Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-06-28 16:17:28 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

removed asserts in packet-parse.c

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@6949 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2013-12-18 20:22:59 +00:00
parent f7142be9dd
commit 2f188b8217
1 changed files with 866 additions and 773 deletions
Download patch file Download diff file Expand all files Collapse all files

243
openpgpsdk/src/openpgpsdk/packet-parse.c
View file

@ -40,7 +40,6 @@
#include "parse_local.h"
#include <assert.h>
#include <stdarg.h>
#include <stdlib.h>
#include <string.h>
@ -68,10 +67,14 @@ static const size_t MAX_RECURSIVE_COMPRESSION_DEPTH = 32 ;
*/
static int limited_read_data(ops_data_t *data,unsigned int len,
ops_region_t *subregion,ops_parse_info_t *pinfo)
{
{
data->len = len;
assert(subregion->length-subregion->length_read >= len);
if(!(subregion->length-subregion->length_read >= len)) // ASSERT(subregion->length-subregion->length_read >= len);
{
fprintf(stderr,"Data length error: announced size %d larger than expected size %d. Giving up.",len,subregion->length-subregion->length_read) ;
return 0 ;
}
data->contents=malloc(data->len);
if (!data->contents)
@ -82,7 +85,7 @@ static int limited_read_data(ops_data_t *data,unsigned int len,
return 0;
return 1;
}
}
/**
* read_data reads the remainder of the subregion's data
@ -182,7 +185,7 @@ void ops_init_subregion(ops_region_t *subregion,ops_region_t *region)
static int sub_base_read(void *dest,size_t length,ops_error_t **errors,
ops_reader_info_t *rinfo,ops_parse_cb_info_t *cbinfo)
{
{
size_t n;
/* reading more than this would look like an error */
@ -193,9 +196,14 @@ static int sub_base_read(void *dest,size_t length,ops_error_t **errors,
{
int r=rinfo->reader((char*)dest+n,length-n,errors,rinfo,cbinfo);
assert(r <= (int)(length-n));
if(!(r <= (int)(length-n))) // ASSERT(r <= (int)(length-n))
{
fprintf(stderr,"sub_base_read: error in length. Read %d, remaining length is %d",r,(int)(length-n)) ;
return -1 ;
}
// XXX: should we save the error and return what was read so far?
//
if(r < 0)
return r;
@ -210,13 +218,23 @@ static int sub_base_read(void *dest,size_t length,ops_error_t **errors,
if(rinfo->accumulate)
{
assert(rinfo->asize >= rinfo->alength);
if(!(rinfo->asize >= rinfo->alength)) // ASSERT(rinfo->asize >= rinfo->alength)
{
fprintf(stderr,"sub_base_read: error in accumulated length.") ;
return -1 ;
}
if(rinfo->alength+n > rinfo->asize)
{
rinfo->asize=rinfo->asize*2+n;
rinfo->accumulated=realloc(rinfo->accumulated,rinfo->asize);
}
assert(rinfo->asize >= rinfo->alength+n);
if(!(rinfo->asize >= rinfo->alength+n)) // ASSERT(rinfo->asize >= rinfo->alength+n)
{
fprintf(stderr,"sub_base_read: error in accumulated length.") ;
return -1 ;
}
memcpy(rinfo->accumulated+rinfo->alength,dest,n);
}
// we track length anyway, because it is used for packet offsets
