From 156db5fb7c8ad3ef90b989aa1b4601af98993142 Mon Sep 17 00:00:00 2001
From: csoler <retroshare.project@gmail.com>
Date: Tue, 10 Dec 2013 19:51:47 +0000
Subject: [PATCH] removed asserts and added proper error handling

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@6940 b45a01b8-16f6-495d-af2f-9b41ad6348cc
---
 .../src/openpgpsdk/reader_encrypted_se.c      | 219 +++++++++---------
 .../src/openpgpsdk/reader_encrypted_seip.c    |   7 +-
 openpgpsdk/src/openpgpsdk/readerwriter.c      |   9 +-
 3 files changed, 125 insertions(+), 110 deletions(-)

diff --git a/openpgpsdk/src/openpgpsdk/reader_encrypted_se.c b/openpgpsdk/src/openpgpsdk/reader_encrypted_se.c
index 5837eed8f..d45fa8108 100644
--- a/openpgpsdk/src/openpgpsdk/reader_encrypted_se.c
+++ b/openpgpsdk/src/openpgpsdk/reader_encrypted_se.c
@@ -21,7 +21,6 @@
 
 #include <openpgpsdk/crypto.h>
 #include <string.h>
-#include <assert.h>
 #include <openssl/cast.h>
 #ifndef OPENSSL_NO_IDEA
 #include <openssl/idea.h>
@@ -63,116 +62,126 @@ typedef struct
 static int encrypted_data_reader(void *dest,size_t length,ops_error_t **errors,
 				 ops_reader_info_t *rinfo,
 				 ops_parse_cb_info_t *cbinfo)
-    {
-    encrypted_arg_t *arg=ops_reader_get_arg(rinfo);
-    int saved=length;
+{
+	encrypted_arg_t *arg=ops_reader_get_arg(rinfo);
+	int saved=length;
 
-    // V3 MPIs have the count plain and the cipher is reset after each count
-    if(arg->prev_read_was_plain && !rinfo->pinfo->reading_mpi_length)
+	// V3 MPIs have the count plain and the cipher is reset after each count
+	if(arg->prev_read_was_plain && !rinfo->pinfo->reading_mpi_length)
 	{
-	assert(rinfo->pinfo->reading_v3_secret);
-	arg->decrypt->decrypt_resync(arg->decrypt);
-	arg->prev_read_was_plain=ops_false;
+		if(!(rinfo->pinfo->reading_v3_secret)) // ASSERT(rinfo->pinfo->reading_v3_secret);
+		{
+			fprintf(stderr,"encrypted_data_reader: Expected non null value for rinfo->pinfo->reading_v3_secret") ;
+			return -1 ;
+		}
+		arg->decrypt->decrypt_resync(arg->decrypt);
+		arg->prev_read_was_plain=ops_false;
 	}
-    else if(rinfo->pinfo->reading_v3_secret
-	    && rinfo->pinfo->reading_mpi_length)
-        {
-	arg->prev_read_was_plain=ops_true;
-        }
-
-    while(length > 0)
+	else if(rinfo->pinfo->reading_v3_secret
+			&& rinfo->pinfo->reading_mpi_length)
 	{
-	if(arg->decrypted_count)
-	    {
-
-	    unsigned n;
-
-	    // if we are reading v3 we should never read more than
-	    // we're asked for
-	    assert(length >= arg->decrypted_count
-		   || (!rinfo->pinfo->reading_v3_secret
-		       && !rinfo->pinfo->exact_read));
-
-	    if(length > arg->decrypted_count)
-		n=arg->decrypted_count;
-	    else
-		n=length;
-
-	    memcpy(dest,arg->decrypted+arg->decrypted_offset,n);
-	    arg->decrypted_count-=n;
-	    arg->decrypted_offset+=n;
-	    length-=n;
-        dest+=n;
-	    }
-	else
-	    {
-	    unsigned n=arg->region->length;
-	    unsigned char buffer[1024];
-
-	    if(!n)
-            {
-		return -1;
-            }
-
-	    if(!arg->region->indeterminate)
-		{
-		n-=arg->region->length_read;
-		if(n == 0)
-		    return saved-length;
-		if(n > sizeof buffer)
-		    n=sizeof buffer;
-		}
-	    else
-            {
-		n=sizeof buffer;
-            }
-
-	    // we can only read as much as we're asked for in v3 keys
-	    // because they're partially unencrypted!
-	    if((rinfo->pinfo->reading_v3_secret || rinfo->pinfo->exact_read)
-	       && n > length)
-		n=length;
-
-	    if(!ops_stacked_limited_read(buffer,n,arg->region,errors,rinfo,
-					 cbinfo))
-            {
-		return -1;
-            }
-
-	    if(!rinfo->pinfo->reading_v3_secret
-	       || !rinfo->pinfo->reading_mpi_length)
-                {
-                arg->decrypted_count=ops_decrypt_se_ip(arg->decrypt,
-                                  arg->decrypted,
-                                  buffer,n);
-
-                if (debug)
-                    {
-                    fprintf(stderr,"READING:\nencrypted: ");
-                    int i=0;
-                    for (i=0; i<16; i++)
-                        fprintf(stderr,"%2x ", buffer[i]);
-                    fprintf(stderr,"\n");
-                    fprintf(stderr,"decrypted:   ");
-                    for (i=0; i<16; i++)
-                        fprintf(stderr,"%2x ", arg->decrypted[i]);
-                    fprintf(stderr,"\n");
-                    }
-                }
-	    else
-		{
-		memcpy(arg->decrypted,buffer,n);
-		arg->decrypted_count=n;
-		}
-
-	    assert(arg->decrypted_count > 0);
-
-	    arg->decrypted_offset=0;
-	    }
+		arg->prev_read_was_plain=ops_true;
 	}
 
