[apple/security.git] / OSX / libsecurityd / lib / sec_xdr_array.c

/*
 * Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*    $NetBSD: xdr_array.c,v 1.12 2000/01/22 22:19:18 mycroft Exp $    */

/*
 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
 * unrestricted use provided that this legend is included on all tape
 * media and as a part of the software program in whole or part.  Users
 * may copy or modify Sun RPC without charge, but are not authorized
 * to license or distribute it to anyone else except as part of a product or
 * program developed by the user.
 *
 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
 *
 * Sun RPC is provided with no support and without any obligation on the
 * part of Sun Microsystems, Inc. to assist in its use, correction,
 * modification or enhancement.
 *
 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
 * OR ANY PART THEREOF.
 *
 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
 * or profits or other special, indirect and consequential damages, even if
 * Sun has been advised of the possibility of such damages.
 *
 * Sun Microsystems, Inc.
 * 2550 Garcia Avenue
 * Mountain View, California  94043
 */

#if defined(LIBC_SCCS) && !defined(lint)
static char *sccsid = "@(#)xdr_array.c 1.10 87/08/11 Copyr 1984 Sun Micro";
static char *sccsid = "@(#)xdr_array.c    2.1 88/07/29 4.0 RPCSRC";
#endif
#include <sys/cdefs.h>

/*
 * xdr_array.c, Generic XDR routines impelmentation.
 *
 * Copyright (C) 1984, Sun Microsystems, Inc.
 *
 * These are the "non-trivial" xdr primitives used to serialize and de-serialize
 * arrays.  See xdr.h for more info on the interface to xdr.
 */

#include <err.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <security_utilities/simulatecrash_assert.h>

#include "sec_xdr.h"

/*
 * XDR an array of arbitrary elements
 * *addrp is a pointer to the array, *sizep is the number of elements.
 * If addrp is NULL (*sizep * elsize) bytes are allocated.
 * elsize is the size (in bytes) of each element, and elproc is the
 * xdr procedure to call to handle each element of the array.
 */
bool_t
sec_xdr_array(XDR *xdrs, uint8_t **addrp, u_int *sizep, u_int maxsize, u_int elsize, xdrproc_t elproc)
{
    u_int i;
    bool_t stat = TRUE;
    
    u_int c = sizep ? *sizep : 0;  /* the actual element count */
    /* like strings, arrays are really counted arrays */
    if (!xdr_u_int(xdrs, &c))
        return (FALSE);

    if (sizep && (xdrs->x_op == XDR_DECODE))
        *sizep = c;
        
    // XXX/cs on decode if c == 0 return

    if ((c > maxsize || UINT_MAX/elsize < c) && (xdrs->x_op != XDR_FREE))
        return (FALSE);

    if (elsize > 1024) {
        // Structure suspiciously large: 1024 is arbitrary upper bound
        // for struct sizes (non-nested size)
        assert(FALSE);
        return (FALSE);
    }
    
    u_int nodesize = c * elsize;
    uint8_t *target = addrp ? *addrp : NULL;

    uint8_t obj[elsize];

    bool_t sizeof_alloc = sec_xdr_arena_size_allocator(xdrs);

    /*
     * if we are deserializing, we may need to allocate an array.
     * We also save time by checking for a null array if we are freeing.
     */
    if (target == NULL) {
        switch (xdrs->x_op) {
        case XDR_DECODE:
            if (c == 0)
                return (TRUE);
			if (!sec_mem_alloc(xdrs, nodesize, &target))
				return (FALSE);
			if (!target)
				target = &obj[0];
            if (!sizeof_alloc && addrp != NULL) {
				*addrp = target;
            }
            break;

        case XDR_FREE:
            return (TRUE);

        case XDR_ENCODE:
            break;
        }
    }
	
    /*
     * now we xdr each element of array
     */
    for (i = 0; (i < c) && stat; i++) {
        if ((xdrs->x_op == XDR_DECODE) && sizeof_alloc)
            memset(obj, 0, elsize);
        stat = (*elproc)(xdrs, target, 0);
        if ((xdrs->x_op == XDR_ENCODE) || !sizeof_alloc)
            target += elsize;
    }

    /*
     * the array may need freeing
     */
    if (xdrs->x_op == XDR_FREE && addrp != NULL) {
        sec_mem_free(xdrs, *addrp, nodesize);
        *addrp = NULL;
    }
    return (stat);
}

