Merge remote-tracking branch 'fjoncourt/master'

Closes issues #76 and #60.
2013-05-15 21:31:17 -04:00 · 2013-05-15 21:31:17 -04:00 · b6562d3bf3
commit b6562d3bf3
parent 2c8469e95e 95615c90e2
7 changed files with 126 additions and 88 deletions
--- a/client/getpasswd.c
+++ b/client/getpasswd.c
@ -161,7 +161,7 @@ getpasswd(
    return (ptr);
 }

-/* Function for accepting password input from from a file
+/* Function for accepting password input from a file
 */
 void
 get_key_file(char *key, int *key_len, const char *key_file,
--- a/lib/digest.c
+++ b/lib/digest.c
@ -1,17 +1,15 @@
-/*
- *****************************************************************************
+/**
+ * @file    digest.c
 *
- * File:    digest.c
+ * @author  Damien S. Stuart
 *
- * Author:  Damien S. Stuart
- *
- * Purpose: Roll-up of the digests used by fwknop.
+ * @brief   Roll-up of the digests used by fwknop.
 *
 * Copyright 2009-2010 Damien Stuart (dstuart@dstuart.org)
 *
 *  License (GNU Public License):
 *
- *  This library is free software; you can redistribute it and/or
+ *  This program is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU General Public License
 *  as published by the Free Software Foundation; either version 2
 *  of the License, or (at your option) any later version.
@ -25,9 +23,8 @@
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
 *  USA
- *
- *****************************************************************************
-*/
+ */
+
 #include "fko_common.h"
 #include "digest.h"
 #include "base64.h"
@ -36,15 +33,30 @@
 /* Convert a raw digest into its hex string representation.
 */
 static void
-digest_to_hex(char *out, const unsigned char *in, const size_t size)
+digest_to_hex(char *out, size_t size_out, const unsigned char *in, const size_t size_in)
 {
    size_t i;

-    for(i=0; i<size; i++)
+    /* Assume the output buffer must be a NULL terminated string */
+    memset(out, 0, size_out);
+    size_out -= 1;
+
+    /* The hex string representation must be long enough */
+    if (size_out >= (size_in * 2))
    {
-        sprintf(out, "%02x", in[i]);
-        out += 2;
+        /* For each byte... */
+        for(i=0; i<size_in; i++)
+        {
+            /* Append the hex string to the output buffer */
+            snprintf(out, 2, "%02x", in[i]);
+
+            /* Moved the pointer on the output buffer to the next place  */
+            out += 2;
+        }
    }
+
+    /* Not enough space in the output buffer - Should not occur */
+    else;
 }

 /* Compute MD5 hash on in and store result in out.
@ -62,12 +74,12 @@ md5(unsigned char *out, unsigned char *in, size_t size)
 /* Compute MD5 hash on in and store the hex string result in out.
 */
 void
-md5_hex(char *out, unsigned char *in, size_t size)
+md5_hex(char *out, size_t size_out, unsigned char *in, size_t size_in)
 {
    uint8_t      md[MD5_DIGEST_LEN];

-    md5(md, in, size);
-    digest_to_hex(out, md, MD5_DIGEST_LEN);
+    md5(md, in, size_in);
+    digest_to_hex(out, size_out, md, MD5_DIGEST_LEN);
 }

 /* Compute MD5 hash on in and store the base64 string result in out.
@ -98,12 +110,12 @@ sha1(unsigned char *out, unsigned char *in, size_t size)
 /* Compute SHA1 hash on in and store the hex string result in out.
 */
 void
-sha1_hex(char *out, unsigned char *in, size_t size)
+sha1_hex(char *out, size_t size_out, unsigned char *in, size_t size_in)
 {
    uint8_t       md[SHA1_DIGEST_LEN];

-    sha1(md, in, size);
-    digest_to_hex(out, md, SHA1_DIGEST_LEN);
+    sha1(md, in, size_in);
+    digest_to_hex(out, size_out, md, SHA1_DIGEST_LEN);
 }

 /* Compute SHA1 hash on in and store the base64 string result in out.
@ -134,12 +146,12 @@ sha256(unsigned char *out, unsigned char *in, size_t size)
 /* Compute SHA256 hash on in and store the hex string result in out.
 */
 void
-sha256_hex(char *out, unsigned char *in, size_t size)
+sha256_hex(char *out, size_t size_out, unsigned char *in, size_t size_in)
 {
    uint8_t       md[SHA256_DIGEST_LEN];