-    return saved;
-    }
+	while(length > 0)
+	{
+		if(arg->decrypted_count)
+		{
+
+			unsigned n;
+
+			// if we are reading v3 we should never read more than
+			// we're asked for
+			if(!(length >= arg->decrypted_count || (!rinfo->pinfo->reading_v3_secret && !rinfo->pinfo->exact_read))) // ASSERT(length >= arg->decrypted_count || (!rinfo->pinfo->reading_v3_secret && !rinfo->pinfo->exact_read));
+			{
+				fprintf(stderr,"encrypted_data_reader: inconsistency in packet sizes") ;
+				return -1 ;
+			}
+
+			if(length > arg->decrypted_count)
+				n=arg->decrypted_count;
+			else
+				n=length;
+
+			memcpy(dest,arg->decrypted+arg->decrypted_offset,n);
+			arg->decrypted_count-=n;
+			arg->decrypted_offset+=n;
+			length-=n;
+			dest+=n;
+		}
+		else
+		{
+			unsigned n=arg->region->length;
+			unsigned char buffer[1024];
+
+			if(!n)
+			{
+				return -1;
+			}
+
+			if(!arg->region->indeterminate)
+			{
+				n-=arg->region->length_read;
+				if(n == 0)
+					return saved-length;
+				if(n > sizeof buffer)
+					n=sizeof buffer;
+			}
+			else
+			{
+				n=sizeof buffer;
+			}
+
+			// we can only read as much as we're asked for in v3 keys
+			// because they're partially unencrypted!
+			if((rinfo->pinfo->reading_v3_secret || rinfo->pinfo->exact_read)
+					&& n > length)
+				n=length;
+
+			if(!ops_stacked_limited_read(buffer,n,arg->region,errors,rinfo,
+						cbinfo))
+			{
+				return -1;
+			}
+
+			if(!rinfo->pinfo->reading_v3_secret
+					|| !rinfo->pinfo->reading_mpi_length)
+			{
+				arg->decrypted_count=ops_decrypt_se_ip(arg->decrypt,
+						arg->decrypted,
+						buffer,n);
+
+				if (debug)
+				{
+					fprintf(stderr,"READING:\nencrypted: ");
+					int i=0;
+					for (i=0; i<16; i++)
+						fprintf(stderr,"%2x ", buffer[i]);
+					fprintf(stderr,"\n");
+					fprintf(stderr,"decrypted:   ");
+					for (i=0; i<16; i++)
+						fprintf(stderr,"%2x ", arg->decrypted[i]);
+					fprintf(stderr,"\n");
+				}
+			}
+			else
+			{
+				memcpy(arg->decrypted,buffer,n);
+				arg->decrypted_count=n;
+			}
+
+			if(!(arg->decrypted_count > 0)) // ASSERT(arg->decrypted_count > 0);
+			{
+				fprintf(stderr,"encrypted_data_reader: inconsistency in decrypted count") ;
+				return -1 ;
+			}
+
+			arg->decrypted_offset=0;
+		}
+	}
+
+	return saved;
+}
 