/**
 * This is almost a straight copy of the standard implementation, except
 * that all calls made that allocate memory can defer to an alternate 
 * mechanism, with the purpose to allocate from one block of memory on
 * *decode*
 */
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24	/* $NetBSD: xdr_array.c,v 1.12 2000/01/22 22:19:18 mycroft Exp $ */
	25
	26	/*
	27	* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
	28	* unrestricted use provided that this legend is included on all tape
	29	* media and as a part of the software program in whole or part. Users
	30	* may copy or modify Sun RPC without charge, but are not authorized
	31	* to license or distribute it to anyone else except as part of a product or
	32	* program developed by the user.
	33	*
	34	* SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
	35	* WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
	36	* PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
	37	*
	38	* Sun RPC is provided with no support and without any obligation on the
	39	* part of Sun Microsystems, Inc. to assist in its use, correction,
	40	* modification or enhancement.
	41	*
	42	* SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
	43	* INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
	44	* OR ANY PART THEREOF.
	45	*
	46	* In no event will Sun Microsystems, Inc. be liable for any lost revenue
	47	* or profits or other special, indirect and consequential damages, even if
	48	* Sun has been advised of the possibility of such damages.
	49	*
	50	* Sun Microsystems, Inc.
	51	* 2550 Garcia Avenue
	52	* Mountain View, California 94043
	53	*/
	54
	55	#if defined(LIBC_SCCS) && !defined(lint)
	56	static char *sccsid = "@(#)xdr_array.c 1.10 87/08/11 Copyr 1984 Sun Micro";
	57	static char *sccsid = "@(#)xdr_array.c 2.1 88/07/29 4.0 RPCSRC";
	58	#endif
	59	#include <sys/cdefs.h>
	60
	61	/*
	62	* xdr_array.c, Generic XDR routines impelmentation.
	63	*
	64	* Copyright (C) 1984, Sun Microsystems, Inc.
	65	*
	66	* These are the "non-trivial" xdr primitives used to serialize and de-serialize
67	* arrays. See xdr.h for more info on the interface to xdr.
68	*/
69
70	#include <err.h>
71	#include <limits.h>
72	#include <stdio.h>
73	#include <stdlib.h>
74	#include <string.h>
d64be36e	75	#include <security_utilities/simulatecrash_assert.h>
b1ab9ed8 A	76
	77	#include "sec_xdr.h"
	78
	79	/*
	80	* XDR an array of arbitrary elements
	81	* addrp is a pointer to the array, sizep is the number of elements.
	82	* If addrp is NULL (sizep elsize) bytes are allocated.
	83	* elsize is the size (in bytes) of each element, and elproc is the
	84	* xdr procedure to call to handle each element of the array.
	85	*/
	86	bool_t
	87	sec_xdr_array(XDR xdrs, uint8_t addrp, u_int sizep, u_int maxsize, u_int elsize, xdrproc_t elproc)
	88	{
	89	u_int i;
	90	bool_t stat = TRUE;
	91
	92	u_int c = sizep ? sizep : 0; / the actual element count */
	93	/* like strings, arrays are really counted arrays */
	94	if (!xdr_u_int(xdrs, &c))
	95	return (FALSE);
	96
	97	if (sizep && (xdrs->x_op == XDR_DECODE))
	98	*sizep = c;
	99
	100	// XXX/cs on decode if c == 0 return
	101
	102	if ((c > maxsize \|\| UINT_MAX/elsize < c) && (xdrs->x_op != XDR_FREE))
	103	return (FALSE);
	104
	105	if (elsize > 1024) {
	106	// Structure suspiciously large: 1024 is arbitrary upper bound
	107	// for struct sizes (non-nested size)
	108	assert(FALSE);
	109	return (FALSE);
	110	}
	111
	112	u_int nodesize = c * elsize;
	113	uint8_t target = addrp ? addrp : NULL;
	114
	115	uint8_t obj[elsize];
	116
	117	bool_t sizeof_alloc = sec_xdr_arena_size_allocator(xdrs);
	118
	119	/*
	120	* if we are deserializing, we may need to allocate an array.
	121	* We also save time by checking for a null array if we are freeing.
	122	*/
	123	if (target == NULL) {
	124	switch (xdrs->x_op) {
	125	case XDR_DECODE:
	126	if (c == 0)
	127	return (TRUE);
	128	if (!sec_mem_alloc(xdrs, nodesize, &target))
	129	return (FALSE);
	130	if (!target)
	131	target = &obj[0];
6b200bc3	132	if (!sizeof_alloc && addrp != NULL) {
b1ab9ed8	133	*addrp = target;
6b200bc3	134	}
b1ab9ed8 A	135	break;
	136
	137	case XDR_FREE:
	138	return (TRUE);
	139
	140	case XDR_ENCODE:
	141	break;
	142	}
	143	}
	144
	145	/*
	146	* now we xdr each element of array
	147	*/
	148	for (i = 0; (i < c) && stat; i++) {
	149	if ((xdrs->x_op == XDR_DECODE) && sizeof_alloc)
	150	memset(obj, 0, elsize);
427c49bc	151	stat = (*elproc)(xdrs, target, 0);
b1ab9ed8 A	152	if ((xdrs->x_op == XDR_ENCODE) \|\| !sizeof_alloc)
	153	target += elsize;
	154	}
	155
	156	/*
	157	* the array may need freeing
	158	*/
6b200bc3	159	if (xdrs->x_op == XDR_FREE && addrp != NULL) {
b1ab9ed8 A	160	sec_mem_free(xdrs, *addrp, nodesize);
	161	*addrp = NULL;
	162	}
	163	return (stat);
	164	}
	165
	166	/**
	167	* This is almost a straight copy of the standard implementation, except
	168	* that all calls made that allocate memory can defer to an alternate
	169	* mechanism, with the purpose to allocate from one block of memory on
	170	* decode
	171	*/