diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-07-18 20:46:06 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-07-18 20:46:06 +0000 |
commit | cc1d3998d2edee5d69c07d5e0a750d7e47f5564d (patch) | |
tree | 1afa7014cf120c9b72223dba0a480cdbf4c5927f | |
parent | Fixed format string issue in read_inline_file, (diff) | |
download | openvpn-cc1d3998d2edee5d69c07d5e0a750d7e47f5564d.tar.xz |
Reverted some recent buffer.[ch] changes, including r3058 (except for
likely() and unlikely() macro additions to syshead.h) and r3061.
I would like to give more thought to the bigger issue of fortifying
buffer.[ch] through the use of additional defensive programming techniques.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3081 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r-- | buffer.c | 1 | ||||
-rw-r--r-- | buffer.h | 77 | ||||
-rw-r--r-- | tun.c | 7 |
3 files changed, 21 insertions, 64 deletions
@@ -64,7 +64,6 @@ alloc_buf_gc (size_t size, struct gc_arena *gc) #endif { struct buffer buf; - ASSERT (size <= BUF_MAX); buf.capacity = (int)size; buf.offset = 0; buf.len = 0; @@ -43,8 +43,6 @@ /* basic buffer class for OpenVPN */ -#define BUF_MAX (1<<20) /* maximum allowed size of struct buffer offset and len */ - struct buffer { int capacity; /* size of buffer allocated by malloc */ @@ -151,10 +149,7 @@ buf_reset_len (struct buffer *buf) static inline bool buf_init_dowork (struct buffer *buf, int offset) { - if (unlikely (offset < 0) - || unlikely (offset > buf->capacity) - || unlikely (offset > BUF_MAX) - || unlikely (buf->data == NULL)) + if (offset < 0 || offset > buf->capacity || buf->data == NULL) return false; buf->len = 0; buf->offset = offset; @@ -181,8 +176,6 @@ buf_set_write (struct buffer *buf, uint8_t *data, int size) static inline void buf_set_read (struct buffer *buf, const uint8_t *data, int size) { - if (unlikely(size > BUF_MAX)) - size = 0; buf->len = buf->capacity = size; buf->offset = 0; buf->data = (uint8_t *)data; @@ -292,50 +285,32 @@ struct buffer buf_sub (struct buffer *buf, int size, bool prepend); static inline bool buf_safe (const struct buffer *buf, int len) { - if (unlikely(buf->offset > BUF_MAX) || unlikely(buf->len) > BUF_MAX || unlikely(len > BUF_MAX)) - return false; - else - return likely(len >= 0) && likely(buf->offset + buf->len + len <= buf->capacity); + return len >= 0 && buf->offset + buf->len + len <= buf->capacity; } static inline bool buf_safe_bidir (const struct buffer *buf, int len) { - if (unlikely(buf->offset > BUF_MAX) || unlikely(buf->len) > BUF_MAX || unlikely(len > BUF_MAX)) - return false; - else - { - const int newlen = buf->len + len; - return likely(newlen >= 0) && likely(buf->offset + newlen <= buf->capacity); - } + const int newlen = buf->len + len; + return newlen >= 0 && buf->offset + newlen <= buf->capacity; } static inline int buf_forward_capacity (const struct buffer *buf) { - if (unlikely(buf->offset > BUF_MAX) || unlikely(buf->len) > BUF_MAX) - return 0; - else - { - int ret = buf->capacity - (buf->offset + buf->len); - if (ret < 0) - ret = 0; - return ret; - } + int ret = buf->capacity - (buf->offset + buf->len); + if (ret < 0) + ret = 0; + return ret; } static inline int buf_forward_capacity_total (const struct buffer *buf) { - if (unlikely(buf->offset > BUF_MAX)) - return 0; - else - { - int ret = buf->capacity - buf->offset; - if (ret < 0) - ret = 0; - return ret; - } + int ret = buf->capacity - buf->offset; + if (ret < 0) + ret = 0; + return ret; } static inline int @@ -347,7 +322,7 @@ buf_reverse_capacity (const struct buffer *buf) static inline bool buf_inc_len (struct buffer *buf, int inc) { - if (unlikely(!buf_safe_bidir (buf, inc))) + if (!buf_safe_bidir (buf, inc)) return false; buf->len += inc; return true; @@ -361,11 +336,7 @@ buf_inc_len (struct buffer *buf, int inc) static inline uint8_t * buf_prepend (struct buffer *buf, int size) { - if (unlikely(size < 0) - || unlikely(size > buf->offset) - || unlikely(size > BUF_MAX) - || unlikely(buf->offset > BUF_MAX) - || unlikely(buf->len > BUF_MAX)) + if (size < 0 || size > buf->offset) return NULL; buf->offset -= size; buf->len += size; @@ -375,11 +346,7 @@ buf_prepend (struct buffer *buf, int size) static inline bool buf_advance (struct buffer *buf, int size) { - if (unlikely(size < 0) - || unlikely(buf->len < size) - || unlikely(size > BUF_MAX) - || unlikely(buf->offset > BUF_MAX) - || unlikely(buf->len > BUF_MAX)) + if (size < 0 || buf->len < size) return false; buf->offset += size; buf->len -= size; @@ -483,15 +450,11 @@ buf_copy_range (struct buffer *dest, int src_index, int src_len) { - if (unlikely(src_index < 0) - || unlikely(src_len < 0) - || unlikely(src_index > BUF_MAX) - || unlikely(src_len > BUF_MAX) - || unlikely(dest->offset > BUF_MAX) - || unlikely(dest_index > BUF_MAX) - || unlikely(src_index + src_len > src->len) - || unlikely(dest_index < 0) - || unlikely(dest->offset + dest_index + src_len > dest->capacity)) + if (src_index < 0 + || src_len < 0 + || src_index + src_len > src->len + || dest_index < 0 + || dest->offset + dest_index + src_len > dest->capacity) return false; memcpy (dest->data + dest->offset + dest_index, src->data + src->offset + src_index, src_len); if (dest_index + src_len > dest->len) @@ -2033,12 +2033,7 @@ tun_finalize ( } if (buf) - { - if (ret < 0) - buf->len = 0; - else - buf->len = ret; - } + buf->len = ret; return ret; } |