payload_len); | 137 | &payload[sizeof (uint32_t)])); |
131 | block->purpose.size = htonl (sizeof (uint32_t) + | 138 | block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + |
132 | payload_len + | 139 | sizeof (uint32_t) + |
133 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + | 140 | payload_len); |
134 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); | 141 | block->purpose.size = htonl (sizeof (uint32_t) + |
135 | block->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | 142 | payload_len + |
136 | block->expiration_time = GNUNET_TIME_absolute_hton (expire); | 143 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + |
137 | /* encrypt and sign */ | 144 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); |
138 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, | 145 | block->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); |
139 | label, | 146 | block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
140 | "gns"); | 147 | /* encrypt and sign */ |
141 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, | 148 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, |
142 | &block->derived_key); | 149 | label, |
143 | derive_block_aes_key (&iv, | 150 | "gns"); |
144 | &skey, | 151 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, |
145 | label, | 152 | &block->derived_key); |
146 | pkey); | 153 | derive_block_aes_key (&iv, |
147 | GNUNET_break (payload_len + sizeof (uint32_t) == | 154 | &skey, |
148 | GNUNET_CRYPTO_symmetric_encrypt (payload, | 155 | label, |
149 | payload_len + sizeof (uint32_t), | 156 | pkey); |
150 | &skey, | 157 | GNUNET_break (payload_len + sizeof (uint32_t) == |
151 | &iv, | 158 | GNUNET_CRYPTO_symmetric_encrypt (payload, |
152 | &block[1])); | 159 | payload_len + sizeof (uint32_t), |
160 | &skey, | ||
161 | &iv, | ||
162 | &block[1])); | ||
163 | } | ||
153 | if (GNUNET_OK != | 164 | if (GNUNET_OK != |
154 | GNUNET_CRYPTO_ecdsa_sign (dkey, | 165 | GNUNET_CRYPTO_ecdsa_sign (dkey, |
155 | &block->purpose, | 166 | &block->purpose, |
diff --git a/src/gnsrecord/gnsrecord_serialization.c b/src/gnsrecord/gnsrecord_serialization.c index 6164fa3db..5a862f82f 100644 --- a/src/gnsrecord/gnsrecord_serialization.c +++ b/src/gnsrecord/gnsrecord_serialization.c | |||
@@ -78,9 +78,9 @@ GNUNET_NETWORK_STRUCT_END | |||
78 | * | 78 | * |
79 | * @param rd_count number of records in the rd array | 79 | * @param rd_count number of records in the rd array |
80 | * @param rd array of #GNUNET_GNSRECORD_Data with @a rd_count elements | 80 | * @param rd array of #GNUNET_GNSRECORD_Data with @a rd_count elements |
81 | * @return the required size to serialize | 81 | * @return the required size to serialize, -1 on error |
82 | */ | 82 | */ |
83 | size_t | 83 | ssize_t |
84 | GNUNET_GNSRECORD_records_get_size (unsigned int rd_count, | 84 | GNUNET_GNSRECORD_records_get_size (unsigned int rd_count, |
85 | const struct GNUNET_GNSRECORD_Data *rd) | 85 | const struct GNUNET_GNSRECORD_Data *rd) |
86 | { | 86 | { |
@@ -89,10 +89,34 @@ GNUNET_GNSRECORD_records_get_size (unsigned int rd_count, | |||
89 | ret = sizeof (struct NetworkRecord) * rd_count; | 89 | ret = sizeof (struct NetworkRecord) * rd_count; |
90 | for (unsigned int i=0;i<rd_count;i++) | 90 | for (unsigned int i=0;i<rd_count;i++) |
91 | { | 91 | { |
92 | GNUNET_assert ((ret + rd[i].data_size) >= ret); | 92 | if ((ret + rd[i].data_size) < ret) |
93 | { | ||
94 | GNUNET_break (0); | ||
95 | return -1; | ||
96 | } | ||
93 | ret += rd[i].data_size; | 97 | ret += rd[i].data_size; |
98 | #if GNUNET_EXTRA_LOGGING | ||
99 | { | ||
100 | char *str; | ||
101 | |||
102 | str = GNUNET_GNSRECORD_value_to_string (rd[i].record_type, | ||
103 | rd[i].data, | ||
104 | rd[i].data_size); | ||
105 | if (NULL == str) | ||
106 | { | ||
107 | GNUNET_break_op (0); | ||
108 | return -1; | ||
109 | } | ||
110 | GNUNET_free (str); | ||
111 | } | ||
112 | #endif | ||
94 | } | 113 | } |
95 | return ret; | 114 | if (ret > SSIZE_MAX) |
115 | { | ||
116 | GNUNET_break (0); | ||
117 | return -1; | ||
118 | } | ||
119 | return (ssize_t) ret; | ||
96 | } | 120 | } |
97 | 121 | ||
98 | 122 | ||
@@ -156,7 +180,7 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, | |||
156 | if (NULL == str) | 180 | if (NULL == str) |
157 | { | 181 | { |
158 | GNUNET_break_op (0); | 182 | GNUNET_break_op (0); |
159 | return GNUNET_SYSERR; | 183 | return -1; |
160 | } | 184 | } |
161 | GNUNET_free (str); | 185 | GNUNET_free (str); |
162 | } | 186 | } |