1 /* $OpenBSD: buffer.c,v 1.35 2014/02/02 03:44:31 djm Exp $ */
2 /* $FreeBSD: stable/9/crypto/openssh/buffer.c 263970 2014-03-31 14:39:56Z des $ */
3 /*
4  * Author: Tatu Ylonen <ylo@cs.hut.fi>
5  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6  *                    All rights reserved
7  * Functions for manipulating fifo buffers (that can grow if needed).
8  *
9  * As far as I am concerned, the code I have written for this software
10  * can be used freely for any purpose.  Any derived versions of this
11  * software must be clearly marked as such, and if the derived work is
12  * incompatible with the protocol description in the RFC file, it must be
13  * called by a name other than "ssh" or "Secure Shell".
14  */
15 
16 #include "includes.h"
17 __RCSID("$FreeBSD: stable/9/crypto/openssh/buffer.c 263970 2014-03-31 14:39:56Z des $");
18 
19 #include <sys/param.h>
20 
21 #include <stdio.h>
22 #include <string.h>
23 #include <stdarg.h>
24 #include <stdlib.h>
25 
26 #include "xmalloc.h"
27 #include "buffer.h"
28 #include "log.h"
29 
30 #define	BUFFER_MAX_CHUNK	0x100000
31 #define	BUFFER_MAX_LEN		0x4000000	/* 64MB */
32 #define	BUFFER_ALLOCSZ		0x008000
33 
34 /* Initializes the buffer structure. */
35 
36 void
buffer_init(Buffer * buffer)37 buffer_init(Buffer *buffer)
38 {
39 	const u_int len = 4096;
40 
41 	buffer->alloc = 0;
42 	buffer->buf = xmalloc(len);
43 	buffer->alloc = len;
44 	buffer->offset = 0;
45 	buffer->end = 0;
46 }
47 
48 /* Frees any memory used for the buffer. */
49 
50 void
buffer_free(Buffer * buffer)51 buffer_free(Buffer *buffer)
52 {
53 	if (buffer->alloc > 0) {
54 		explicit_bzero(buffer->buf, buffer->alloc);
55 		buffer->alloc = 0;
56 		free(buffer->buf);
57 	}
58 }
59 
60 /*
61  * Clears any data from the buffer, making it empty.  This does not actually
62  * zero the memory.
63  */
64 
65 void
buffer_clear(Buffer * buffer)66 buffer_clear(Buffer *buffer)
67 {
68 	buffer->offset = 0;
69 	buffer->end = 0;
70 }
71 
72 /* Appends data to the buffer, expanding it if necessary. */
73 
74 void
buffer_append(Buffer * buffer,const void * data,u_int len)75 buffer_append(Buffer *buffer, const void *data, u_int len)
76 {
77 	void *p;
78 	p = buffer_append_space(buffer, len);
79 	memcpy(p, data, len);
80 }
81 
82 static int
buffer_compact(Buffer * buffer)83 buffer_compact(Buffer *buffer)
84 {
85 	/*
86 	 * If the buffer is quite empty, but all data is at the end, move the
87 	 * data to the beginning.
88 	 */
89 	if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) {
90 		memmove(buffer->buf, buffer->buf + buffer->offset,
91 			buffer->end - buffer->offset);
92 		buffer->end -= buffer->offset;
93 		buffer->offset = 0;
94 		return (1);
95 	}
96 	return (0);
97 }
98 
99 /*
100  * Appends space to the buffer, expanding the buffer if necessary. This does
101  * not actually copy the data into the buffer, but instead returns a pointer
102  * to the allocated region.