@ -225,7 +243,7 @@ static int sub_base_read(void *dest,size_t length,ops_error_t **errors,
rinfo->position+=n;
return n;
}
}
int ops_stacked_read(void *dest,size_t length,ops_error_t **errors,
ops_reader_info_t *rinfo,ops_parse_cb_info_t *cbinfo)
@ -286,7 +304,11 @@ static ops_boolean_t _read_scalar(unsigned *result,unsigned length,
{
unsigned t=0;
assert (length <= sizeof(*result));
if(! (length <= sizeof(*result))) // ASSERT(length <= sizeof(*result))
{
fprintf(stderr,"_read_scalar: length to read is larger than buffer size.") ;
return ops_false ;
}
while(length--)
{
@ -333,7 +355,7 @@ ops_boolean_t ops_limited_read(unsigned char *dest,size_t length,
ops_region_t *region,ops_error_t **errors,
ops_reader_info_t *rinfo,
ops_parse_cb_info_t *cbinfo)
{
{
size_t r;
int lr;
@ -361,12 +383,17 @@ ops_boolean_t ops_limited_read(unsigned char *dest,size_t length,
do
{
region->length_read+=r;
assert(!region->parent || region->length <= region->parent->length);
if(!(!region->parent || region->length <= region->parent->length)) // ASSERT(!region->parent || region->length <= region->parent->length)
{
OPS_ERROR(errors,OPS_E_R_READ_FAILED,"Read failed");
return ops_false;
}
}
while((region=region->parent));
return ops_true;
}
}
/**
\ingroup Core_ReadPackets
@ -446,13 +473,21 @@ static int limited_skip(unsigned length,ops_region_t *region,
static int limited_read_scalar(unsigned *dest,unsigned length,
ops_region_t *region,
ops_parse_info_t *pinfo)
{
{
unsigned char c[4]="";
unsigned t;
unsigned n;
assert(length <= 4);
assert(sizeof(*dest) >= 4);
if(!(length <= 4)) // ASSERT(length <= 4)
{
fprintf(stderr,"limited_read_scalar: wrong size for scalar %d\n",length) ;
return ops_false ;
}
if(!(sizeof(*dest) >= 4)) // ASSERT(sizeof(*dest) >= 4)
{
fprintf(stderr,"limited_read_scalar: wrong size for dest %lu\n",sizeof(*dest)) ;
return ops_false ;
}
if(!limited_read(c,length,region,pinfo))
return 0;
@ -461,7 +496,7 @@ static int limited_read_scalar(unsigned *dest,unsigned length,
*dest=t;
return 1;
}
}
/** Read a scalar.
*
@ -485,10 +520,14 @@ static int limited_read_scalar(unsigned *dest,unsigned length,
static int limited_read_size_t_scalar(size_t *dest,unsigned length,
ops_region_t *region,
ops_parse_info_t *pinfo)
{
{
unsigned tmp;
assert(sizeof(*dest) >= 4);
if(!(sizeof(*dest) >= 4)) // ASSERT(sizeof(*dest) >= 4)
{
fprintf(stderr,"limited_read_scalar: wrong dest size for scalar %lu\n",sizeof(*dest)) ;
return ops_false ;
}
/* Note that because the scalar is at most 4 bytes, we don't care
if size_t is bigger than usigned */
@ -497,7 +536,7 @@ static int limited_read_size_t_scalar(size_t *dest,unsigned length,
*dest=tmp;
return 1;
}
}
/** Read a timestamp.
*
@ -518,7 +557,7 @@ static int limited_read_size_t_scalar(size_t *dest,unsigned length,
*/
static int limited_read_time(time_t *dest,ops_region_t *region,
ops_parse_info_t *pinfo)
{
{
/*
* Cannot assume that time_t is 4 octets long -
* there is at least one architecture (SunOS 5.10) where it is 8.
