GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: lib/libcrypto/crypto/../../libssl/src/crypto/asn1/a_d2i_fp.c Lines: 0 118 0.0 %
Date: 2016-12-06 Branches: 0 66 0.0 %

Line Branch Exec Source
1
/* $OpenBSD: a_d2i_fp.c,v 1.15 2016/05/20 15:46:21 bcook Exp $ */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
 * All rights reserved.
4
 *
5
 * This package is an SSL implementation written
6
 * by Eric Young (eay@cryptsoft.com).
7
 * The implementation was written so as to conform with Netscapes SSL.
8
 *
9
 * This library is free for commercial and non-commercial use as long as
10
 * the following conditions are aheared to.  The following conditions
11
 * apply to all code found in this distribution, be it the RC4, RSA,
12
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13
 * included with this distribution is covered by the same copyright terms
14
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
 *
16
 * Copyright remains Eric Young's, and as such any Copyright notices in
17
 * the code are not to be removed.
18
 * If this package is used in a product, Eric Young should be given attribution
19
 * as the author of the parts of the library used.
20
 * This can be in the form of a textual message at program startup or
21
 * in documentation (online or textual) provided with the package.
22
 *
23
 * Redistribution and use in source and binary forms, with or without
24
 * modification, are permitted provided that the following conditions
25
 * are met:
26
 * 1. Redistributions of source code must retain the copyright
27
 *    notice, this list of conditions and the following disclaimer.
28
 * 2. Redistributions in binary form must reproduce the above copyright
29
 *    notice, this list of conditions and the following disclaimer in the
30
 *    documentation and/or other materials provided with the distribution.
31
 * 3. All advertising materials mentioning features or use of this software
32
 *    must display the following acknowledgement:
33
 *    "This product includes cryptographic software written by
34
 *     Eric Young (eay@cryptsoft.com)"
35
 *    The word 'cryptographic' can be left out if the rouines from the library
36
 *    being used are not cryptographic related :-).
37
 * 4. If you include any Windows specific code (or a derivative thereof) from
38
 *    the apps directory (application code) you must include an acknowledgement:
39
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
 *
41
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
 * SUCH DAMAGE.
52
 *
53
 * The licence and distribution terms for any publically available version or
54
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55
 * copied and put under another distribution licence
56
 * [including the GNU Public Licence.]
57
 */
58
59
#include <limits.h>
60
#include <stdio.h>
61
62
#include <openssl/asn1.h>
63
#include <openssl/buffer.h>
64
#include <openssl/err.h>
65
66
static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
67
68
#ifndef NO_OLD_ASN1
69
70
void *
71
ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x)
72
{
73
	BIO *b;
74
	void *ret;
75
76
	if ((b = BIO_new(BIO_s_file())) == NULL) {
77
		ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
78
		return (NULL);
79
	}
80
	BIO_set_fp(b, in, BIO_NOCLOSE);
81
	ret = ASN1_d2i_bio(xnew, d2i, b, x);
82
	BIO_free(b);
83
	return (ret);
84
}
85
86
void *
87
ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x)
88
{
89
	BUF_MEM *b = NULL;
90
	const unsigned char *p;
91
	void *ret = NULL;
92
	int len;
93
94
	len = asn1_d2i_read_bio(in, &b);
95
	if (len < 0)
96
		goto err;
97
98
	p = (unsigned char *)b->data;
99
	ret = d2i(x, &p, len);
100
101
err:
102
	if (b != NULL)
103
		BUF_MEM_free(b);
104
	return (ret);
105
}
106
107
#endif
108
109
void *
110
ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
111
{
112
	BUF_MEM *b = NULL;
113
	const unsigned char *p;
114
	void *ret = NULL;
115
	int len;
116
117
	len = asn1_d2i_read_bio(in, &b);
118
	if (len < 0)
119
		goto err;
120
121
	p = (const unsigned char *)b->data;
122
	ret = ASN1_item_d2i(x, &p, len, it);
123
124
err:
125
	if (b != NULL)
126
		BUF_MEM_free(b);
127
	return (ret);
128
}
129
130
void *
131
ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
132
{
133
	BIO *b;
134
	char *ret;
135
136