103  */
104 
105 void *
buffer_append_space(Buffer * buffer,u_int len)106 buffer_append_space(Buffer *buffer, u_int len)
107 {
108 	u_int newlen;
109 	void *p;
110 
111 	if (len > BUFFER_MAX_CHUNK)
112 		fatal("buffer_append_space: len %u not supported", len);
113 
114 	/* If the buffer is empty, start using it from the beginning. */
115 	if (buffer->offset == buffer->end) {
116 		buffer->offset = 0;
117 		buffer->end = 0;
118 	}
119 restart:
120 	/* If there is enough space to store all data, store it now. */
121 	if (buffer->end + len < buffer->alloc) {
122 		p = buffer->buf + buffer->end;
123 		buffer->end += len;
124 		return p;
125 	}
126 
127 	/* Compact data back to the start of the buffer if necessary */
128 	if (buffer_compact(buffer))
129 		goto restart;
130 
131 	/* Increase the size of the buffer and retry. */
132 	newlen = roundup(buffer->alloc + len, BUFFER_ALLOCSZ);
133 	if (newlen > BUFFER_MAX_LEN)
134 		fatal("buffer_append_space: alloc %u not supported",
135 		    newlen);
136 	buffer->buf = xrealloc(buffer->buf, 1, newlen);
137 	buffer->alloc = newlen;
138 	goto restart;
139 	/* NOTREACHED */
140 }
141 
142 /*
143  * Check whether an allocation of 'len' will fit in the buffer
144  * This must follow the same math as buffer_append_space
145  */
146 int
buffer_check_alloc(Buffer * buffer,u_int len)147 buffer_check_alloc(Buffer *buffer, u_int len)
148 {
149 	if (buffer->offset == buffer->end) {
150 		buffer->offset = 0;
151 		buffer->end = 0;
152 	}
153  restart:
154 	if (buffer->end + len < buffer->alloc)
155 		return (1);
156 	if (buffer_compact(buffer))
157 		goto restart;
158 	if (roundup(buffer->alloc + len, BUFFER_ALLOCSZ) <= BUFFER_MAX_LEN)
159 		return (1);
160 	return (0);
161 }
162 
163 /* Returns the number of bytes of data in the buffer. */
164 
165 u_int
buffer_len(const Buffer * buffer)166 buffer_len(const Buffer *buffer)
167 {
168 	return buffer->end - buffer->offset;
169 }
170 
171 /* Returns the maximum number of bytes of data that may be in the buffer. */
172 u_int
buffer_get_max_len(void)173 buffer_get_max_len(void)
174 {
175 	return (BUFFER_MAX_LEN);
176 }
177 
178 /* Gets data from the beginning of the buffer. */
179 
180 int
buffer_get_ret(Buffer * buffer,void * buf,u_int len)181 buffer_get_ret(Buffer *buffer, void *buf, u_int len)
182 {
183 	if (len > buffer->end - buffer->offset) {
184 		error("buffer_get_ret: trying to get more bytes %d than in buffer %d",
185 		    len, buffer->end - buffer->offset);
186 		return (-1);
187 	}
188 	memcpy(buf, buffer->buf + buffer->offset, len);
189 	buffer->offset += len;
190 	return (0);
191 }
192 
193 void
buffer_get(Buffer * buffer,void * buf,u_int len)194 buffer_get(Buffer *buffer, void *buf, u_int len)
195 {
196 	if (buffer_get_ret(buffer, buf, len) == -1)
197 		fatal("buffer_get: buffer error");
198 }
199 
200 /* Consumes the given number of bytes from the beginning of the buffer. */
201 
202 int
buffer_consume_ret(Buffer * buffer,u_int bytes)203 buffer_consume_ret(Buffer *buffer, u_int bytes)
204 {
205 	if (bytes > buffer->end - buffer->offset) {
206 		error("buffer_consume_ret: trying to get more bytes than in buffer");
207 		return (-1);
208 	}
209 	buffer->offset += bytes;
210 	return (0);
211 }
212 
213 void
buffer_consume(Buffer * buffer,u_int bytes)214 buffer_consume(Buffer *buffer, u_int bytes)
215 {
216 	if (buffer_consume_ret(buffer, bytes) == -1)
217 		fatal("buffer_consume: buffer error");
218 }
219 
220 /* Consumes the given number of bytes from the end of the buffer. */
221 
222 int
buffer_consume_end_ret(Buffer * buffer,u_int bytes)223 buffer_consume_end_ret(Buffer *buffer, u_int bytes)
224 {
225 	if (bytes > buffer->end - buffer->offset)
226 		return (-1);
227 	buffer->end -= bytes;
228 	return (0);
229 }
230 
231 void
buffer_consume_end(Buffer * buffer,u_int bytes)232 buffer_consume_end(Buffer *buffer, u_int bytes)
233 {
234 	if (buffer_consume_end_ret(buffer, bytes) == -1)
235 		fatal("buffer_consume_end: trying to get more bytes than in buffer");
236 }
237 
238 /* Returns a pointer to the first used byte in the buffer. */
239 
240 void *
buffer_ptr(const Buffer * buffer)241 buffer_ptr(const Buffer *buffer)
242 {
243 	return buffer->buf + buffer->offset;
244 }
245 
246 /* Dumps the contents of the buffer to stderr. */
247 
248 void
buffer_dump(const Buffer * buffer)249 buffer_dump(const Buffer *buffer)
250 {
251 	u_int i;
252 	u_char *ucp = buffer->buf;
253 
254 	for (i = buffer->offset; i < buffer->end; i++) {
255 		fprintf(stderr, "%02x", ucp[i]);
256 		if ((i-buffer->offset)%16==15)
257 			fprintf(stderr, "\r\n");
258 		else if ((i-buffer->offset)%2==1)
259 			fprintf(stderr, " ");
260 	}
261 	fprintf(stderr, "\r\n");
262 }
263