1 /* $OpenBSD: bufaux.c,v 1.46 2008/06/10 23:21:34 dtucker Exp $ */
2 /*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved
6 * Auxiliary functions for storing and retrieving various data types to/from
7 * Buffers.
8 *
9 * As far as I am concerned, the code I have written for this software
10 * can be used freely for any purpose. Any derived versions of this
11 * software must be clearly marked as such, and if the derived work is
12 * incompatible with the protocol description in the RFC file, it must be
13 * called by a name other than "ssh" or "Secure Shell".
14 *
15 *
16 * SSH2 packet format added by Markus Friedl
17 * Copyright (c) 2000 Markus Friedl. All rights reserved.
18 *
19 * Redistribution and use in source and binary forms, with or without
20 * modification, are permitted provided that the following conditions
21 * are met:
22 * 1. Redistributions of source code must retain the above copyright
23 * notice, this list of conditions and the following disclaimer.
24 * 2. Redistributions in binary form must reproduce the above copyright
25 * notice, this list of conditions and the following disclaimer in the
26 * documentation and/or other materials provided with the distribution.
27 *
28 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
29 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
30 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
31 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
32 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
33 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
34 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
35 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
36 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
37 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38 */
39
40 #include <sys/types.h>
41 #include <sys/time.h>
42
43 #include <openssl/bn.h>
44
45 #include <string.h>
46 #include <stdarg.h>
47
48 #include "xmalloc.h"
49 #include "buffer.h"
50 #include "log.h"
51 #include "misc.h"
52
53 __RCSID("$MirOS: src/usr.bin/ssh/bufaux.c,v 1.2 2008/12/16 22:13:27 tg Exp $");
54
55 /*
56 * Returns integers from the buffer (msb first).
57 */
58
59 int
buffer_get_short_ret(u_short * ret,Buffer * buffer)60 buffer_get_short_ret(u_short *ret, Buffer *buffer)
61 {
62 u_char buf[2];
63
64 if (buffer_get_ret(buffer, (char *) buf, 2) == -1)
65 return (-1);
66 *ret = get_u16(buf);
67 return (0);
68 }
69
70 u_short
buffer_get_short(Buffer * buffer)71 buffer_get_short(Buffer *buffer)
72 {
73 u_short ret;
74
75 if (buffer_get_short_ret(&ret, buffer) == -1)
76 fatal("buffer_get_short: buffer error");
77
78 return (ret);
79 }
80
81 int
buffer_get_int_ret(u_int * ret,Buffer * buffer)82 buffer_get_int_ret(u_int *ret, Buffer *buffer)
83 {
84 u_char buf[4];
85
86 if (buffer_get_ret(buffer, (char *) buf, 4) == -1)
87 return (-1);
88 *ret = get_u32(buf);
89 return (0);
90 }
91
92 u_int
buffer_get_int(Buffer * buffer)93 buffer_get_int(Buffer *buffer)
94 {
95 u_int ret;
96
97 if (buffer_get_int_ret(&ret, buffer) == -1)
98 fatal("buffer_get_int: buffer error");
99
100 return (ret);
101 }
102
103 int
buffer_get_int64_ret(u_int64_t * ret,Buffer * buffer)104 buffer_get_int64_ret(u_int64_t *ret, Buffer *buffer)
105 {
106 u_char buf[8];
107
108 if (buffer_get_ret(buffer, (char *) buf, 8) == -1)
109 return (-1);
110 *ret = get_u64(buf);
111 return (0);
112 }
113
114 u_int64_t
buffer_get_int64(Buffer * buffer)115 buffer_get_int64(Buffer *buffer)
116 {
117 u_int64_t ret;
118
119 if (buffer_get_int64_ret(&ret, buffer) == -1)
120 fatal("buffer_get_int: buffer error");
121
122 return (ret);
123 }
124
125 /*
126 * Stores integers in the buffer, msb first.
