diff --git a/CASA-auth-token/client/library/authmech.c b/CASA-auth-token/client/library/authmech.c index 86e6d531..65d08e02 100644 --- a/CASA-auth-token/client/library/authmech.c +++ b/CASA-auth-token/client/library/authmech.c @@ -279,8 +279,8 @@ GetAuthMechToken( &pAuthTokenIf); if (CASA_SUCCESS(retStatus)) { - char *pAuthToken = NULL; - int authTokenBufLen = 0; + char *pAuthToken = NULL; + uint32_t authTokenBufLen = 0; // We found a provider for the service, query it for the buffer size // needed to obtain the authentication token. diff --git a/CASA-auth-token/client/library/authmsg.c b/CASA-auth-token/client/library/authmsg.c index 4585a6be..f441679b 100644 --- a/CASA-auth-token/client/library/authmsg.c +++ b/CASA-auth-token/client/library/authmsg.c @@ -60,11 +60,11 @@ typedef struct _AuthRespParse { XML_Parser p; int state; - int elementDataProcessed; + size_t elementDataProcessed; char *pStatusData; - int statusDataLen; + size_t statusDataLen; char *pLifetimeData; - int lifetimeDataLen; + size_t lifetimeDataLen; AuthenticateResp *pAuthenticateResp; CasaStatus status; @@ -305,7 +305,7 @@ ConsumeElementData( IN const XML_Char *s, IN int len, INOUT char **ppElementData, - INOUT int *pElementDataLen) + INOUT size_t *pElementDataLen) // // Arguments: // @@ -352,7 +352,7 @@ ConsumeElementData( char *pNewBuf; // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pAuthRespParse->elementDataProcessed + len + 1); + pNewBuf = (char*) malloc((size_t)(pAuthRespParse->elementDataProcessed + len + 1)); if (pNewBuf) { memset(pNewBuf, @@ -714,6 +714,16 @@ CreateAuthenticateResp( * */ + // Verify that the response is not too large for the parser + if (respLen > INT_MAX) + { + DbgTrace(0, "-CreateAuthenticateResp- Response too large\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_UNSUCCESSFUL); + goto exit; + } + // Allocate AuthenticateResp object pAuthenticateResp = malloc(sizeof(*pAuthenticateResp)); if (pAuthenticateResp) @@ -748,7 +758,7 @@ CreateAuthenticateResp( XML_SetUserData(p, &authRespParse); // Parse the document - if (XML_Parse(p, pRespMsg, respLen, 1) == XML_STATUS_OK) + if (XML_Parse(p, pRespMsg, (int) respLen, 1) == XML_STATUS_OK) { // Verify that the parse operation completed successfully if (authRespParse.state == DONE_PARSING) @@ -818,6 +828,8 @@ CreateAuthenticateResp( CASA_STATUS_INSUFFICIENT_RESOURCES); } +exit: + DbgTrace(1, "-CreateAuthenticateResp- End, retStatus = %08X\n", retStatus); return retStatus; diff --git a/CASA-auth-token/client/library/authpolicy.c b/CASA-auth-token/client/library/authpolicy.c index 003e63c9..99cc6b74 100644 --- a/CASA-auth-token/client/library/authpolicy.c +++ b/CASA-auth-token/client/library/authpolicy.c @@ -57,7 +57,7 @@ typedef struct _AuthPolicyParse { XML_Parser p; int state; - int elementDataProcessed; + size_t elementDataProcessed; AuthPolicy *pAuthPolicy; CasaStatus status; @@ -206,7 +206,7 @@ ConsumeElementData( IN const XML_Char *s, IN int len, INOUT char **ppElementData, - INOUT int *pElementDataLen) + INOUT size_t *pElementDataLen) // // Arguments: // @@ -253,7 +253,7 @@ ConsumeElementData( char *pNewBuf; // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pAuthPolicyParse->elementDataProcessed + len + 1); + pNewBuf = (char*) malloc((size_t)(pAuthPolicyParse->elementDataProcessed + len + 1)); if (pNewBuf) { memset(pNewBuf, @@ -558,7 +558,7 @@ AuthPolicyEndElementHandler( CasaStatus CreateAuthPolicy( IN char *pEncodedData, - IN int encodedDataLen, + IN size_t encodedDataLen, INOUT AuthPolicy **ppAuthPolicy) // // Arguments: @@ -576,7 +576,7 @@ CreateAuthPolicy( AuthPolicy *pAuthPolicy = NULL; AuthPolicyParse authPolicyParse = {0}; char *pData = NULL; - int dataLen = 0; + uint32_t dataLen = 0; DbgTrace(1, "-CreateAuthPolicy- Start\n", 0); @@ -623,6 +623,16 @@ CreateAuthPolicy( * */ + // Verify that the encoded data length is not too large + if (encodedDataLen > UINT32_MAX) + { + DbgTrace(0, "-CreateAuthPolicy- Encoded data length too large\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_UNSUCCESSFUL); + goto exit; + } + // Initialize output parameter *ppAuthPolicy = NULL; @@ -668,7 +678,7 @@ CreateAuthPolicy( XML_SetUserData(p, &authPolicyParse); // Parse the document - if (XML_Parse(p, pData, dataLen, 1) == XML_STATUS_OK) + if (XML_Parse(p, pData, (int) dataLen, 1) == XML_STATUS_OK) { // Verify that the parse operation completed successfully if (authPolicyParse.state == DONE_PARSING) @@ -736,6 +746,8 @@ CreateAuthPolicy( if (pData) free(pData); +exit: + DbgTrace(1, "-CreateAuthPolicy- End, retStatus = %08X\n", retStatus); return retStatus; diff --git a/CASA-auth-token/client/library/cache.c