@ -541,7 +580,7 @@ static int limited_read_time(time_t *dest,ops_region_t *region,
*dest=mytime;
return 1;
}
}
}
/**
* \ingroup Core_MPI
@ -589,7 +628,12 @@ static int limited_read_mpi(BIGNUM **pbn,ops_region_t *region,
nonzero=8;
length=(length+7)/8;
assert(length <= 8192);
if(!(length <= 8192)) // ASSERT(length <= 8192)
{
fprintf(stderr,"limited_read_mpi: wrong size to read %d > 8192",length) ;
return 0 ;
}
if(!limited_read(buf,length,region,pinfo))
return 0;
@ -772,7 +816,7 @@ void ops_cmd_get_passphrase_free(ops_secret_key_passphrase_t *skp)
*/
/*! Free any memory allocated when parsing the packet content */
void ops_parser_content_free(ops_parser_content_t *c)
{
{
switch(c->tag)
{
case OPS_PARSER_PTAG:
@ -928,9 +972,9 @@ void ops_parser_content_free(ops_parser_content_t *c)
default:
fprintf(stderr,"Can't free %d (0x%x)\n",c->tag,c->tag);
//assert(0);
}
//ASSERT(0);
}
}
/**
\ingroup Core_Create
@ -947,7 +991,7 @@ static void free_BN(BIGNUM **pp)
\brief Free allocated memory
*/
void ops_pk_session_key_free(ops_pk_session_key_t *sk)
{
{
switch(sk->algorithm)
{
case OPS_PKA_RSA:
@ -961,9 +1005,9 @@ void ops_pk_session_key_free(ops_pk_session_key_t *sk)
default:
fprintf(stderr,"ops_pk_session_key_free: Unknown algorithm: %d \n",sk->algorithm);
//assert(0);
}
//ASSERT(0);
}
}
/**
\ingroup Core_Create
@ -971,7 +1015,7 @@ void ops_pk_session_key_free(ops_pk_session_key_t *sk)
*/
/*! Free the memory used when parsing a public key */
void ops_public_key_free(ops_public_key_t *p)
{
{
switch(p->algorithm)
{
case OPS_PKA_RSA:
@ -997,9 +1041,9 @@ void ops_public_key_free(ops_public_key_t *p)
default:
fprintf(stderr,"ops_public_key_free: Unknown algorithm: %d \n",p->algorithm);
//assert(0);
}
//ASSERT(0);
}
}
void ops_public_key_copy(ops_public_key_t *dst,const ops_public_key_t *src)
{
@ -1034,7 +1078,7 @@ void ops_public_key_copy(ops_public_key_t *dst,const ops_public_key_t *src)
default:
fprintf(stderr,"ops_public_key_copy: Unknown algorithm: %d \n",src->algorithm);
//assert(0);
//ASSERT(0);
}
}
/**
@ -1042,10 +1086,14 @@ void ops_public_key_copy(ops_public_key_t *dst,const ops_public_key_t *src)
*/
static int parse_public_key_data(ops_public_key_t *key,ops_region_t *region,
ops_parse_info_t *pinfo)
{
{
unsigned char c[1]="";
assert (region->length_read == 0); /* We should not have read anything so far */
if(!(region->length_read == 0)) // ASSERT(region->length_read == 0) /* We should not have read anything so far */
{
fprintf(stderr,"parse_public_key_data: read length error\n") ;
return 0 ;
}
if(!limited_read(c,1,region,pinfo))
return 0;
@ -1102,7 +1150,7 @@ static int parse_public_key_data(ops_public_key_t *key,ops_region_t *region,
}
return 1;
}
}
/**
@ -1191,14 +1239,18 @@ void ops_user_attribute_free(ops_user_attribute_t *user_att)
*/
static int parse_user_attribute(ops_region_t *region, ops_parse_info_t *pinfo)
{
{
ops_parser_content_t content;
/* xxx- treat as raw data for now. Could break down further
into attribute sub-packets later - rachel */
assert(region->length_read == 0); /* We should not have read anything so far */
if(!(region->length_read == 0)) // ASSERT(region->length_read == 0) /* We should not have read anything so far */
{
fprintf(stderr,"parse_user_attribute: read length error\n") ;
return 0 ;
}
if(!read_data(&C.user_attribute.data,region,pinfo))
return 0;
@ -1206,7 +1258,7 @@ static int parse_user_attribute(ops_region_t *region, ops_parse_info_t *pinfo)
