return sp->flags & KRB5_STORAGE_BYTEORDER_MASK;
}
+/**
+ * Set the max alloc value
+ *
+ * @param sp the storage buffer set the max allow for
+ * @param size maximum size to allocate, use 0 to remove limit
+ *
+ * @ingroup krb5_storage
+ */
+
+KRB5_LIB_FUNCTION void KRB5_LIB_CALL
+krb5_storage_set_max_alloc(krb5_storage *sp, size_t size)
+{
+ sp->max_alloc = size;
+}
+
+/* don't allocate unresonable amount of memory */
+static krb5_error_code
+size_too_large(krb5_storage *sp, size_t size)
+{
+ if (sp->max_alloc && sp->max_alloc < size)
+ return HEIM_ERR_TOO_BIG;
+ return 0;
+}
+
+static krb5_error_code
+size_too_large_num(krb5_storage *sp, size_t count, size_t size)
+{
+ if (sp->max_alloc == 0 || size == 0)
+ return 0;
+ size = sp->max_alloc / size;
+ if (size < count)
+ return HEIM_ERR_TOO_BIG;
+ return 0;
+}
+
/**
* Seek to a new offset.
*
pos = sp->seek(sp, 0, SEEK_CUR);
if (pos < 0)
return HEIM_ERR_NOT_SEEKABLE;
- size = (size_t)sp->seek(sp, 0, SEEK_END);
- if (size > (size_t)-1)
- return HEIM_ERR_TOO_BIG;
- ret = krb5_data_alloc (data, size);
+ size = sp->seek(sp, 0, SEEK_END);
+ ret = size_too_large(sp, size);
+ if (ret)
+ return ret;
+ ret = krb5_data_alloc(data, size);
if (ret) {
sp->seek(sp, pos, SEEK_SET);
return ret;
return EINVAL;
_krb5_put_int(v, value, len);
ret = sp->store(sp, v, len);
- if (ret != len)
- return (ret<0)?errno:sp->eof_code;
+ if (ret < 0)
+ return errno;
+ if ((size_t)ret != len)
+ return sp->eof_code;
return 0;
}
unsigned char v[4];
unsigned long w;
ret = sp->fetch(sp, v, len);
- if(ret != len)
- return (ret<0)?errno:sp->eof_code;
+ if (ret < 0)
+ return errno;
+ if ((size_t)ret != len)
+ return sp->eof_code;
_krb5_get_int(v, &w, len);
*value = w;
return 0;
if(ret < 0)
return ret;
ret = sp->store(sp, data.data, data.length);
- if(ret != data.length){
- if(ret < 0)
- return errno;
+ if(ret < 0)
+ return errno;
+ if((size_t)ret != data.length)
return sp->eof_code;
- }
return 0;
}
ret = krb5_ret_int32(sp, &size);
if(ret)
return ret;
+ ret = size_too_large(sp, size);
+ if (ret)
+ return ret;
ret = krb5_data_alloc (data, size);
if (ret)
return ret;
ssize_t ret;
ret = sp->store(sp, s, len);
- if(ret != len) {
- if(ret < 0)
- return ret;
- else
- return sp->eof_code;
- }
+ if(ret < 0)
+ return ret;
+ if((size_t)ret != len)
+ return sp->eof_code;
return 0;
}
char *tmp;
len++;
+ ret = size_too_large(sp, len);
+ if (ret)
+ break;
tmp = realloc (s, len);
if (tmp == NULL) {
free (s);
ssize_t ret;
ret = sp->store(sp, s, len);
- if(ret != len) {
- if(ret < 0)
- return ret;
- else
- return sp->eof_code;
- }
+ if(ret < 0)
+ return ret;
+ if((size_t)ret != len)
+ return sp->eof_code;
ret = sp->store(sp, "\n", 1);
if(ret != 1) {
if(ret < 0)
}
len++;
+ ret = size_too_large(sp, len);
+ if (ret)
+ break;
tmp = realloc (s, len);
if (tmp == NULL) {
free (s);
krb5_store_principal(krb5_storage *sp,
krb5_const_principal p)
{
- int i;
+ size_t i;
int ret;
if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) {
free(p);
return EINVAL;
}
+ ret = size_too_large_num(sp, ncomp, sizeof(p->name.name_string.val[0]));
+ if (ret) {
+ free(p);
+ return ret;
+ }
p->name.name_type = type;
p->name.name_string.len = ncomp;
ret = krb5_ret_string(sp, &p->realm);
free(p);
return ret;
}
- p->name.name_string.val = calloc(ncomp, sizeof(*p->name.name_string.val));
+ p->name.name_string.val = calloc(ncomp, sizeof(p->name.name_string.val[0]));
if(p->name.name_string.val == NULL && ncomp != 0){
free(p->realm);
free(p);
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_store_addrs(krb5_storage *sp, krb5_addresses p)
{
- int i;
+ size_t i;
int ret;
ret = krb5_store_int32(sp, p.len);
if(ret) return ret;
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_ret_addrs(krb5_storage *sp, krb5_addresses *adr)
{
- int i;
+ size_t i;
int ret;
int32_t tmp;
ret = krb5_ret_int32(sp, &tmp);
if(ret) return ret;
+ ret = size_too_large_num(sp, tmp, sizeof(adr->val[0]));
+ if (ret) return ret;
adr->len = tmp;
ALLOC(adr->val, adr->len);
if (adr->val == NULL && adr->len != 0)
krb5_store_authdata(krb5_storage *sp, krb5_authdata auth)
{
krb5_error_code ret;
- int i;
+ size_t i;
ret = krb5_store_int32(sp, auth.len);
if(ret) return ret;
for(i = 0; i < auth.len; i++){
int i;
ret = krb5_ret_int32(sp, &tmp);
if(ret) return ret;
+ ret = size_too_large_num(sp, tmp, sizeof(auth->val[0]));
+ if (ret) return ret;
ALLOC_SEQ(auth, tmp);
if (auth->val == NULL && tmp != 0)
return ENOMEM;
ret = krb5_ret_data (sp, &creds->second_ticket);
cleanup:
if(ret) {
-#if 0
+#if 0
krb5_free_cred_contents(context, creds); /* XXX */
#endif
}
cleanup:
if(ret) {
-#if 0
+#if 0
krb5_free_cred_contents(context, creds); /* XXX */
#endif
}
git.samba.org / samba.git / blobdiff