b/CASA-auth-token/client/library/cache.c index 8e256f1d..c5c22f1d 100644 --- a/CASA-auth-token/client/library/cache.c +++ b/CASA-auth-token/client/library/cache.c @@ -96,7 +96,7 @@ CreateAuthTokenCacheEntry( wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry); // Verify that entrySize will not overflow - if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX) + if ((tokenSize + sizeof(AuthCacheEntry)) <= UINT32_MAX) { entrySize = tokenSize + sizeof(AuthCacheEntry); @@ -142,7 +142,7 @@ CreateAuthTokenCacheEntry( groupOrHostNameStrLen = strlen(pGroupOrHostName); // Verify that keySize will not overflow - if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX) + if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= UINT32_MAX) { keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2); @@ -239,7 +239,7 @@ CreateSessionTokenCacheEntry( wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry); // Verify that entrySize will not overflow - if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX) + if ((tokenSize + sizeof(AuthCacheEntry)) <= UINT32_MAX) { entrySize = tokenSize + sizeof(AuthCacheEntry); @@ -284,7 +284,7 @@ CreateSessionTokenCacheEntry( cacheKeyStrLen = strlen(pCacheKey) + 1; // Verify that the cacheKeyStrLen can be casted to a uint32_t - if (cacheKeyStrLen <= U32_MAX) + if (cacheKeyStrLen <= UINT32_MAX) { miCasaStatus = miCASAWriteBinaryKey(g_hCASAContext, 0, @@ -455,7 +455,7 @@ FindSessionTokenEntryInCache( cacheKeyStrLen = strlen(pCacheKey) + 1; // Verify that the cacheKeyStrLen can be casted to a uint32_t - if (cacheKeyStrLen <= U32_MAX) + if (cacheKeyStrLen <= UINT32_MAX) { miCasaStatus = miCASAReadBinaryKey(g_hCASAContext, 0, @@ -569,7 +569,7 @@ FindAuthTokenEntryInCache( groupOrHostNameStrLen = strlen(pGroupOrHostName); // Verify that keySize will not overflow - if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX) + if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= UINT32_MAX) { keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2); diff --git a/CASA-auth-token/client/library/getpolicymsg.c b/CASA-auth-token/client/library/getpolicymsg.c index 8892c9f8..d7297804 100644 --- a/CASA-auth-token/client/library/getpolicymsg.c +++ b/CASA-auth-token/client/library/getpolicymsg.c @@ -55,9 +55,9 @@ typedef struct _GetAuthPolicyRespParse { XML_Parser p; int state; - int elementDataProcessed; + size_t elementDataProcessed; char *pStatusData; - int statusDataLen; + size_t statusDataLen; GetAuthPolicyResp *pGetAuthPolicyResp; CasaStatus status; @@ -269,7 +269,7 @@ ConsumeElementData( IN const XML_Char *s, IN int len, INOUT char **ppElementData, - INOUT int *pElementDataLen) + INOUT size_t *pElementDataLen) // // Arguments: // @@ -316,7 +316,7 @@ ConsumeElementData( char *pNewBuf; // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pGetAuthPolicyRespParse->elementDataProcessed + len + 1); + pNewBuf = (char*) malloc((size_t)(pGetAuthPolicyRespParse->elementDataProcessed + len + 1)); if (pNewBuf) { memset(pNewBuf, @@ -590,7 +590,7 @@ GetAuthPolicyRespEndElementHandler( CasaStatus CreateGetAuthPolicyResp( IN char *pRespMsg, - IN int respLen, + IN size_t respLen, INOUT GetAuthPolicyResp **ppGetAuthPolicyResp) // // Arguments: @@ -634,6 +634,16 @@ CreateGetAuthPolicyResp( * */ + // Verify that the response is not too large for the parser + if (respLen > INT_MAX) + { + DbgTrace(0, "-CreateGetAuthPolicyResp- Response too large\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_UNSUCCESSFUL); + goto exit; + } + // Allocate GetAuthPolicyResp object pGetAuthPolicyResp = malloc(sizeof(*pGetAuthPolicyResp)); if (pGetAuthPolicyResp) @@ -734,6 +744,8 @@ CreateGetAuthPolicyResp( CASA_STATUS_INSUFFICIENT_RESOURCES); } +exit: + DbgTrace(1, "-CreateGetAuthPolicyResp- End, retStatus = %08X\n", retStatus); return retStatus; diff --git a/CASA-auth-token/client/library/gettokenmsg.c b/CASA-auth-token/client/library/gettokenmsg.c index 6f76f90d..0db47989 100644 --- a/CASA-auth-token/client/library/gettokenmsg.c +++ b/CASA-auth-token/client/library/gettokenmsg.c @@ -55,11 +55,11 @@ typedef struct _GetAuthTokenRespParse { XML_Parser p; int state; - int elementDataProcessed; + size_t elementDataProcessed; char *pStatusData; - int statusDataLen; + size_t statusDataLen; char *pLifetimeData; - int lifetimeDataLen; + size_t lifetimeDataLen; GetAuthTokenResp *pGetAuthTokenResp; CasaStatus status; @@ -302,7 +302,7 @@ ConsumeElementData( IN const XML_Char *s, IN int len, INOUT char **ppElementData, - INOUT int *pElementDataLen) + INOUT size_t *pElementDataLen) // // Arguments: // @@ -349,7 +349,7 @@ ConsumeElementData( char *pNewBuf; // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pGetAuthTokenRespParse->elementDataProcessed + len + 1); + pNewBuf = (char*) malloc((size_t)(pGetAuthTokenRespParse->elementDataProcessed + len + 1)); if (pNewBuf) { memset(pNewBuf, @@ -657,7 +657,7 @@ GetAuthTokenRespEndElementHandler( CasaStatus CreateGetAuthTokenResp( IN char *pRespMsg, - IN int respLen, + IN size_t respLen, INOUT GetAuthTokenResp **ppGetAuthTokenResp) // // Arguments: @@ -701,6 +701,16 @@ CreateGetAuthTokenResp( * */ + // Verify that the response is not too large for the parser + if (respLen > INT_MAX) + { + DbgTrace(0, "-CreateGetAuthTokenResp- Response too large\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_UNSUCCESSFUL); + goto exit; + } + // Allocate GetAuthTokenResp object pGetAuthTokenResp = malloc(sizeof(*pGetAuthTokenResp)); if (pGetAuthTokenResp) @@ -734,7 +744,7 @@ CreateGetAuthTokenResp( XML_SetUserData(p, &getAuthTokenRespParse); // Parse the document - if (XML_Parse(p, pRespMsg, respLen, 1) == XML_STATUS_OK) + if (XML_Parse(p, pRespMsg, (int) respLen, 1) == XML_STATUS_OK) { // Verify that the parse operation completed successfully if (getAuthTokenRespParse.state == DONE_PARSING) @@ -803,6 +813,9 @@ CreateGetAuthTokenResp( CASA_FACILITY_AUTHTOKEN, CASA_STATUS_INSUFFICIENT_RESOURCES); } + +exit: + DbgTrace(1, "-CreateGetAuthTokenResp- End, retStatus = %08X\n", retStatus); return retStatus; diff --git a/CASA-auth-token/client/library/internal.h b/CASA-auth-token/client/library/internal.h index 8e17ab41..79353323 100644 --- a/CASA-auth-token/client/library/internal.h +++ b/CASA-auth-token/client/library/internal.h @@ -41,10 +41,6 @@ #define MAX_RPC_REPLY_SZ (256 * 1024) -#ifndef U32_MAX -#define U32_MAX (~(uint32_t)0) -#endif - // // Authentication Context structure // @@ -52,11 +48,11 @@ typedef struct _AuthContext { LIST_ENTRY listEntry; char *pContext; - int contextLen; + size_t contextLen; char *pMechanism; - int mechanismLen; + size_t mechanismLen; char *pMechInfo; - int mechInfoLen; + size_t mechInfoLen; } AuthContext, *PAuthContext; @@ -74,8 +70,8 @@ typedef struct _AuthPolicy // typedef struct _GetAuthPolicyResp { - char *pPolicy; - int policyLen; + char *pPolicy; + size_t policyLen; } GetAuthPolicyResp, *PGetAuthPolicyResp; @@ -84,9 +80,9 @@ typedef struct _GetAuthPolicyResp // typedef struct _GetAuthTokenResp { - char *pToken; - int tokenLen; - int tokenLifetime; + char *pToken; + size_t tokenLen; + int tokenLifetime; } GetAuthTokenResp, *PGetAuthTokenResp; @@ -95,9 +91,9 @@ typedef struct _GetAuthTokenResp // typedef struct _AuthenticateResp { - char *pToken; - int tokenLen; - int tokenLifetime; + char *pToken; + size_t tokenLen; + int tokenLifetime; } AuthenticateResp, *PAuthenticateResp; @@ -177,7 +173,7 @@ extern CasaStatus CreateGetAuthPolicyResp( IN char *pRespMsg, - IN int respLen, + IN size_t respLen, INOUT GetAuthPolicyResp **ppGetAuthPolicyResp); extern @@ -202,7 +198,7 @@ extern CasaStatus CreateAuthPolicy( IN char *pEncodedData, - IN int encodedDataLen, + IN size_t encodedDataLen, INOUT AuthPolicy **ppAuthPolicy); extern @@ -247,7 +243,7 @@ extern CasaStatus CreateGetAuthTokenResp( IN char *pRespMsg, - IN int respLen, + IN size_t respLen, INOUT GetAuthTokenResp **ppGetAuthTokenResp); extern @@ -425,17 +421,17 @@ extern CasaStatus EncodeData( IN const void *pData, - IN const int32_t dataLen, + IN const uint32_t dataLen, INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); + INOUT uint32_t *pEncodedDataLen); extern CasaStatus DecodeData( IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator + IN const uint32_t encodedDataLen, // Does not include NULL terminator INOUT void **ppData, - INOUT int32_t *pDataLen); + INOUT uint32_t *pDataLen); extern int diff --git a/CASA-auth-token/client/library/mech_if.h b/CASA-auth-token/client/library/mech_if.h index 7a690005..31d5469d 100644 --- a/CASA-auth-token/client/library/mech_if.h +++ b/CASA-auth-token/client/library/mech_if.h @@ -91,7 +91,7 @@ CasaStatus IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, - INOUT int *pTokenBufLen); + INOUT uint32_t *pTokenBufLen); // // Arguments: // pIfInstance - diff --git a/CASA-auth-token/client/library/mechanisms/krb5/internal.h b/CASA-auth-token/client/library/mechanisms/krb5/internal.h index 5f88480d..c627dbb0 100644 --- a/CASA-auth-token/client/library/mechanisms/krb5/internal.h +++ b/CASA-auth-token/client/library/mechanisms/krb5/internal.h @@ -60,7 +60,7 @@ AuthTokenIf_GetAuthToken( IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, - INOUT int *pTokenBufLen); + INOUT size_t *pTokenBufLen); extern int @@ -74,17 +74,17 @@ extern CasaStatus EncodeData( IN