CBP(pinfo,OPS_PTAG_CT_USER_ATTRIBUTE,&content);
return 1;
}
}
/**
\ingroup Core_Create
@ -1239,10 +1291,14 @@ void ops_user_id_free(ops_user_id_t *id)
* \see RFC4880 5.11
*/
static int parse_user_id(ops_region_t *region,ops_parse_info_t *pinfo)
{
{
ops_parser_content_t content;
assert(region->length_read == 0); /* We should not have read anything so far */
if(!(region->length_read == 0)) // ASSERT(region->length_read == 0) /* We should not have read anything so far */
{
fprintf(stderr,"parse_user_id: region read size should be 0. Corrupted data ?") ;
return 0 ;
}
C.user_id.user_id=malloc(region->length+1); /* XXX should we not like check malloc's return value? */
@ -1255,7 +1311,7 @@ static int parse_user_id(ops_region_t *region,ops_parse_info_t *pinfo)
CBP(pinfo,OPS_PTAG_CT_USER_ID,&content);
return 1;
}
}
/**
* \ingroup Core_Create
@ -1307,7 +1363,7 @@ void ops_signature_free(ops_signature_t *sig)
default:
fprintf(stderr,"ops_signature_free: Unknown algorithm: %d \n",sig->info.key_algorithm);
//assert(0);
//ASSERT(0);
}
free(sig->info.v4_hashed_data);
}
@ -1844,7 +1900,7 @@ static int parse_v4_signature(ops_region_t *region,ops_parse_info_t *pinfo)
{
/* We must accumulate, else we can't check the signature */
fprintf(stderr,"*** ERROR: must set accumulate to true\n");
assert(0);
return 0 ; //ASSERT(0);
}
memcpy(C.signature.info.v4_hashed_data,
@ -1926,11 +1982,15 @@ static int parse_v4_signature(ops_region_t *region,ops_parse_info_t *pinfo)
* \return 1 on success, 0 on error
*/
static int parse_signature(ops_region_t *region,ops_parse_info_t *pinfo)
{
{
unsigned char c[1]="";
ops_parser_content_t content;
assert(region->length_read == 0); /* We should not have read anything so far */
if(!(region->length_read == 0)) // ASSERT(region->length_read == 0) /* We should not have read anything so far */
{
fprintf(stderr,"parse_signature: region read is not empty! Data is corrupted?") ;
return 0 ;
}
memset(&content,'\0',sizeof content);
@ -1945,7 +2005,7 @@ static int parse_signature(ops_region_t *region,ops_parse_info_t *pinfo)
OPS_ERROR_1(&pinfo->errors,OPS_E_PROTO_BAD_SIGNATURE_VRSN,
"Bad signature version (%d)",c[0]);
return 0;
}
}
/**
\ingroup Core_ReadPackets
@ -2173,7 +2233,7 @@ void ops_secret_key_free(ops_secret_key_t *key)
default:
fprintf(stderr,"ops_secret_key_free: Unknown algorithm: %d (%s)\n",key->public_key.algorithm, ops_show_pka(key->public_key.algorithm));
//assert(0);
//ASSERT(0);
}
ops_public_key_free(&key->public_key);
@ -2201,7 +2261,7 @@ void ops_secret_key_copy(ops_secret_key_t *dst,const ops_secret_key_t *src)
default:
fprintf(stderr,"ops_secret_key_copy: Unknown algorithm: %d (%s)\n",src->public_key.algorithm, ops_show_pka(src->public_key.algorithm));
//assert(0);
//ASSERT(0);
}
}
static int consume_packet(ops_region_t *region,ops_parse_info_t *pinfo,
@ -2236,7 +2296,7 @@ static int consume_packet(ops_region_t *region,ops_parse_info_t *pinfo,
* \brief Parse a secret key
*/
static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
{
{
ops_parser_content_t content;
unsigned char c[1]="";
ops_crypt_t decrypt;
@ -2279,9 +2339,11 @@ static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
return 0;
C.secret_key.s2k_specifier=c[0];
assert(C.secret_key.s2k_specifier == OPS_S2KS_SIMPLE
|| C.secret_key.s2k_specifier == OPS_S2KS_SALTED
|| C.secret_key.s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED);
