Permalink
Browse files

base64: fix Curl_base64_encode and Curl_base64_decode interfaces

Previous interfaces for these libcurl internal functions did not allow to tell
apart a legitimate zero size result from an error condition. These functions
now return a CURLcode indicating function success or otherwise specific error.
Output size is returned using a pointer argument.

All usage of these two functions, and others closely related, has been adapted
to the new interfaces. Relative error and OOM handling adapted or added where
missing. Unit test 1302 also adapted.
  • Loading branch information...
1 parent cce6508 commit fd00b382b2d33ef90c6f5c840a32b66c8ceb1662 @yangtse yangtse committed Aug 24, 2011
Showing with 380 additions and 225 deletions.
  1. +43 −21 lib/base64.c
  2. +6 −5 lib/curl_base64.h
  3. +11 −5 lib/curl_ntlm.c
  4. +21 −15 lib/http.c
  5. +8 −5 lib/http_digest.c
  6. +22 −11 lib/http_negotiate.c
  7. +15 −10 lib/http_negotiate_sspi.c
  8. +26 −19 lib/http_ntlm.c
  9. +27 −12 lib/krb4.c
  10. +10 −7 lib/krb5.c
  11. +17 −7 lib/ldap.c
  12. +14 −5 lib/openldap.c
  13. +26 −10 lib/security.c
  14. +68 −67 lib/smtp.c
  15. +19 −0 lib/warnless.c
  16. +2 −0 lib/warnless.h
  17. +4 −2 tests/server/getpart.c
  18. +41 −24 tests/unit/unit1302.c
View
@@ -68,12 +68,19 @@ static void decodeQuantum(unsigned char *dest, const char *src)
/*
* Curl_base64_decode()
*
- * Given a base64 string at src, decode it and return an allocated memory in
- * the *outptr. Returns the length of the decoded data.
+ * Given a base64 NUL-terminated string at src, decode it and return a
+ * pointer in *outptr to a newly allocated memory area holding decoded
+ * data. Size of decoded data is returned in variable pointed by outlen.
+ *
+ * Returns CURLE_OK on success, otherwise specific error code. Function
+ * output shall not be considered valid unless CURLE_OK is returned.
+ *
+ * When decoded data length is 0, returns NULL in *outptr.
*
* @unittest: 1302
*/
-size_t Curl_base64_decode(const char *src, unsigned char **outptr)
+CURLcode Curl_base64_decode(const char *src,
+ unsigned char **outptr, size_t *outlen)
{
size_t length = 0;
size_t equalsTerm = 0;
@@ -84,6 +91,7 @@ size_t Curl_base64_decode(const char *src, unsigned char **outptr)
unsigned char *newstr;
*outptr = NULL;
+ *outlen = 0;
while((src[length] != '=') && src[length])
length++;
@@ -97,15 +105,15 @@ size_t Curl_base64_decode(const char *src, unsigned char **outptr)
/* Don't allocate a buffer if the decoded length is 0 */
if(numQuantums == 0)
- return 0;
+ return CURLE_OK;
rawlen = (numQuantums * 3) - equalsTerm;
/* The buffer must be large enough to make room for the last quantum
(which may be partially thrown out) and the zero terminator. */
newstr = malloc(rawlen+4);
if(!newstr)
- return 0;
+ return CURLE_OUT_OF_MEMORY;
*outptr = newstr;
@@ -124,23 +132,34 @@ size_t Curl_base64_decode(const char *src, unsigned char **outptr)
newstr[i] = lastQuantum[i];
newstr[i] = '\0'; /* zero terminate */
- return rawlen;
+
+ *outlen = rawlen; /* return size of decoded data */
+
+ return CURLE_OK;
}
/*
* Curl_base64_encode()
*
- * Returns the length of the newly created base64 string. The third argument
- * is a pointer to an allocated area holding the base64 data. If something
- * went wrong, 0 is returned.
+ * Given a pointer to an input buffer and an input size, encode it and
+ * return a pointer in *outptr to a newly allocated memory area holding
+ * encoded data. Size of encoded data is returned in variable pointed by
+ * outlen.
+ *
+ * Input length of 0 indicates input buffer holds a NUL-terminated string.
+ *
+ * Returns CURLE_OK on success, otherwise specific error code. Function
+ * output shall not be considered valid unless CURLE_OK is returned.
+ *
+ * When encoded data length is 0, returns NULL in *outptr.
*
* @unittest: 1302
*/
-size_t Curl_base64_encode(struct SessionHandle *data,
- const char *inputbuff, size_t insize,
- char **outptr)