const void *pData, - IN const int32_t dataLen, + IN const uint32_t dataLen, INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); + INOUT uint32_t *pEncodedDataLen); extern CasaStatus DecodeData( IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator + IN const uint32_t encodedDataLen, // Does not include NULL terminator INOUT void **ppData, - INOUT int32_t *pDataLen); + INOUT uint32_t *pDataLen); extern int diff --git a/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c b/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c index 26e965b5..bd3495d4 100644 --- a/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c +++ b/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c @@ -129,7 +129,7 @@ AuthTokenIf_GetAuthToken( IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, - INOUT int *pTokenBufLen) + INOUT uint32_t *pTokenBufLen) // // Arguments: // pIfInstance - @@ -186,7 +186,7 @@ AuthTokenIf_GetAuthToken( //=======================================================================-- { CasaStatus retStatus; - char const *pKrbServiceName = pMechInfo; + char *pKrbServiceName = (char*) pMechInfo; OM_uint32 gssMajStat; OM_uint32 gssMinStat; gss_buffer_desc gssBuffer; @@ -272,45 +272,56 @@ AuthTokenIf_GetAuthToken( if (gssMajStat == GSS_S_COMPLETE && gssSendToken.length != 0) { - char *pEncodedToken; - int encodedTokenLen; - - // The security context was initialized, now return the token to the - // caller after base64 encoding it. - retStatus = EncodeData(gssSendToken.value, - gssSendToken.length, - &pEncodedToken, - &encodedTokenLen); - if (CASA_SUCCESS(retStatus)) + // Make sure that the token is not too large + if (gssSendToken.length <= UINT32_MAX) { - // Verify that the caller provided a buffer that is big enough - if (encodedTokenLen > *pTokenBufLen) - { - // At least one of the supplied buffers is not big enough - DbgTrace(1, "-AuthTokenIf_GetAuthToken- Insufficient buffer space provided\n", 0); + char *pEncodedToken; + uint32_t encodedTokenLen; - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_BUFFER_OVERFLOW); + // The security context was initialized, now return the token to the + // caller after base64 encoding it. + retStatus = EncodeData(gssSendToken.value, + gssSendToken.length, + &pEncodedToken, + &encodedTokenLen); + if (CASA_SUCCESS(retStatus)) + { + // Verify that the caller provided a buffer that is big enough + if (encodedTokenLen > *pTokenBufLen) + { + // At least one of the supplied buffers is not big enough + DbgTrace(1, "-AuthTokenIf_GetAuthToken- Insufficient buffer space provided\n", 0); + + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_KRB5TOKEN, + CASA_STATUS_BUFFER_OVERFLOW); + } + else + { + // The buffer provided is large enough, copy the data and return the actual size. + memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); + + // Success + retStatus = CASA_STATUS_SUCCESS; + } + + // Return the actual size or the size required + *pTokenBufLen = encodedTokenLen; + + // Free the buffer containing the encoded token + free(pEncodedToken); } else { - // The buffer provided is large enough, copy the data and return the actual size. - memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; + DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0); } - - // Return the actual size or the size required - *pTokenBufLen = encodedTokenLen; - - // Free the buffer containing the encoded token - free(pEncodedToken); } else { - DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0); + DbgTrace(0, "-AuthTokenIf_GetAuthToken- GSS Token too large\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_KRB5TOKEN, + CASA_STATUS_UNSUCCESSFUL); } } else diff --git a/CASA-auth-token/client/library/mechanisms/krb5/util.c b/CASA-auth-token/client/library/mechanisms/krb5/util.c index 93f94988..946e4e25 100644 --- a/CASA-auth-token/client/library/mechanisms/krb5/util.c +++ b/CASA-auth-token/client/library/mechanisms/krb5/util.c @@ -65,9 +65,9 @@ static const uint8_t g_Expand64[256] = CasaStatus EncodeData( IN const void *pData, - IN const int32_t dataLen, + IN const uint32_t dataLen, INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) + INOUT uint32_t *pEncodedDataLen) // // Arguments: // @@ -150,9 +150,9 @@ EncodeData( CasaStatus DecodeData( IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator + IN const uint32_t encodedDataLen, // Does not include NULL terminator INOUT void **ppData, - INOUT int32_t *pDataLen) + INOUT uint32_t *pDataLen) // // Arguments: // @@ -164,8 +164,8 @@ DecodeData( //=======================================================================-- { CasaStatus retStatus; - int i, j; - int