 static void encrypted_data_destroyer(ops_reader_info_t *rinfo)
     { free(ops_reader_get_arg(rinfo)); }
diff --git a/openpgpsdk/src/openpgpsdk/reader_encrypted_seip.c b/openpgpsdk/src/openpgpsdk/reader_encrypted_seip.c
index 4df216697..4e5251648 100644
--- a/openpgpsdk/src/openpgpsdk/reader_encrypted_seip.c
+++ b/openpgpsdk/src/openpgpsdk/reader_encrypted_seip.c
@@ -40,7 +40,6 @@
 
 #include "parse_local.h"
 
-#include <assert.h>
 #include <stdarg.h>
 #include <stdlib.h>
 #include <string.h>
@@ -192,7 +191,11 @@ static int se_ip_data_reader(void *dest_, size_t len, ops_error_t **errors,
 
         // all done with the checks
         // now can start reading from the plaintext
-        assert(!arg->plaintext);
+        if(arg->plaintext) // ASSERT(!arg->plaintext);
+		  {
+			  fprintf(stderr,"se_ip_data_reader: consistency error\n");
+			  return -1 ;
+		  }
         arg->plaintext=ops_mallocz(sz_plaintext);
         memcpy(arg->plaintext, plaintext, sz_plaintext);
         arg->plaintext_available=sz_plaintext;
diff --git a/openpgpsdk/src/openpgpsdk/readerwriter.c b/openpgpsdk/src/openpgpsdk/readerwriter.c
index 493b9b318..a15bb1161 100644
--- a/openpgpsdk/src/openpgpsdk/readerwriter.c
+++ b/openpgpsdk/src/openpgpsdk/readerwriter.c
@@ -26,7 +26,6 @@
 #else
 #include <direct.h>
 #endif
-#include <assert.h>
 #include <string.h>
 #include <stdio.h>
 
@@ -352,7 +351,11 @@ callback_pk_session_key(const ops_parser_content_t *content_,ops_parse_cb_info_t
         {
     case OPS_PTAG_CT_PK_SESSION_KEY:
 		//	printf ("OPS_PTAG_CT_PK_SESSION_KEY\n");
-        assert(cbinfo->cryptinfo.keyring);
+        if(!(cbinfo->cryptinfo.keyring))	// ASSERT(cbinfo->cryptinfo.keyring);
+		  {
+			  fprintf(stderr,"No keyring supplied!") ;
+			  return 0 ;
+		  }
         cbinfo->cryptinfo.keydata=ops_keyring_find_key_by_id(cbinfo->cryptinfo.keyring,
                                              content->pk_session_key.key_id);
         if(!cbinfo->cryptinfo.keydata)
@@ -414,7 +417,7 @@ callback_cmd_get_secret_key(const ops_parser_content_t *content_,ops_parse_cb_in
 					if (!cbinfo->cryptinfo.passphrase)
 					{
 						fprintf(stderr,"can't get passphrase\n");
-						assert(0);
+						return 0 ;	// ASSERT(0);
 					}
 				}
 				/* then it must be encrypted */