127 */
128 void
buffer_put_short(Buffer * buffer,u_short value)129 buffer_put_short(Buffer *buffer, u_short value)
130 {
131 char buf[2];
132
133 put_u16(buf, value);
134 buffer_append(buffer, buf, 2);
135 }
136
137 void
buffer_put_int(Buffer * buffer,u_int value)138 buffer_put_int(Buffer *buffer, u_int value)
139 {
140 char buf[4];
141
142 put_u32(buf, value);
143 buffer_append(buffer, buf, 4);
144 }
145
146 void
buffer_put_int64(Buffer * buffer,u_int64_t value)147 buffer_put_int64(Buffer *buffer, u_int64_t value)
148 {
149 char buf[8];
150
151 put_u64(buf, value);
152 buffer_append(buffer, buf, 8);
153 }
154
155 /*
156 * Returns an arbitrary binary string from the buffer. The string cannot
157 * be longer than 256k. The returned value points to memory allocated
158 * with xmalloc; it is the responsibility of the calling function to free
159 * the data. If length_ptr is non-NULL, the length of the returned data
160 * will be stored there. A null character will be automatically appended
161 * to the returned string, and is not counted in length.
162 */
163 void *
buffer_get_string_ret(Buffer * buffer,u_int * length_ptr)164 buffer_get_string_ret(Buffer *buffer, u_int *length_ptr)
165 {
166 u_char *value;
167 u_int len;
168
169 /* Get the length. */
170 len = buffer_get_int(buffer);
171 if (len > 256 * 1024) {
172 error("buffer_get_string_ret: bad string length %u", len);
173 return (NULL);
174 }
175 /* Allocate space for the string. Add one byte for a null character. */
176 value = xmalloc(len + 1);
177 /* Get the string. */
178 if (buffer_get_ret(buffer, value, len) == -1) {
179 error("buffer_get_string_ret: buffer_get failed");
180 xfree(value);
181 return (NULL);
182 }
183 /* Append a null character to make processing easier. */
184 value[len] = '\0';
185 /* Optionally return the length of the string. */
186 if (length_ptr)
187 *length_ptr = len;
188 return (value);
189 }
190
191 void *
buffer_get_string(Buffer * buffer,u_int * length_ptr)192 buffer_get_string(Buffer *buffer, u_int *length_ptr)
193 {
194 void *ret;
195
196 if ((ret = buffer_get_string_ret(buffer, length_ptr)) == NULL)
197 fatal("buffer_get_string: buffer error");
198 return (ret);
199 }
200
201 void *
buffer_get_string_ptr(Buffer * buffer,u_int * length_ptr)202 buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
203 {
204 void *ptr;
205 u_int len;
206
207 len = buffer_get_int(buffer);
208 if (len > 256 * 1024)
209 fatal("buffer_get_string_ptr: bad string length %u", len);
210 ptr = buffer_ptr(buffer);
211 buffer_consume(buffer, len);
212 if (length_ptr)
213 *length_ptr = len;
214 return (ptr);
215 }
216
217 /*
218 * Stores and arbitrary binary string in the buffer.
219 */
220 void
buffer_put_string(Buffer * buffer,const void * buf,u_int len)221 buffer_put_string(Buffer *buffer, const void *buf, u_int len)
222 {
223 buffer_put_int(buffer, len);
224 buffer_append(buffer, buf, len);
225 }
226 void
buffer_put_cstring(Buffer * buffer,const char * s)227 buffer_put_cstring(Buffer *buffer, const char *s)
228 {
229 if (s == NULL)
230 fatal("buffer_put_cstring: s == NULL");
231 buffer_put_string(buffer, s, strlen(s));
232 }
233
234 /*
235 * Returns a character from the buffer (0 - 255).
236 */
237 int
buffer_get_char_ret(char * ret,Buffer * buffer)238 buffer_get_char_ret(char *ret, Buffer *buffer)
239 {
240 if (buffer_get_ret(buffer, ret, 1) == -1) {
241 error("buffer_get_char_ret: buffer_get_ret failed");
242 return (-1);
243 }
244 return (0);
245 }
246
247 int
buffer_get_char(Buffer * buffer)248 buffer_get_char(Buffer *buffer)
249 {
250 char ch;
251
252 if (buffer_get_char_ret(&ch, buffer) == -1)
253 fatal("buffer_get_char: buffer error");
254 return (u_char) ch;
255 }
256
257 /*
258 * Stores a character in the buffer.
259 */
260 void
buffer_put_char(Buffer * buffer,int value)261 buffer_put_char(Buffer *buffer, int value)
262 {
263 char ch = value;
264
265 buffer_append(buffer, &ch, 1);
266 }
267