decodedSize; + uint32_t i, j; + size_t decodedSize; DbgTrace(3, "-DecodeData- Start\n", 0); @@ -175,98 +175,110 @@ DecodeData( j++; decodedSize = (j * 3 + 3) / 4; - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) + // Verify that we are not going to overflow the uint32 + if (decodedSize <= UINT32_MAX) { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) + // Allocate buffer to hold the decoded data + *ppData = malloc(decodedSize); + if (*ppData) { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); + bool endReached = false; + uint8_t c0, c1, c2, c3; + uint8_t *p, *q; - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); + // Initialize parameters that will be used during the decode operation + c0 = c1 = c2 = c3 = 0; + p = (uint8_t*) pEncodedData; + q = (uint8_t*) *ppData; - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); + // Decode the data + // + // Loop through the data, piecing back information. Any newlines, and/or + // carriage returns need to be skipped. + while (j > 4) + { + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + endReached = true; + break; + } + c0 = *(p++); - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2); + j--; + endReached = true; + break; + } + c1 = *(p++); - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4); + j -= 2; + endReached = true; + break; + } + c2 = *(p++); + + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); + *(q++) = (uint8_t)(g_Expand64[c2] << 6); + j -= 3; + endReached = true; + break; + } + c3 = *(p++); + + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); + *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); + j -= 4; + } + if (!endReached) + { + if (j > 1) + *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); + if (j > 2) + *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); + if (j > 3) + *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); + } + + // Return the length of the decoded data + *pDataLen = (int32_t)(q - (uint8_t*)*ppData); + + // Success + retStatus = CASA_STATUS_SUCCESS; } - if (!endReached) + else { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); + DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); + + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_INSUFFICIENT_RESOURCES); } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; } else { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); + DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0); retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_UNSUCCESSFUL); } DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus); diff --git a/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c b/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c index 46262248..e8711cc1 100644 --- a/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c +++ b/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c @@ -43,7 +43,7 @@ AuthTokenIf_GetAuthToken( IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, - INOUT int *pTokenBufLen) + INOUT uint32_t *pTokenBufLen) // // Arguments: // pIfInstance - @@ -131,6 +131,9 @@ AuthTokenIf_GetAuthToken( else { DbgTrace(0, "-AuthTokenIf_GetAuthToken- Memory allocation failure\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_KRB5TOKEN, + CASA_STATUS_INSUFFICIENT_RESOURCES); goto exit; } } @@ -180,40 +183,55 @@ AuthTokenIf_GetAuthToken( &expiry); if (secStatus == SEC_E_OK) { - char *pEncodedToken; - int encodedTokenLen; - - // The security context was initialized, now return it to the caller after base64 encoding it. - retStatus = EncodeData(sendTok.pvBuffer, - (const int) sendTok.cbBuffer, - &pEncodedToken, - &encodedTokenLen); - if (CASA_SUCCESS(retStatus)) + // Make sure that the token is not too large + if (sendTok.cbBuffer <= UINT32_MAX) { - // Verify that the caller provided a buffer that is big enough - if (encodedTokenLen > *pTokenBufLen) + uint32_t encodedTokenLen; + char *pEncodedToken; + + // The security context was initialized, now return it to the caller after base64 encoding it. + retStatus = EncodeData(sendTok.pvBuffer, + (const uint32_t) sendTok.cbBuffer, + &pEncodedToken, + &encodedTokenLen); + if (CASA_SUCCESS(retStatus)) { - // The buffer is not big enough - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_BUFFER_OVERFLOW); + // Verify that the caller provided a buffer that is big enough + if (encodedTokenLen > *pTokenBufLen) + { + // The buffer is not big enough + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_KRB5TOKEN, + CASA_STATUS_BUFFER_OVERFLOW); + } + else + { + // The buffer provided is large enough, copy the data. + memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); + + // Success + retStatus = CASA_STATUS_SUCCESS; + } + + // Return the actual size or the size required + *pTokenBufLen = encodedTokenLen; + + // Free the buffer containing the encoded token after clearing + // its memory to avoid leaking sensitive information. + memset(pEncodedToken, 0, strlen(pEncodedToken)); + free(pEncodedToken); } else { - // The buffer provided is large enough, copy the data. - memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; + DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0); } - - // Return the actual size or the size required - *pTokenBufLen = encodedTokenLen; - - // Free the buffer containing the encoded token after clearing - // its memory to avoid leaking sensitive information. - memset(pEncodedToken, 0, strlen(pEncodedToken)); - free(pEncodedToken); + } + else + { + DbgTrace(0, "-AuthTokenIf_GetAuthToken- GSS Token too large\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_KRB5TOKEN, + CASA_STATUS_UNSUCCESSFUL); } // Delete the security context diff --git a/CASA-auth-token/client/library/mechanisms/pwd/get.c b/CASA-auth-token/client/library/mechanisms/pwd/get.c index dfca87f9..391ba9cb 100644 --- a/CASA-auth-token/client/library/mechanisms/pwd/get.c +++ b/CASA-auth-token/client/library/mechanisms/pwd/get.c @@ -87,7 +87,7 @@ GetUserCredentials( // Get the length of the realm string into the secret id structure // and verify thatr it is not too long. secretIdLen = sscs_Utf8Strlen(pRealm) + 1; - if (secretIdLen <= U32_MAX) + if (secretIdLen <= UINT32_MAX) { secretId.len = secretIdLen; if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN) @@ -219,7 +219,7 @@ AuthTokenIf_GetAuthToken( IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, - INOUT int *pTokenBufLen) + INOUT size_t *pTokenBufLen) // // Arguments: // pIfInstance - @@ -300,63 +300,80 @@ AuthTokenIf_GetAuthToken( &pPassword); if (CASA_SUCCESS(retStatus)) { - // Now construct the PW token with the following format: - // "username\r\n" + "password\r\n" - // - // First allocate a buffer large enough to hold the token - pToken = (char*) malloc(strlen(pUsername) + 2 + strlen(pPassword) + 2 + 1); - if (pToken) + size_t tokenLen = strlen(pUsername) + 2 + strlen(pPassword) + 2 + 1; + + // Make sure that the token is not too large + if (tokenLen <= UINT32_MAX) { - char *pEncodedToken; - int encodedTokenLen; - - // Now assemble the token - sprintf(pToken, "%s\r\n%s\r\n", pUsername, pPassword); - - // The token has been assembled, now encode it. - retStatus = EncodeData(pToken, - (const int) strlen(pToken), - &pEncodedToken, - &encodedTokenLen); - if (CASA_SUCCESS(retStatus)) + // Now construct the PW token with the following format: + // "username\r\n" + "password\r\n" + // + // First allocate a buffer large enough to hold the token + pToken = (char*) malloc(strlen(pUsername) + 2 + strlen(pPassword) + 2 + 1); + if (pToken) { - // Verify that the caller provided a buffer that is big enough - if (encodedTokenLen > *pTokenBufLen) + char *pEncodedToken; + uint32_t encodedTokenLen; + + // Now assemble the token + sprintf(pToken, "%s\r\n%s\r\n", pUsername, pPassword); + + // The token has been assembled, now encode it. + retStatus = EncodeData(pToken, + (const uint32_t) tokenLen, + &pEncodedToken, + &encodedTokenLen); + if (CASA_SUCCESS(retStatus)) { - // The buffer is not big enough - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); + // Verify that the caller provided a buffer that is big enough + if (encodedTokenLen > *pTokenBufLen) + { + // The buffer is not big enough + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_PWTOKEN, + CASA_STATUS_BUFFER_OVERFLOW); + } + else + { + // The buffer provided is large enough, copy the data. + memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); + + // Success + retStatus = CASA_STATUS_SUCCESS; + } + + // Return the actual size or the size required + *pTokenBufLen = encodedTokenLen; + + // Free the buffer containing the encoded token after clearing + // it to avoid leaking sensitive information. + memset(pEncodedToken, 0, strlen(pEncodedToken)); + free(pEncodedToken); } else { - // The buffer provided is large enough, copy the data. - memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; + DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0); } - // Return the actual size or the size required - *pTokenBufLen = encodedTokenLen; - - // Free the buffer containing the encoded token after clearing - // it to avoid leaking sensitive information. - memset(pEncodedToken, 0, strlen(pEncodedToken)); - free(pEncodedToken); + // Free the buffer allocated for the token after clearing it + // to avoid leaving