Skip to content

Commit

Permalink
util: extend unbase64mem() to accept secure flag
Browse files Browse the repository at this point in the history 
When the flag is set, buffer is cleared on failure.
  • Loading branch information
@yuwata
yuwata committed Apr 7, 2019
1 parent 03fec54 commit 2432d09
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 24 deletions.
75 changes: 52 additions & 23 deletions src/basic/hexdecoct.c
View file
Expand Up @@ -685,11 +685,12 @@ static int unbase64_next(const char **p, size_t *l) {
return ret;
}

int unbase64mem(const char *p, size_t l, void **ret, size_t *ret_size) {
int unbase64mem_full(const char *p, size_t l, bool secure, void **ret, size_t *ret_size) {
_cleanup_free_ uint8_t *buf = NULL;
const char *x;
uint8_t *z;
size_t len;
int r;

assert(p || l == 0);
assert(ret);
Expand All @@ -712,48 +713,70 @@ int unbase64mem(const char *p, size_t l, void **ret, size_t *ret_size) {
a = unbase64_next(&x, &l);
if (a == -EPIPE) /* End of string */
break;
if (a < 0)
return a;
if (a == INT_MAX) /* Padding is not allowed at the beginning of a 4ch block */
return -EINVAL;
if (a < 0) {
r = a;
goto on_failure;
}
if (a == INT_MAX) { /* Padding is not allowed at the beginning of a 4ch block */
r = -EINVAL;
goto on_failure;
}

b = unbase64_next(&x, &l);
if (b < 0)
return b;
if (b == INT_MAX) /* Padding is not allowed at the second character of a 4ch block either */
return -EINVAL;
if (b < 0) {
r = b;
goto on_failure;
}
if (b == INT_MAX) { /* Padding is not allowed at the second character of a 4ch block either */
r = -EINVAL;
goto on_failure;
}

c = unbase64_next(&x, &l);
if (c < 0)
return c;
if (c < 0) {
r = c;
goto on_failure;
}

d = unbase64_next(&x, &l);
if (d < 0)
return d;
if (d < 0) {
r = d;
goto on_failure;
}

if (c == INT_MAX) { /* Padding at the third character */

if (d != INT_MAX) /* If the third character is padding, the fourth must be too */
return -EINVAL;
if (d != INT_MAX) { /* If the third character is padding, the fourth must be too */
r = -EINVAL;
goto on_failure;
}

/* b == 00YY0000 */
if (b & 15)
return -EINVAL;
if (b & 15) {
r = -EINVAL;
goto on_failure;
}

if (l > 0) /* Trailing rubbish? */
return -ENAMETOOLONG;
if (l > 0) { /* Trailing rubbish? */
r = -ENAMETOOLONG;
goto on_failure;
}

*(z++) = (uint8_t) a << 2 | (uint8_t) (b >> 4); /* XXXXXXYY */
break;
}

if (d == INT_MAX) {
/* c == 00ZZZZ00 */
if (c & 3)
return -EINVAL;
if (c & 3) {
r = -EINVAL;
goto on_failure;
}

if (l > 0) /* Trailing rubbish? */
return -ENAMETOOLONG;
if (l > 0) { /* Trailing rubbish? */
r = -ENAMETOOLONG;
goto on_failure;
}

*(z++) = (uint8_t) a << 2 | (uint8_t) b >> 4; /* XXXXXXYY */
*(z++) = (uint8_t) b << 4 | (uint8_t) c >> 2; /* YYYYZZZZ */
Expand All @@ -771,6 +794,12 @@ int unbase64mem(const char *p, size_t l, void **ret, size_t *ret_size) {
*ret = TAKE_PTR(buf);

return 0;

on_failure:
if (secure)
explicit_bzero_safe(buf, len);

return r;
}

void hexdump(FILE *f, const void *p, size_t s) {
Expand Down
5 changes: 4 additions & 1 deletion src/basic/hexdecoct.h
View file
Expand Up @@ -33,6 +33,9 @@ ssize_t base64mem(const void *p, size_t l, char **out);
int base64_append(char **prefix, int plen,
const void *p, size_t l,
int margin, int width);
int unbase64mem(const char *p, size_t l, void **mem, size_t *len);
int unbase64mem_full(const char *p, size_t l, bool secure, void **mem, size_t *len);
static inline int unbase64mem(const char *p, size_t l, void **mem, size_t *len) {
return unbase64mem_full(p, l, false, mem, len);
}

void hexdump(FILE *f, const void *p, size_t s);

0 comments on commit 2432d09

Please sign in to comment.