From 5fa85954e49406f5d9c05391f9f6774f8d04624d Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Fri, 14 Jan 2005 06:02:01 +0000 Subject: [PATCH] * authgss_prot.c (xdr_rpc_gss_wrap_data): Use xdr_alloc to avoid size limit issues. Use (unsigned int)-1 instead of MAX_NETOBJ_SZ. (xdr_rpc_gss_unwrap_data): Use (unsigned int)-1 instead of MAX_NETOBJ_SZ. * xdr.c (xdr_bytes): Don't assign from *sizep if XDR_FREE, since it'll be uninitialized then. Shuts up Purify. ticket: 2877 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17038 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/rpc/ChangeLog | 10 +++++++ src/lib/rpc/authgss_prot.c | 54 ++++++++++++++------------------------ src/lib/rpc/xdr.c | 5 ++-- 3 files changed, 32 insertions(+), 37 deletions(-) diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog index 4c4628565..23d6b8b75 100644 --- a/src/lib/rpc/ChangeLog +++ b/src/lib/rpc/ChangeLog @@ -1,3 +1,13 @@ +2005-01-14 Tom Yu + + * authgss_prot.c (xdr_rpc_gss_wrap_data): Use xdr_alloc to avoid + size limit issues. Use (unsigned int)-1 instead of MAX_NETOBJ_SZ. + (xdr_rpc_gss_unwrap_data): Use (unsigned int)-1 instead of + MAX_NETOBJ_SZ. + + * xdr.c (xdr_bytes): Don't assign from *sizep if XDR_FREE, since + it'll be uninitialized then. Shuts up Purify. + 2004-11-18 Tom Yu * Makefile.in (install-unix): Install into KRB5_INCDIR/gssrpc, diff --git a/src/lib/rpc/authgss_prot.c b/src/lib/rpc/authgss_prot.c index 0e8029abd..e648f47f7 100644 --- a/src/lib/rpc/authgss_prot.c +++ b/src/lib/rpc/authgss_prot.c @@ -129,54 +129,37 @@ xdr_rpc_gss_wrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, gss_ctx_id_t ctx, gss_qop_t qop, rpc_gss_svc_t svc, uint32_t seq) { + XDR tmpxdrs; gss_buffer_desc databuf, wrapbuf; OM_uint32 maj_stat, min_stat; - u_int start, end; int conf_state; bool_t xdr_stat; - u_int tmplen; - /* Skip databody length. */ - start = XDR_GETPOS(xdrs); - if (start > UINT_MAX - 4) - return (FALSE); - XDR_SETPOS(xdrs, start + 4); + xdralloc_create(&tmpxdrs, XDR_ENCODE); + + xdr_stat = FALSE; /* Marshal rpc_gss_data_t (sequence number + arguments). */ - if (!xdr_u_int32(xdrs, &seq) || !(*xdr_func)(xdrs, xdr_ptr)) - return (FALSE); - end = XDR_GETPOS(xdrs); - if (end < start + 4) - return (FALSE); + if (!xdr_u_int32(&tmpxdrs, &seq) || !(*xdr_func)(&tmpxdrs, xdr_ptr)) + goto errout; /* Set databuf to marshalled rpc_gss_data_t. */ - databuf.length = end - start - 4; - XDR_SETPOS(xdrs, start + 4); - databuf.value = XDR_INLINE(xdrs, (int)databuf.length); + databuf.length = xdr_getpos(&tmpxdrs); + databuf.value = xdralloc_getdata(&tmpxdrs); - xdr_stat = FALSE; - if (svc == RPCSEC_GSS_SVC_INTEGRITY) { - /* Marshal databody_integ length. */ - XDR_SETPOS(xdrs, start); - if (databuf.length > UINT_MAX) - return (FALSE); - else - tmplen = databuf.length; + if (!xdr_rpc_gss_buf(xdrs, &databuf, (unsigned int)-1)) + goto errout; - if (!xdr_u_int(xdrs, &tmplen)) - return (FALSE); - /* Checksum rpc_gss_data_t. */ maj_stat = gss_get_mic(&min_stat, ctx, qop, &databuf, &wrapbuf); if (maj_stat != GSS_S_COMPLETE) { log_debug("gss_get_mic failed"); - return (FALSE); + goto errout; } /* Marshal checksum. */ - XDR_SETPOS(xdrs, end); - xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ); + xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1); gss_release_buffer(&min_stat, &wrapbuf); } else if (svc == RPCSEC_GSS_SVC_PRIVACY) { @@ -185,13 +168,14 @@ xdr_rpc_gss_wrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, &conf_state, &wrapbuf); if (maj_stat != GSS_S_COMPLETE) { log_status("gss_wrap", maj_stat, min_stat); - return (FALSE); + goto errout; } /* Marshal databody_priv. */ - XDR_SETPOS(xdrs, start); - xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ); + xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1); gss_release_buffer(&min_stat, &wrapbuf); } +errout: + xdr_destroy(&tmpxdrs); return (xdr_stat); } @@ -216,12 +200,12 @@ xdr_rpc_gss_unwrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, if (svc == RPCSEC_GSS_SVC_INTEGRITY) { /* Decode databody_integ. */ - if (!xdr_rpc_gss_buf(xdrs, &databuf, MAX_NETOBJ_SZ)) { + if (!xdr_rpc_gss_buf(xdrs, &databuf, (unsigned int)-1)) { log_debug("xdr decode databody_integ failed"); return (FALSE); } /* Decode checksum. */ - if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ)) { + if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1)) { gss_release_buffer(&min_stat, &databuf); log_debug("xdr decode checksum failed"); return (FALSE); @@ -239,7 +223,7 @@ xdr_rpc_gss_unwrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, } else if (svc == RPCSEC_GSS_SVC_PRIVACY) { /* Decode databody_priv. */ - if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ)) { + if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1)) { log_debug("xdr decode databody_priv failed"); return (FALSE); } diff --git a/src/lib/rpc/xdr.c b/src/lib/rpc/xdr.c index ec0d27717..7e13fd631 100644 --- a/src/lib/rpc/xdr.c +++ b/src/lib/rpc/xdr.c @@ -409,9 +409,10 @@ xdr_bytes( if (! xdr_u_int(xdrs, sizep)) { return (FALSE); } - nodesize = *sizep; - if ((nodesize > maxsize) && (xdrs->x_op != XDR_FREE)) { + if ((xdrs->x_op != XDR_FREE) && (*sizep > maxsize)) { return (FALSE); + } else { + nodesize = *sizep; } /* -- 2.26.2