+CURLcode Curl_base64_encode(struct SessionHandle *data,
+ const char *inputbuff, size_t insize,
+ char **outptr, size_t *outlen)
{
- CURLcode res;
+ CURLcode error;
unsigned char ibuf[3];
unsigned char obuf[4];
int i;
@@ -151,24 +170,25 @@ size_t Curl_base64_encode(struct SessionHandle *data,
const char *indata = inputbuff;
- *outptr = NULL; /* set to NULL in case of failure before we reach the end */
+ *outptr = NULL;
+ *outlen = 0;
if(0 == insize)
insize = strlen(indata);
base64data = output = malloc(insize*4/3+4);
if(NULL == output)
- return 0;
+ return CURLE_OUT_OF_MEMORY;
/*
* The base64 data needs to be created using the network encoding
* not the host encoding. And we can't change the actual input
* so we copy it to a buffer, translate it, and use that instead.
*/
- res = Curl_convert_clone(data, indata, insize, &convbuf);
- if(res) {
+ error = Curl_convert_clone(data, indata, insize, &convbuf);
+ if(error) {
free(output);
- return 0;
+ return error;
}
if(convbuf)
@@ -215,12 +235,14 @@ size_t Curl_base64_encode(struct SessionHandle *data,
}
output += 4;
}
- *output=0;
- *outptr = base64data; /* make it return the actual data memory */
+ *output = '\0';
+ *outptr = base64data; /* return pointer to new data, allocated memory */
if(convbuf)
free(convbuf);
- return strlen(base64data); /* return the length of the new data */
+ *outlen = strlen(base64data); /* return the length of the new data */
+
+ return CURLE_OK;
}
/* ---- End of Base64 Encoding ---- */
View
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,10 +22,11 @@
*
***************************************************************************/
-size_t Curl_base64_encode(struct SessionHandle *data,
- const char *inputbuff, size_t insize,
- char **outptr);
+CURLcode Curl_base64_encode(struct SessionHandle *data,
+ const char *inputbuff, size_t insize,
+ char **outptr, size_t *outlen);
-size_t Curl_base64_decode(const char *src, unsigned char **outptr);
+CURLcode Curl_base64_decode(const char *src,
+ unsigned char **outptr, size_t *outlen);
#endif /* HEADER_CURL_BASE64_H */
View
@@ -305,16 +305,22 @@ CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
(*) -> Optional
*/
- size_t size;
- unsigned char *buffer;
+ size_t size = 0;
+ unsigned char *buffer = NULL;
+ CURLcode error;
#if defined(CURL_DISABLE_VERBOSE_STRINGS) || defined(USE_WINDOWS_SSPI)
(void)data;
#endif
- size = Curl_base64_decode(header, &buffer);
- if(!buffer)
- return CURLE_OUT_OF_MEMORY;
+ error = Curl_base64_decode(header, &buffer, &size);
+ if(error)
+ return error;
+
+ if(!buffer) {
+ infof(data, "NTLM handshake failure (unhandled condition)\n");
+ return CURLE_REMOTE_ACCESS_DENIED;
+ }
#ifdef USE_WINDOWS_SSPI
ntlm->type_2 = malloc(size + 1);
View
@@ -231,11 +231,13 @@ static char *copy_header_value(const char *h)
*/
static CURLcode http_output_basic(struct connectdata *conn, bool proxy)
{
- char *authorization;
- struct SessionHandle *data=conn->data;
+ size_t size = 0;
+ char *authorization = NULL;
+ struct SessionHandle *data = conn->data;
char **userp;
const char *user;
const char *pwd;
+ CURLcode error;
if(proxy) {
userp = &conn->allocptr.proxyuserpwd;
@@ -249,20 +251,24 @@ static CURLcode http_output_basic(struct connectdata *conn, bool proxy)
}
snprintf(data->state.buffer, sizeof(data->state.buffer), "%s:%s", user, pwd);
- if(Curl_base64_encode(data, data->state.buffer,
- strlen(data->state.buffer),
- &authorization) > 0) {
- if(*userp)
- free(*userp);
- *userp = aprintf( "%sAuthorization: Basic %s\r\n",
- proxy?"Proxy-":"",
- authorization);
- free(authorization);
- if(!*userp)
- return CURLE_OUT_OF_MEMORY;
- }
- else
+
+ error = Curl_base64_encode(data,
+ data->state.buffer, strlen(data->state.buffer),
+ &authorization, &size);
+ if(error)
+ return error;
+
+ if(!authorization)
+ return CURLE_REMOTE_ACCESS_DENIED;
+
+ Curl_safefree(*userp);
+ *userp = aprintf("%sAuthorization: Basic %s\r\n",
+ proxy?"Proxy-":"",
+ authorization);
+ free(authorization);