	if ((b = BIO_new(BIO_s_file())) == NULL) {
137
		ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
138
		return (NULL);
139
	}
140
	BIO_set_fp(b, in, BIO_NOCLOSE);
141
	ret = ASN1_item_d2i_bio(it, b, x);
142
	BIO_free(b);
143
	return (ret);
144
}
145
146
#define HEADER_SIZE   8
147
#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
148
static int
149
asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
150
{
151
	BUF_MEM *b;
152
	unsigned char *p;
153
	int i;
154
	ASN1_const_CTX c;
155
	size_t want = HEADER_SIZE;
156
	int eos = 0;
157
	size_t off = 0;
158
	size_t len = 0;
159
160
	b = BUF_MEM_new();
161
	if (b == NULL) {
162
		ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
163
		return -1;
164
	}
165
166
	ERR_clear_error();
167
	for (;;) {
168
		if (want >= (len - off)) {
169
			want -= (len - off);
170
171
			if (len + want < len ||
172
			    !BUF_MEM_grow_clean(b, len + want)) {
173
				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
174
				    ERR_R_MALLOC_FAILURE);
175
				goto err;
176
			}
177
			i = BIO_read(in, &(b->data[len]), want);
178
			if ((i < 0) && ((len - off) == 0)) {
179
				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
180
				    ASN1_R_NOT_ENOUGH_DATA);
181
				goto err;
182
			}
183
			if (i > 0) {
184
				if (len + i < len) {
185
					ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
186
					    ASN1_R_TOO_LONG);
187
					goto err;
188
				}
189
				len += i;
190
			}
191
		}
192
		/* else data already loaded */
193
194
		p = (unsigned char *) & (b->data[off]);
195
		c.p = p;
196
		c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag),
197
		    &(c.xclass), len - off);
198
		if (c.inf & 0x80) {
199
			unsigned long e;
200
201
			e = ERR_GET_REASON(ERR_peek_error());
202
			if (e != ASN1_R_TOO_LONG)
203
				goto err;
204
			else
205
				ERR_clear_error(); /* clear error */
206
		}
207
		i = c.p - p;	/* header length */
208
		off += i;	/* end of data */
209
210
		if (c.inf & 1) {
211
			/* no data body so go round again */
212
			eos++;
213
			if (eos < 0) {
214
				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
215
				    ASN1_R_HEADER_TOO_LONG);
216
				goto err;
217
			}
218
			want = HEADER_SIZE;
219
		} else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
220
			/* eos value, so go back and read another header */
221
			eos--;
222
			if (eos <= 0)
223
				break;
224
			else
225
				want = HEADER_SIZE;
226
		} else {
227
			/* suck in c.slen bytes of data */
228
			want = c.slen;
229
			if (want > (len - off)) {
230
				size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
231
232
				want -= (len - off);
233
				if (want > INT_MAX /* BIO_read takes an int length */ ||
234
				    len+want < len) {
235
					ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
236
					    ASN1_R_TOO_LONG);
237
					goto err;
238
				}
239
				while (want > 0) {
240
					/*
241
					 * Read content in chunks of increasing size
242
					 * so we can return an error for EOF without
243
					 * having to allocate the entire content length
244
					 * in one go.
245
					 */
246
					size_t chunk = want > chunk_max ? chunk_max : want;
247
248
					if (!BUF_MEM_grow_clean(b, len + chunk)) {
249
						ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
250
						    ERR_R_MALLOC_FAILURE);
251
						goto err;
252
					}
253
					want -= chunk;
254
					while (chunk > 0) {
255
						i = BIO_read(in, &(b->data[len]), chunk);
256
						if (i <= 0) {
257
							ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
258
							    ASN1_R_NOT_ENOUGH_DATA);
259
							goto err;
260
						}
261
						/*
262
						 * This can't overflow because |len+want|
263
						 * didn't overflow.
264
						 */
265
						len += i;
266
						chunk -= i;
267
					}
268
					if (chunk_max < INT_MAX/2)
269
						chunk_max *= 2;
270
				}
271
			}
272
			if (off + c.slen < off) {
273
				ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
274
				goto err;
275
			}
276
			off += c.slen;
277
			if (eos <= 0) {
278
				break;
279
			} else
280
				want = HEADER_SIZE;
281
		}
282
	}
283
284
	if (off > INT_MAX) {
285
		ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
286
		goto err;
287
	}
288
289
	*pb = b;
290
	return off;
291
292
err:
293
	if (b != NULL)
294
		BUF_MEM_free(b);
295
	return -1;
296
}