if(!(C.secret_key.s2k_specifier == OPS_S2KS_SIMPLE || C.secret_key.s2k_specifier == OPS_S2KS_SALTED || C.secret_key.s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED)) // ASSERT(C.secret_key.s2k_specifier == OPS_S2KS_SIMPLE || C.secret_key.s2k_specifier == OPS_S2KS_SALTED || C.secret_key.s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED)
{
fprintf(stderr,"parse_secret_key: error in secret key format. Bad flags combination.\n") ;
return 0;
}
if(!limited_read(c,1,region,pinfo))
return 0;
@ -2324,7 +2386,11 @@ static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
size_t l;
blocksize=ops_block_size(C.secret_key.algorithm);
assert(blocksize > 0 && blocksize <= OPS_MAX_BLOCK_SIZE);
if(!(blocksize > 0 && blocksize <= OPS_MAX_BLOCK_SIZE)) // ASSERT(blocksize > 0 && blocksize <= OPS_MAX_BLOCK_SIZE);
{
fprintf(stderr,"parse_secret_key: block size error. Data seems corrupted.") ;
return 0;
}
if(!limited_read(C.secret_key.iv,blocksize,region,pinfo))
return 0;
@ -2351,10 +2417,18 @@ static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
}
keysize=ops_key_size(C.secret_key.algorithm);
assert(keysize > 0 && keysize <= OPS_MAX_KEY_SIZE);
if(!(keysize > 0 && keysize <= OPS_MAX_KEY_SIZE)) // ASSERT(keysize > 0 && keysize <= OPS_MAX_KEY_SIZE);
{
fprintf(stderr,"parse_secret_key: keysize %d exceeds maximum allowed size %d\n",keysize,OPS_MAX_KEY_SIZE);
return 0 ;
}
hashsize=ops_hash_size(C.secret_key.hash_algorithm);
assert(hashsize > 0 && hashsize <= OPS_MAX_HASH_SIZE);
if(!(hashsize > 0 && hashsize <= OPS_MAX_HASH_SIZE)) // ASSERT(hashsize > 0 && hashsize <= OPS_MAX_HASH_SIZE);
{
fprintf(stderr,"parse_secret_key: hashsize %d exceeds maximum allowed size %d\n",keysize,OPS_MAX_HASH_SIZE);
return 0 ;
}
for(n=0 ; n*hashsize < keysize ; ++n)
{
@ -2402,7 +2476,11 @@ static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
for(n=0 ; n*hashsize < keysize ; ++n)
{
int r=hashes[n].finish(&hashes[n],key+n*hashsize);
assert(r == hashsize);
if(!(r == hashsize)) // ASSERT(r == hashsize);
{
fprintf(stderr,"parse_secret_key: read error. Data probably corrupted.") ;
return 0 ;
}
}
free(passphrase);
@ -2476,7 +2554,7 @@ static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
default:
OPS_ERROR_2(&pinfo->errors,OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG,"Unsupported Public Key algorithm %d (%s)",C.secret_key.public_key.algorithm,ops_show_pka(C.secret_key.public_key.algorithm));
ret=0;
// assert(0);
// ASSERT(0);
}
if (debug)
@ -2537,7 +2615,11 @@ static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
ops_reader_pop_decrypt(pinfo);
}
assert(!ret || region->length_read == region->length);
if(!(!ret || region->length_read == region->length)) // ASSERT(!ret || region->length_read == region->length)
{
fprintf(stderr,"parse_secret_key: read error. data probably corrupted.") ;
return 0 ;
}
if(!ret)
return 0;
@ -2548,7 +2630,7 @@ static int parse_secret_key(ops_region_t *region,ops_parse_info_t *pinfo)
{ fprintf(stderr, "--- end of parse_secret_key\n\n"); }
return 1;
}
}
/**
\ingroup Core_ReadPackets
@ -2672,7 +2754,11 @@ static int parse_pk_session_key(ops_region_t *region,
return 0;
}
assert(k <= sizeof C.pk_session_key.key);
if(!(k <= sizeof C.pk_session_key.key)) // ASSERT(k <= sizeof C.pk_session_key.key);
{
fprintf(stderr,"ops_decrypt_se_data: error in session key size. Corrupted data?") ;
return 0 ;
}
memcpy(C.pk_session_key.key,unencoded_m_buf+1,k);
@ -2714,9 +2800,8 @@ static int parse_pk_session_key(ops_region_t *region,
}
// XXX: make this static?