+ if(!*userp)
return CURLE_OUT_OF_MEMORY;
+
return CURLE_OK;
}
View
@@ -280,7 +280,8 @@ CURLcode Curl_output_digest(struct connectdata *conn,
unsigned char *ha1;
unsigned char ha2[33];/* 32 digits and 1 zero byte */
char cnoncebuf[7];
- char *cnonce;
+ char *cnonce = NULL;
+ size_t cnonce_sz = 0;
char *tmp = NULL;
struct timeval now;
@@ -343,10 +344,12 @@ CURLcode Curl_output_digest(struct connectdata *conn,
/* Generate a cnonce */
now = Curl_tvnow();
snprintf(cnoncebuf, sizeof(cnoncebuf), "%06ld", (long)now.tv_sec);
- if(Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf), &cnonce))
- d->cnonce = cnonce;
- else
- return CURLE_OUT_OF_MEMORY;
+
+ rc = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf),
+ &cnonce, &cnonce_sz);
+ if(rc)
+ return rc;
+ d->cnonce = cnonce;
}
/*
View
@@ -138,9 +138,11 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
int ret;
- size_t len, rawlen;
+ size_t len;
+ size_t rawlen = 0;
bool gss;
const char* protocol;
+ CURLcode error;
while(*header && ISSPACE(*header))
header++;
@@ -183,9 +185,9 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
len = strlen(header);
if(len > 0) {
- rawlen = Curl_base64_decode(header,
- (unsigned char **)&input_token.value);
- if(rawlen == 0)
+ error = Curl_base64_decode(header,
+ (unsigned char **)&input_token.value, &rawlen);
+ if(error || rawlen == 0)
return -1;
input_token.length = rawlen;
@@ -270,8 +272,9 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
&conn->data->state.negotiate;
char *encoded = NULL;
- size_t len;
+ size_t len = 0;
char *userp;
+ CURLcode error;
#ifdef HAVE_SPNEGO /* Handle SPNEGO */
if(checkprefix("Negotiate", neg_ctx->protocol)) {
@@ -317,13 +320,21 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
}
}
#endif
- len = Curl_base64_encode(conn->data,
- neg_ctx->output_token.value,
- neg_ctx->output_token.length,
- &encoded);
+ error = Curl_base64_encode(conn->data,
+ neg_ctx->output_token.value,
+ neg_ctx->output_token.length,
+ &encoded, &len);
+ if(error) {
+ Curl_safefree(neg_ctx->output_token.value);
+ neg_ctx->output_token.value = NULL;
+ return error;
+ }
- if(len == 0)
- return CURLE_OUT_OF_MEMORY;
+ if(len == 0) {
+ Curl_safefree(neg_ctx->output_token.value);
+ neg_ctx->output_token.value = NULL;
+ return CURLE_REMOTE_ACCESS_DENIED;
+ }
userp = aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",
neg_ctx->protocol, encoded);
View
@@ -82,7 +82,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
{
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
&conn->data->state.negotiate;
- BYTE *input_token = 0;
+ BYTE *input_token = 0;
SecBufferDesc out_buff_desc;
SecBuffer out_sec_buff;
SecBufferDesc in_buff_desc;
@@ -94,6 +94,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
size_t len = 0, input_token_len = 0;
bool gss = FALSE;
const char* protocol;
+ CURLcode error;
while(*header && ISSPACE(*header))
header++;
@@ -176,9 +177,10 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
if(!input_token)
return -1;
- input_token_len = Curl_base64_decode(header,
- (unsigned char **)&input_token);
- if(input_token_len == 0)
+ error = Curl_base64_decode(header,
+ (unsigned char **)&input_token,
+ &input_token_len);
+ if(error || input_token_len == 0)
return -1;
}
@@ -238,16 +240,19 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
&conn->data->state.negotiate;
char *encoded = NULL;
- size_t len;
+ size_t len = 0;
char *userp;
+ CURLcode error;
- len = Curl_base64_encode(conn->data,
- (const char*)neg_ctx->output_token,
- neg_ctx->output_token_length,
- &encoded);
+ error = Curl_base64_encode(conn->data,
+ (const char*)neg_ctx->output_token,
+ neg_ctx->output_token_length,
+ &encoded, &len);
+ if(error)
+ return error;
if(len == 0)
- return CURLE_OUT_OF_MEMORY;
+ return CURLE_REMOTE_ACCESS_DENIED;
userp = aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",
neg_ctx->protocol, encoded);
Oops, something went wrong.

0 comments on commit fd00b38

Please sign in to comment.