1
0
mirror of https://github.com/sheumann/hush.git synced 2025-01-10 16:29:44 +00:00
Denys Vlasenko 7895b91743 udhcp: dname_dec may return NULL, account for that case
Other random cleanips included...

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2009-07-03 16:59:59 +02:00

211 lines
5.3 KiB
C

/* vi: set sw=4 ts=4: */
/* RFC1035 domain compression routines (C) 2007 Gabriel Somlo <somlo at cmu.edu>
*
* Loosely based on the isc-dhcpd implementation by dhankins@isc.org
*
* Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
*/
#if ENABLE_FEATURE_UDHCP_RFC3397
#include "common.h"
#include "options.h"
#define NS_MAXDNAME 1025 /* max domain name length */
#define NS_MAXCDNAME 255 /* max compressed domain name length */
#define NS_MAXLABEL 63 /* max label length */
#define NS_MAXDNSRCH 6 /* max domains in search path */
#define NS_CMPRSFLGS 0xc0 /* name compression pointer flag */
/* expand a RFC1035-compressed list of domain names "cstr", of length "clen";
* returns a newly allocated string containing the space-separated domains,
* prefixed with the contents of string pre, or NULL if an error occurs.
*/
char* FAST_FUNC dname_dec(const uint8_t *cstr, int clen, const char *pre)
{
char *ret = ret; /* for compiler */
char *dst = NULL;
/* We make two passes over the cstr string. First, we compute
* how long the resulting string would be. Then we allocate a
* new buffer of the required length, and fill it in with the
* expanded content. The advantage of this approach is not
* having to deal with requiring callers to supply their own
* buffer, then having to check if it's sufficiently large, etc.
*/
while (1) {
/* note: "return NULL" below are leak-safe since
* dst isn't yet allocated */
const uint8_t *c;
unsigned crtpos, retpos, depth, len;
crtpos = retpos = depth = len = 0;
while (crtpos < clen) {
c = cstr + crtpos;
if (*c & NS_CMPRSFLGS) {
/* pointer */
if (crtpos + 2 > clen) /* no offset to jump to? abort */
return NULL;
if (retpos == 0) /* toplevel? save return spot */
retpos = crtpos + 2;
depth++;
crtpos = ((c[0] & 0x3f) << 8) | (c[1] & 0xff); /* jump */
} else if (*c) {
/* label */
if (crtpos + *c + 1 > clen) /* label too long? abort */
return NULL;
if (dst)
memcpy(dst + len, c + 1, *c);
len += *c + 1;
crtpos += *c + 1;
if (dst)
dst[len - 1] = '.';
} else {
/* null: end of current domain name */
if (retpos == 0) {
/* toplevel? keep going */
crtpos++;
} else {
/* return to toplevel saved spot */
crtpos = retpos;
retpos = depth = 0;
}
if (dst)
dst[len - 1] = ' ';
}
if (depth > NS_MAXDNSRCH /* too many jumps? abort, it's a loop */
|| len > NS_MAXDNAME * NS_MAXDNSRCH /* result too long? abort */
) {
return NULL;
}
}
if (!len) /* expanded string has 0 length? abort */
return NULL;
if (!dst) { /* first pass? */
/* allocate dst buffer and copy pre */
unsigned plen = strlen(pre);
ret = dst = xmalloc(plen + len);
memcpy(dst, pre, plen);
dst += plen;
} else {
dst[len - 1] = '\0';
break;
}
}
return ret;
}
/* Convert a domain name (src) from human-readable "foo.blah.com" format into
* RFC1035 encoding "\003foo\004blah\003com\000". Return allocated string, or
* NULL if an error occurs.
*/
static uint8_t *convert_dname(const char *src)
{
uint8_t c, *res, *lp, *rp;
int len;
res = xmalloc(strlen(src) + 2);
rp = lp = res;
rp++;
for (;;) {
c = (uint8_t)*src++;
if (c == '.' || c == '\0') { /* end of label */
len = rp - lp - 1;
/* label too long, too short, or two '.'s in a row? abort */
if (len > NS_MAXLABEL || len == 0 || (c == '.' && *src == '.')) {
free(res);
return NULL;
}
*lp = len;
lp = rp++;
if (c == '\0' || *src == '\0') /* end of dname */
break;
} else {
if (c >= 0x41 && c <= 0x5A) /* uppercase? convert to lower */
c += 0x20;
*rp++ = c;
}
}
*lp = 0;
if (rp - res > NS_MAXCDNAME) { /* dname too long? abort */
free(res);
return NULL;
}
return res;
}
/* returns the offset within cstr at which dname can be found, or -1
*/
static int find_offset(const uint8_t *cstr, int clen, const uint8_t *dname)
{
const uint8_t *c, *d;
int off, inc;
/* find all labels in cstr */
off = 0;
while (off < clen) {
c = cstr + off;
if ((*c & NS_CMPRSFLGS) != 0) { /* pointer, skip */
off += 2;
} else if (*c) { /* label, try matching dname */
inc = *c + 1;
d = dname;
while (*c == *d && memcmp(c + 1, d + 1, *c) == 0) {
if (*c == 0) /* match, return offset */
return off;
d += *c + 1;
c += *c + 1;
if ((*c & NS_CMPRSFLGS) != 0) /* pointer, jump */
c = cstr + (((*c & 0x3f) << 8) | (*(c + 1) & 0xff));
}
off += inc;
} else { /* null, skip */
off++;
}
}
return -1;
}
/* computes string to be appended to cstr so that src would be added to
* the compression (best case, it's a 2-byte pointer to some offset within
* cstr; worst case, it's all of src, converted to rfc3011 format).
* The computed string is returned directly; its length is returned via retlen;
* NULL and 0, respectively, are returned if an error occurs.
*/
uint8_t* FAST_FUNC dname_enc(const uint8_t *cstr, int clen, const char *src, int *retlen)
{
uint8_t *d, *dname;
int off;
dname = convert_dname(src);
if (dname == NULL) {
*retlen = 0;
return NULL;
}
for (d = dname; *d != 0; d += *d + 1) {
off = find_offset(cstr, clen, d);
if (off >= 0) { /* found a match, add pointer and terminate string */
*d++ = NS_CMPRSFLGS;
*d = off;
break;
}
}
*retlen = d - dname + 1;
return dname;
}
#endif /* ENABLE_FEATURE_UDHCP_RFC3397 */