int ops_decrypt_se_data(ops_content_tag_t tag,ops_region_t *region,
ops_parse_info_t *pinfo)
{
int ops_decrypt_se_data(ops_content_tag_t tag,ops_region_t *region, ops_parse_info_t *pinfo)
{
int r=1;
ops_crypt_t *decrypt=ops_parse_get_decrypt(pinfo);
@ -2777,11 +2862,11 @@ int ops_decrypt_se_data(ops_content_tag_t tag,ops_region_t *region,
}
return r;
}
}
int ops_decrypt_se_ip_data(ops_content_tag_t tag,ops_region_t *region,
ops_parse_info_t *pinfo)
{
{
int r=1;
ops_crypt_t *decrypt=ops_parse_get_decrypt(pinfo);
@ -2792,7 +2877,6 @@ int ops_decrypt_se_ip_data(ops_content_tag_t tag,ops_region_t *region,
r=ops_parse(pinfo);
// assert(0);
ops_reader_pop_se_ip_data(pinfo);
ops_reader_pop_decrypt(pinfo);
}
@ -2817,7 +2901,7 @@ int ops_decrypt_se_ip_data(ops_content_tag_t tag,ops_region_t *region,
}
return r;
}
}
/**
\ingroup Core_ReadPackets
@ -2840,19 +2924,24 @@ static int parse_se_data(ops_region_t *region,ops_parse_info_t *pinfo)
\brief Read a Symmetrically Encrypted Integrity Protected packet
*/
static int parse_se_ip_data(ops_region_t *region,ops_parse_info_t *pinfo)
{
{
unsigned char c[1]="";
ops_parser_content_t content;
if(!limited_read(c,1,region,pinfo))
return 0;
C.se_ip_data_header.version=c[0];
assert(C.se_ip_data_header.version == OPS_SE_IP_V1);
if(!(C.se_ip_data_header.version == OPS_SE_IP_V1)) // ASSERT(C.se_ip_data_header.version == OPS_SE_IP_V1);
{
fprintf(stderr,"parse_se_ip_data: packet header version should be %d, it is %d. Packet dropped.",OPS_SE_IP_V1,C.se_ip_data_header.version) ;
return 0 ;
}
/* The content of an encrypted data packet is more OpenPGP packets
once decrypted, so recursively handle them */
return ops_decrypt_se_ip_data(OPS_PTAG_CT_SE_IP_DATA_BODY,region,pinfo);
}
}
/**
\ingroup Core_ReadPackets
@ -3154,7 +3243,7 @@ int ops_parse_and_print_errors(ops_parse_info_t *pinfo)
void ops_parse_options(ops_parse_info_t *pinfo,
ops_content_tag_t tag,
ops_parse_type_t type)
{
{
int t8,t7;
if(tag == OPS_PTAG_SS_ALL)
@ -3167,8 +3256,12 @@ void ops_parse_options(ops_parse_info_t *pinfo,
return;
}
assert(tag >= OPS_PTAG_SIGNATURE_SUBPACKET_BASE
&& tag <= OPS_PTAG_SIGNATURE_SUBPACKET_BASE+NTAGS-1);
if(!(tag >= OPS_PTAG_SIGNATURE_SUBPACKET_BASE && tag <= OPS_PTAG_SIGNATURE_SUBPACKET_BASE+NTAGS-1)) // ASSERT(tag >= OPS_PTAG_SIGNATURE_SUBPACKET_BASE && tag <= OPS_PTAG_SIGNATURE_SUBPACKET_BASE+NTAGS-1)
{
fprintf(stderr,"ops_parse_options: format error in options. Will not be parsed. Correct your code!\n") ;
return ;
}
t8=(tag-OPS_PTAG_SIGNATURE_SUBPACKET_BASE)/8;
t7=1 << ((tag-OPS_PTAG_SIGNATURE_SUBPACKET_BASE)&7);
switch(type)
@ -3188,7 +3281,7 @@ void ops_parse_options(ops_parse_info_t *pinfo,
pinfo->ss_parsed[t8] &= ~t7;
break;
}
}
}
/**
\ingroup Core_ReadPackets