-    sha256(md, in, size);
-    digest_to_hex(out, md, SHA256_DIGEST_LEN);
+    sha256(md, in, size_in);
+    digest_to_hex(out, size_out, md, SHA256_DIGEST_LEN);
 }

 /* Compute SHA256 hash on in and store the base64 string result in out.
@ -170,12 +182,12 @@ sha384(unsigned char *out, unsigned char *in, size_t size)
 /* Compute SHA384 hash on in and store the hex string result in out.
 */
 void
-sha384_hex(char *out, unsigned char *in, size_t size)
+sha384_hex(char *out, size_t size_out, unsigned char *in, size_t size_in)
 {
    uint8_t       md[SHA384_DIGEST_LEN];

-    sha384(md, in, size);
-    digest_to_hex(out, md, SHA384_DIGEST_LEN);
+    sha384(md, in, size_in);
+    digest_to_hex(out, size_out, md, SHA384_DIGEST_LEN);
 }

 /* Compute SHA384 hash on in and store the base64 string result in out.
@ -206,12 +218,12 @@ sha512(unsigned char *out, unsigned char *in, size_t size)
 /* Compute SHA512 hash on in and store the hex string result in out.
 */
 void
-sha512_hex(char *out, unsigned char *in, size_t size)
+sha512_hex(char *out, size_t size_out, unsigned char *in, size_t size_in)
 {
    uint8_t       md[SHA512_DIGEST_LEN];

-    sha512(md, in, size);
-    digest_to_hex(out, md, SHA512_DIGEST_LEN);
+    sha512(md, in, size_in);
+    digest_to_hex(out, size_out, md, SHA512_DIGEST_LEN);
 }

 /* Compute SHA512 hash on in and store the base64 string result in out.
--- a/lib/digest.h
+++ b/lib/digest.h
@ -40,19 +40,19 @@
 #define MD_HEX_SIZE(x) x * 2

 void md5(unsigned char* out, unsigned char* in, size_t size);
-void md5_hex(char* out, unsigned char* in, size_t size);
+void md5_hex(char* out, size_t size_out, unsigned char* in, size_t size);
 void md5_base64(char* out, unsigned char* in, size_t size);
 void sha1(unsigned char* out, unsigned char* in, size_t size);
-void sha1_hex(char* out, unsigned char* in, size_t size);
+void sha1_hex(char* out, size_t size_out, unsigned char* in, size_t size);
 void sha1_base64(char* out, unsigned char* in, size_t size);
 void sha256(unsigned char* out, unsigned char* in, size_t size);
-void sha256_hex(char* out, unsigned char* in, size_t size);
+void sha256_hex(char* out, size_t size_out, unsigned char* in, size_t size);
 void sha256_base64(char* out, unsigned char* in, size_t size);
 void sha384(unsigned char* out, unsigned char* in, size_t size);
-void sha384_hex(char* out, unsigned char* in, size_t size);
+void sha384_hex(char* out, size_t size_out, unsigned char* in, size_t size);
 void sha384_base64(char* out, unsigned char* in, size_t size);
 void sha512(unsigned char* out, unsigned char* in, size_t size);
-void sha512_hex(char* out, unsigned char* in, size_t size);
+void sha512_hex(char* out, size_t size_out, unsigned char* in, size_t size);
 void sha512_base64(char* out, unsigned char* in, size_t size);

 #endif /* DIGEST_H */
--- a/lib/fko_encode.c
+++ b/lib/fko_encode.c
@ -118,7 +118,7 @@ fko_encode_spa_data(fko_ctx_t ctx)
    /* Add the timestamp.
    */
    offset = strlen(tbuf);
-    sprintf(((char*)tbuf+offset), ":%u:", (unsigned int) ctx->timestamp);
+    snprintf(((char*)tbuf+offset), FKO_ENCODE_TMP_BUF_SIZE - offset, ":%u:", (unsigned int) ctx->timestamp);

    /* Add the version string.
    */
@ -138,7 +138,7 @@ fko_encode_spa_data(fko_ctx_t ctx)
    /* Add the message type value.
    */
    offset = strlen(tbuf);
-    sprintf(((char*)tbuf+offset), ":%i:", ctx->message_type);
+    snprintf(((char*)tbuf+offset), FKO_ENCODE_TMP_BUF_SIZE - offset, ":%i:", ctx->message_type);

    /* Add the base64-encoded SPA message.
    */
@ -180,7 +180,7 @@ fko_encode_spa_data(fko_ctx_t ctx)
    if(ctx->client_timeout > 0 && ctx->message_type != FKO_COMMAND_MSG)
    {
        offset = strlen(tbuf);
-        sprintf(((char*)tbuf+offset), ":%i", ctx->client_timeout);
+        snprintf(((char*)tbuf+offset), FKO_ENCODE_TMP_BUF_SIZE - offset, ":%i", ctx->client_timeout);
    }

