]> git.stg.codes - stg.git/blob - stglibs/smux.lib/ber_tlv_length.c
Proper checks for libs.
[stg.git] / stglibs / smux.lib / ber_tlv_length.c
1 /*-
2  * Copyright (c) 2003, 2004 Lev Walkin <vlm@lionet.info>. All rights reserved.
3  * Redistribution and modifications are permitted subject to BSD license.
4  */
5 #include <asn_internal.h>
6 #include <ber_tlv_length.h>
7 #include <ber_tlv_tag.h>
8
9 ssize_t
10 ber_fetch_length(int _is_constructed, const void *bufptr, size_t size,
11                 ber_tlv_len_t *len_r) {
12         const uint8_t *buf = (const uint8_t *)bufptr;
13         unsigned oct;
14
15         if(size == 0)
16                 return 0;       /* Want more */
17
18         oct = *(const uint8_t *)buf;
19         if((oct & 0x80) == 0) {
20                 /*
21                  * Short definite length.
22                  */
23                 *len_r = oct;   /* & 0x7F */
24                 return 1;
25         } else {
26                 ber_tlv_len_t len;
27                 size_t skipped;
28
29                 if(_is_constructed && oct == 0x80) {
30                         *len_r = -1;    /* Indefinite length */
31                         return 1;
32                 }
33
34                 if(oct == 0xff) {
35                         /* Reserved in standard for future use. */
36                         return -1;
37                 }
38
39                 oct &= 0x7F;    /* Leave only the 7 LS bits */
40                 for(len = 0, buf++, skipped = 1;
41                         oct && (++skipped <= size); buf++, oct--) {
42
43                         len = (len << 8) | *buf;
44                         if(len < 0
45                         || (len >> ((8 * sizeof(len)) - 8) && oct > 1)) {
46                                 /*
47                                  * Too large length value.
48                                  */
49                                 return -1;
50                         }
51                 }
52
53                 if(oct == 0) {
54                         ber_tlv_len_t lenplusepsilon = (size_t)len + 1024;
55                         /*
56                          * Here length may be very close or equal to 2G.
57                          * However, the arithmetics used in some decoders
58                          * may add some (small) quantities to the length,
59                          * to check the resulting value against some limits.
60                          * This may result in integer wrap-around, which
61                          * we try to avoid by checking it earlier here.
62                          */
63                         if(lenplusepsilon < 0) {
64                                 /* Too large length value */
65                                 return -1;
66                         }
67
68                         *len_r = len;
69                         return skipped;
70                 }
71
72                 return 0;       /* Want more */
73         }
74
75 }
76
77 ssize_t
78 ber_skip_length(asn_codec_ctx_t *opt_codec_ctx,
79                 int _is_constructed, const void *ptr, size_t size) {
80         ber_tlv_len_t vlen;     /* Length of V in TLV */
81         ssize_t ll;             /* Length of L in TLV */
82         size_t skip;
83
84         /*
85          * Make sure we didn't exceed the maximum stack size.
86          */
87         if(_ASN_STACK_OVERFLOW_CHECK(opt_codec_ctx))
88                 return -1;
89
90         /*
91          * Determine the size of L in TLV.
92          */
93         ll = ber_fetch_length(_is_constructed, ptr, size, &vlen);
94         if(ll <= 0) return ll;
95
96         /*
97          * Definite length.
98          */
99         if(vlen >= 0) {
100                 skip = ll + vlen;
101                 if(skip > size)
102                         return 0;       /* Want more */
103                 return skip;
104         }
105
106         /*
107          * Indefinite length!
108          */
109         ASN_DEBUG("Skipping indefinite length");
110         for(skip = ll, ptr = ((const char *)ptr) + ll, size -= ll;;) {
111                 ber_tlv_tag_t tag;
112
113                 /* Fetch the tag */
114                 ssize_t tl = ber_fetch_tag(ptr, size, &tag);
115                 if(tl <= 0) return tl;
116
117                 ll = ber_skip_length(opt_codec_ctx,
118                         BER_TLV_CONSTRUCTED(ptr),
119                         ((const char *)ptr) + tl, size - tl);
120                 if(ll <= 0) return ll;
121
122                 skip += tl + ll;
123
124                 /*
125                  * This may be the end of the indefinite length structure,
126                  * two consecutive 0 octets.
127                  * Check if it is true.
128                  */
129                 if(((const uint8_t *)ptr)[0] == 0
130                 && ((const uint8_t *)ptr)[1] == 0)
131                         return skip;
132
133                 ptr = ((const char *)ptr) + tl + ll;
134                 size -= tl + ll;
135         }
136
137         /* UNREACHABLE */
138 }
139
140 size_t
141 der_tlv_length_serialize(ber_tlv_len_t len, void *bufp, size_t size) {
142         size_t required_size;   /* Size of len encoding */
143         uint8_t *buf = (uint8_t *)bufp;
144         uint8_t *end;
145         size_t i;
146
147         if(len <= 127) {
148                 /* Encoded in 1 octet */
149                 if(size) *buf = (uint8_t)len;
150                 return 1;
151         }
152
153         /*
154          * Compute the size of the subsequent bytes.
155          */
156         for(required_size = 1, i = 8; i < 8 * sizeof(len); i += 8) {
157                 if(len >> i)
158                         required_size++;
159                 else
160                         break;
161         }
162
163         if(size <= required_size)
164                 return required_size + 1;
165
166         *buf++ = (uint8_t)(0x80 | required_size);  /* Length of the encoding */
167
168         /*
169          * Produce the len encoding, space permitting.
170          */
171         end = buf + required_size;
172         for(i -= 8; buf < end; i -= 8, buf++)
173                 *buf = (uint8_t)(len >> i);
174
175         return required_size + 1;
176 }
177