sensitive information behind. + memset(pToken, 0, strlen(pToken)); + free(pToken); + } + else + { + DbgTrace(0, "-AuthTokenIf_GetAuthToken- Buffer allocation error\n", 0); + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_PWTOKEN, + CASA_STATUS_INSUFFICIENT_RESOURCES); } - - // Free the buffer allocated for the token after clearing it - // to avoid leaving sensitive information behind. - memset(pToken, 0, strlen(pToken)); - free(pToken); } else { - DbgTrace(0, "-AuthTokenIf_GetAuthToken- Buffer allocation error\n", 0); + DbgTrace(0, "-AuthTokenIf_GetAuthToken- Token too large\n", 0); retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); + CASA_FACILITY_KRB5TOKEN, + CASA_STATUS_UNSUCCESSFUL); } // Free allocated buffers after clearing memory holding the password diff --git a/CASA-auth-token/client/library/mechanisms/pwd/internal.h b/CASA-auth-token/client/library/mechanisms/pwd/internal.h index d79dfea7..5c71de1b 100644 --- a/CASA-auth-token/client/library/mechanisms/pwd/internal.h +++ b/CASA-auth-token/client/library/mechanisms/pwd/internal.h @@ -37,10 +37,6 @@ //===[ Type definitions ]================================================== -#ifndef U32_MAX -#define U32_MAX (~(uint32_t)0) -#endif - //===[ Inlines functions ]=============================================== //===[ Function prototypes ]=============================================== @@ -66,7 +62,7 @@ AuthTokenIf_GetAuthToken( IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, - INOUT int *pTokenBufLen); + INOUT size_t *pTokenBufLen); // // Defined in utils.c @@ -76,17 +72,17 @@ extern CasaStatus EncodeData( IN const void *pData, - IN const int32_t dataLen, + IN const uint32_t dataLen, INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); + INOUT uint32_t *pEncodedDataLen); extern CasaStatus DecodeData( IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator + IN const uint32_t encodedDataLen, // Does not include NULL terminator INOUT void **ppData, - INOUT int32_t *pDataLen); + INOUT uint32_t *pDataLen); extern int diff --git a/CASA-auth-token/client/library/mechanisms/pwd/util.c b/CASA-auth-token/client/library/mechanisms/pwd/util.c index 93f94988..946e4e25 100644 --- a/CASA-auth-token/client/library/mechanisms/pwd/util.c +++ b/CASA-auth-token/client/library/mechanisms/pwd/util.c @@ -65,9 +65,9 @@ static const uint8_t g_Expand64[256] = CasaStatus EncodeData( IN const void *pData, - IN const int32_t dataLen, + IN const uint32_t dataLen, INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) + INOUT uint32_t *pEncodedDataLen) // // Arguments: // @@ -150,9 +150,9 @@ EncodeData( CasaStatus DecodeData( IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator + IN const uint32_t encodedDataLen, // Does not include NULL terminator INOUT void **ppData, - INOUT int32_t *pDataLen) + INOUT uint32_t *pDataLen) // // Arguments: // @@ -164,8 +164,8 @@ DecodeData( //=======================================================================-- { CasaStatus retStatus; - int i, j; - int decodedSize; + uint32_t i, j; + size_t decodedSize; DbgTrace(3, "-DecodeData- Start\n", 0); @@ -175,98 +175,110 @@ DecodeData( j++; decodedSize = (j * 3 + 3) / 4; - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) + // Verify that we are not going to overflow the uint32 + if (decodedSize <= UINT32_MAX) { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) + // Allocate buffer to hold the decoded data + *ppData = malloc(decodedSize); + if (*ppData) { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); + bool endReached = false; + uint8_t c0, c1, c2, c3; + uint8_t *p, *q; - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); + // Initialize parameters that will be used during the decode operation + c0 = c1 = c2 = c3 = 0; + p = (uint8_t*) pEncodedData; + q = (uint8_t*) *ppData; - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); + // Decode the data + // + // Loop through the data, piecing back information. Any newlines, and/or + // carriage returns need to be skipped. + while (j > 4) + { + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + endReached = true; + break; + } + c0 = *(p++); - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2); + j--; + endReached = true; + break; + } + c1 = *(p++); - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4); + j -= 2; + endReached = true; + break; + } + c2 = *(p++); + + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); + *(q++) = (uint8_t)(g_Expand64[c2] << 6); + j -= 3; + endReached = true; + break; + } + c3 = *(p++); + + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); + *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); + j -= 4; + } + if (!endReached) + { + if (j > 1) + *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); + if (j > 2) + *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); + if (j > 3) + *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); + } + + // Return the length of the decoded data + *pDataLen = (int32_t)(q - (uint8_t*)*ppData); + + // Success + retStatus = CASA_STATUS_SUCCESS; } - if (!endReached) + else { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); + DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); + + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_INSUFFICIENT_RESOURCES); } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; } else { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); + DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0); retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_UNSUCCESSFUL); } DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus); diff --git a/CASA-auth-token/client/library/util.c b/CASA-auth-token/client/library/util.c index a5fbf7cb..0cb03fcb 100644 --- a/CASA-auth-token/client/library/util.c +++ b/CASA-auth-token/client/library/util.c @@ -62,9 +62,9 @@ static const uint8_t g_Expand64[256] = CasaStatus EncodeData( IN const void *pData, - IN const int32_t dataLen, + IN const uint32_t dataLen, INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) + INOUT uint32_t *pEncodedDataLen) // // Arguments: // @@ -147,9 +147,9 @@ EncodeData( CasaStatus DecodeData( IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator + IN const uint32_t encodedDataLen, // Does not include NULL terminator INOUT void **ppData, - INOUT int32_t *pDataLen) + INOUT uint32_t *pDataLen) // // Arguments: // @@ -161,8 +161,8 @@ DecodeData( //=======================================================================-- { CasaStatus retStatus; - int i, j; - int decodedSize; + uint32_t i, j; + size_t decodedSize; DbgTrace(3, "-DecodeData- Start\n", 0); @@ -172,98 +172,110 @@ DecodeData( j++; decodedSize = (j * 3 + 3) / 4; - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) + // Verify that we are not going to overflow the uint32 + if (decodedSize <= UINT32_MAX) { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) + // Allocate buffer to hold the decoded data + *ppData = malloc(decodedSize); + if (*ppData) { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); + bool endReached = false; + uint8_t c0, c1, c2, c3; + uint8_t *p, *q; - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); + // Initialize parameters that will be used during the decode operation + c0 = c1 = c2 = c3 = 0; + p = (uint8_t*) pEncodedData; + q = (uint8_t*) *ppData; - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); + // Decode the data + // + // Loop through the data, piecing back information. Any newlines, and/or + // carriage returns need to be skipped. + while (j > 4) + { + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + endReached = true; + break; + } + c0 = *(p++); - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2); + j--; + endReached = true; + break; + } + c1 = *(p++); - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4); + j -= 2; + endReached = true; + break; + } + c2 = *(p++); + + while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) + p++; + if (64 == g_Expand64[*p]) + { + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); + *(q++) = (uint8_t)(g_Expand64[c2] << 6); + j -= 3; + endReached = true; + break; + } + c3 = *(p++); + + *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); + *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); + *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); + j -= 4; + } + if (!endReached) + { + if (j > 1) + *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); + if (j > 2) + *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); + if (j > 3) + *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); + } + + // Return the length of the decoded data + *pDataLen = (int32_t)(q - (uint8_t*)*ppData); + + // Success + retStatus = CASA_STATUS_SUCCESS; } - if (!endReached) + else { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); + DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); + + retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, + CASA_FACILITY_AUTHTOKEN, + CASA_STATUS_INSUFFICIENT_RESOURCES); } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; } else { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); + DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0); retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); + CASA_STATUS_UNSUCCESSFUL); } DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);