    /* If encoded_msg is not null, then we assume it needs to
--- a/lib/fko_rand_value.c
+++ b/lib/fko_rand_value.c
@ -120,16 +120,18 @@ fko_set_rand_value(fko_ctx_t ctx, const char * const new_val)
    ctx->rand_val = malloc(FKO_RAND_VAL_SIZE+1);
    if(ctx->rand_val == NULL)
            return(FKO_ERROR_MEMORY_ALLOCATION);
+    memset(ctx->rand_val, 0, FKO_RAND_VAL_SIZE+1);

    tmp_buf = malloc(FKO_RAND_VAL_SIZE+1);
    if(tmp_buf == NULL)
            return(FKO_ERROR_MEMORY_ALLOCATION);
+    memset(tmp_buf, 0, FKO_RAND_VAL_SIZE+1);

-    sprintf(ctx->rand_val, "%u", rand());
+    snprintf(ctx->rand_val, FKO_RAND_VAL_SIZE, "%u", rand());

    while(strnlen(ctx->rand_val, FKO_RAND_VAL_SIZE+1) < FKO_RAND_VAL_SIZE)
    {
-        sprintf(tmp_buf, "%u", rand());
+        snprintf(tmp_buf, FKO_RAND_VAL_SIZE, "%u", rand());
        strlcat(ctx->rand_val, tmp_buf, FKO_RAND_VAL_SIZE+1);
    }

--- a/lib/gpgme_funcs.c
+++ b/lib/gpgme_funcs.c
@ -392,7 +392,7 @@ gpgme_encrypt(fko_ctx_t fko_ctx, unsigned char *indata, size_t in_len, const cha
    gpgme_data_release(plaintext);

    /* Get the encrypted data and its length from the gpgme data object.
-     * BTW, this does does free the memory used by cipher.
+     * BTW, this does free the memory used by cipher.
    */
    tmp_buf = gpgme_data_release_and_get_mem(cipher, out_len);

--- a/server/utils.c
+++ b/server/utils.c
@ -1,11 +1,9 @@
-/*
- *****************************************************************************
+/**
+ * @file    utils.c
 *
- * File:    utils.c
+ * @author  Damien S. Stuart
 *
- * Author:  Damien S. Stuart
- *
- * Purpose: General/Generic functions for the fwknop server.
+ * @brief   General/Generic functions for the fwknop server.
 *
 * Copyright 2010 Damien Stuart (dstuart@dstuart.org)
 *
@ -25,11 +23,54 @@
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
 *  USA
- *
- *****************************************************************************
-*/
+ */
+
 #include "fwknopd_common.h"
 #include "utils.h"
+#include "log_msg.h"
+#include <stdarg.h>
+
+/**
+ * @brief Add a printf style message to a buffer
+ *
+ * This function allows to append a printf style message to a buffer
+ * and prevents buffer overflow by taking care of the size the buffer.
+ * It returns the number of bytes really written to the buffer.
+ * Thus if an error is encoutered during the process the number of bytes
+ * written is set to 0. This way the user knows exactly how many bytes
+ * can be appended afterwards.
+ *
+ * @param buf Buffer to write the formated message to
+ * @param buf_size Maximum number of bytes to write to the buffer
+ * @param msg Message to format and to append to the buffer
+ *
+ * @return the number of bytes written to the buffer
+ */
+static int
+append_msg_to_buf(char *buf, size_t buf_size, const char* msg, ...)
+{
+    int     bytes_written = 0;  /* Number of bytes written to buf */
+    va_list ap;
+
+    if (buf_size != 0)
+    {
+        va_start(ap, msg);
+
+        bytes_written = vsnprintf(buf, buf_size, msg, ap);
+        if ( (bytes_written < 0) || (bytes_written >= buf_size) )
+        {
+            log_msg(LOG_WARNING, "add_msg_to_buf() : message truncated / snprintf error");
+            bytes_written = 0;
+        }
+        else;
+
+        va_end(ap);
+    }
+    else
+        log_msg(LOG_WARNING, "add_msg_to_buf() : nothing to write.");
+
+    return bytes_written;
+}

