aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-07-18 20:46:06 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-07-18 20:46:06 +0000
commitcc1d3998d2edee5d69c07d5e0a750d7e47f5564d (patch)
tree1afa7014cf120c9b72223dba0a480cdbf4c5927f
parentFixed format string issue in read_inline_file, (diff)
downloadopenvpn-cc1d3998d2edee5d69c07d5e0a750d7e47f5564d.tar.xz
Reverted some recent buffer.[ch] changes, including r3058 (except for
likely() and unlikely() macro additions to syshead.h) and r3061. I would like to give more thought to the bigger issue of fortifying buffer.[ch] through the use of additional defensive programming techniques. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3081 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r--buffer.c1
-rw-r--r--buffer.h77
-rw-r--r--tun.c7
3 files changed, 21 insertions, 64 deletions
diff --git a/buffer.c b/buffer.c
index c71cd86..8febc91 100644
--- a/buffer.c
+++ b/buffer.c
@@ -64,7 +64,6 @@ alloc_buf_gc (size_t size, struct gc_arena *gc)
#endif
{
struct buffer buf;
- ASSERT (size <= BUF_MAX);
buf.capacity = (int)size;
buf.offset = 0;
buf.len = 0;
diff --git a/buffer.h b/buffer.h
index 1b4b8ef..d8ef00f 100644
--- a/buffer.h
+++ b/buffer.h
@@ -43,8 +43,6 @@
/* basic buffer class for OpenVPN */
-#define BUF_MAX (1<<20) /* maximum allowed size of struct buffer offset and len */
-
struct buffer
{
int capacity; /* size of buffer allocated by malloc */
@@ -151,10 +149,7 @@ buf_reset_len (struct buffer *buf)
static inline bool
buf_init_dowork (struct buffer *buf, int offset)
{
- if (unlikely (offset < 0)
- || unlikely (offset > buf->capacity)
- || unlikely (offset > BUF_MAX)
- || unlikely (buf->data == NULL))
+ if (offset < 0 || offset > buf->capacity || buf->data == NULL)
return false;
buf->len = 0;
buf->offset = offset;
@@ -181,8 +176,6 @@ buf_set_write (struct buffer *buf, uint8_t *data, int size)
static inline void
buf_set_read (struct buffer *buf, const uint8_t *data, int size)
{
- if (unlikely(size > BUF_MAX))
- size = 0;
buf->len = buf->capacity = size;
buf->offset = 0;
buf->data = (uint8_t *)data;
@@ -292,50 +285,32 @@ struct buffer buf_sub (struct buffer *buf, int size, bool prepend);
static inline bool
buf_safe (const struct buffer *buf, int len)
{
- if (unlikely(buf->offset > BUF_MAX) || unlikely(buf->len) > BUF_MAX || unlikely(len > BUF_MAX))
- return false;
- else
- return likely(len >= 0) && likely(buf->offset + buf->len + len <= buf->capacity);
+ return len >= 0 && buf->offset + buf->len + len <= buf->capacity;
}
static inline bool
buf_safe_bidir (const struct buffer *buf, int len)
{
- if (unlikely(buf->offset > BUF_MAX) || unlikely(buf->len) > BUF_MAX || unlikely(len > BUF_MAX))
- return false;
- else
- {
- const int newlen = buf->len + len;
- return likely(newlen >= 0) && likely(buf->offset + newlen <= buf->capacity);
- }
+ const int newlen = buf->len + len;
+ return newlen >= 0 && buf->offset + newlen <= buf->capacity;
}
static inline int
buf_forward_capacity (const struct buffer *buf)
{
- if (unlikely(buf->offset > BUF_MAX) || unlikely(buf->len) > BUF_MAX)
- return 0;
- else
- {
- int ret = buf->capacity - (buf->offset + buf->len);
- if (ret < 0)
- ret = 0;
- return ret;
- }
+ int ret = buf->capacity - (buf->offset + buf->len);
+ if (ret < 0)
+ ret = 0;
+ return ret;
}
static inline int
buf_forward_capacity_total (const struct buffer *buf)
{
- if (unlikely(buf->offset > BUF_MAX))
- return 0;
- else
- {
- int ret = buf->capacity - buf->offset;
- if (ret < 0)
- ret = 0;
- return ret;
- }
+ int ret = buf->capacity - buf->offset;
+ if (ret < 0)
+ ret = 0;
+ return ret;
}
static inline int
@@ -347,7 +322,7 @@ buf_reverse_capacity (const struct buffer *buf)
static inline bool
buf_inc_len (struct buffer *buf, int inc)
{
- if (unlikely(!buf_safe_bidir (buf, inc)))
+ if (!buf_safe_bidir (buf, inc))
return false;
buf->len += inc;
return true;
@@ -361,11 +336,7 @@ buf_inc_len (struct buffer *buf, int inc)
static inline uint8_t *
buf_prepend (struct buffer *buf, int size)
{
- if (unlikely(size < 0)
- || unlikely(size > buf->offset)
- || unlikely(size > BUF_MAX)
- || unlikely(buf->offset > BUF_MAX)
- || unlikely(buf->len > BUF_MAX))
+ if (size < 0 || size > buf->offset)
return NULL;
buf->offset -= size;
buf->len += size;
@@ -375,11 +346,7 @@ buf_prepend (struct buffer *buf, int size)
static inline bool
buf_advance (struct buffer *buf, int size)
{
- if (unlikely(size < 0)
- || unlikely(buf->len < size)
- || unlikely(size > BUF_MAX)
- || unlikely(buf->offset > BUF_MAX)
- || unlikely(buf->len > BUF_MAX))
+ if (size < 0 || buf->len < size)
return false;
buf->offset += size;
buf->len -= size;
@@ -483,15 +450,11 @@ buf_copy_range (struct buffer *dest,
int src_index,
int src_len)
{
- if (unlikely(src_index < 0)
- || unlikely(src_len < 0)
- || unlikely(src_index > BUF_MAX)
- || unlikely(src_len > BUF_MAX)
- || unlikely(dest->offset > BUF_MAX)
- || unlikely(dest_index > BUF_MAX)
- || unlikely(src_index + src_len > src->len)
- || unlikely(dest_index < 0)
- || unlikely(dest->offset + dest_index + src_len > dest->capacity))
+ if (src_index < 0
+ || src_len < 0
+ || src_index + src_len > src->len
+ || dest_index < 0
+ || dest->offset + dest_index + src_len > dest->capacity)
return false;
memcpy (dest->data + dest->offset + dest_index, src->data + src->offset + src_index, src_len);
if (dest_index + src_len > dest->len)
diff --git a/tun.c b/tun.c
index bc3466b..c1494d9 100644
--- a/tun.c
+++ b/tun.c
@@ -2033,12 +2033,7 @@ tun_finalize (
}
if (buf)
- {
- if (ret < 0)
- buf->len = 0;
- else
- buf->len = ret;
- }
+ buf->len = ret;
return ret;
}