 /* Generic hex dump function.
 */
@ -74,8 +115,8 @@ char *
 dump_ctx(fko_ctx_t ctx)
 {
    static char buf[CTX_DUMP_BUFSIZE];
-    char       *ndx;
-    int         cp;
+    int         cp = 0;
+    size_t      bytes_left;

    char       *rand_val        = NULL;
    char       *username        = NULL;
@ -123,43 +164,26 @@ dump_ctx(fko_ctx_t ctx)
    hmac_digest_inttostr(hmac_type, hmac_str, sizeof(hmac_str));
    enc_mode_inttostr(encryption_mode, enc_mode_str, sizeof(enc_mode_str));

-    memset(buf, 0x0, CTX_DUMP_BUFSIZE);
+    memset(buf, 0x0, sizeof(buf));
+    bytes_left = sizeof(buf) - 1;

-    ndx = buf;
-
-    cp = sprintf(ndx, "SPA Field Values:\n=================\n");
-    ndx += cp;
-    cp = sprintf(ndx, "   Random Value: %s\n", rand_val == NULL ? "<NULL>" : rand_val);
-    ndx += cp;
-    cp = sprintf(ndx, "       Username: %s\n", username == NULL ? "<NULL>" : username);
-    ndx += cp;
-    cp = sprintf(ndx, "      Timestamp: %u\n", (unsigned int) timestamp);
-    ndx += cp;
-    cp = sprintf(ndx, "    FKO Version: %s\n", version == NULL ? "<NULL>" : version);
-    ndx += cp;
-    cp = sprintf(ndx, "   Message Type: %i (%s)\n", msg_type, msg_type_inttostr(msg_type));
-    ndx += cp;
-    cp = sprintf(ndx, " Message String: %s\n", spa_message == NULL ? "<NULL>" : spa_message);
-    ndx += cp;
-    cp = sprintf(ndx, "     Nat Access: %s\n", nat_access == NULL ? "<NULL>" : nat_access);
-    ndx += cp;
-    cp = sprintf(ndx, "    Server Auth: %s\n", server_auth == NULL ? "<NULL>" : server_auth);
-    ndx += cp;
-    cp = sprintf(ndx, " Client Timeout: %u\n", client_timeout);
-    ndx += cp;
-    cp = sprintf(ndx, "    Digest Type: %u (%s)\n", digest_type, digest_str);
-    ndx += cp;
-    cp = sprintf(ndx, "      HMAC Type: %u (%s)\n", hmac_type, hmac_str);
-    ndx += cp;
-    cp = sprintf(ndx, "Encryption Type: %d (%s)\n", encryption_type, enc_type_inttostr(encryption_type));
-    ndx += cp;
-    cp = sprintf(ndx, "Encryption Mode: %d (%s)\n", encryption_mode, enc_mode_str);
-    ndx += cp;
-    cp = sprintf(ndx, "   Encoded Data: %s\n", enc_data == NULL ? "<NULL>" : enc_data);
-    ndx += cp;
-    cp = sprintf(ndx, "SPA Data Digest: %s\n", spa_digest == NULL ? "<NULL>" : spa_digest);
-    ndx += cp;
-    sprintf(ndx, "           HMAC: %s\n", hmac_data == NULL ? "<NULL>" : hmac_data);
+    cp  = append_msg_to_buf(buf,    bytes_left,    "SPA Field Values:\n=================\n");
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "   Random Value: %s\n", rand_val == NULL ? "<NULL>" : rand_val);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "       Username: %s\n", username == NULL ? "<NULL>" : username);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "      Timestamp: %u\n", (unsigned int) timestamp);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "    FKO Version: %s\n", version == NULL ? "<NULL>" : version);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "   Message Type: %i (%s)\n", msg_type, msg_type_inttostr(msg_type));
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, " Message String: %s\n", spa_message == NULL ? "<NULL>" : spa_message);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "     Nat Access: %s\n", nat_access == NULL ? "<NULL>" : nat_access);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "    Server Auth: %s\n", server_auth == NULL ? "<NULL>" : server_auth);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, " Client Timeout: %u\n", client_timeout);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "    Digest Type: %u (%s)\n", digest_type, digest_str);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "      HMAC Type: %u (%s)\n", hmac_type, hmac_str);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "Encryption Type: %d (%s)\n", encryption_type, enc_type_inttostr(encryption_type));
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "Encryption Mode: %d (%s)\n", encryption_mode, enc_mode_str);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "   Encoded Data: %s\n", enc_data == NULL ? "<NULL>" : enc_data);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "SPA Data Digest: %s\n", spa_digest == NULL ? "<NULL>" : spa_digest);
+    cp += append_msg_to_buf(buf+cp, bytes_left-cp, "           HMAC: %s\n", hmac_data == NULL ? "<NULL>" : hmac_data);

    return(buf);
 }