diff options
| author | Jeremy Allison <jra@samba.org> | 2007-04-02 19:04:57 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:19:04 -0500 |
| commit | e5358d6c55cc0aae64447d32611bea4c249f0788 (patch) | |
| tree | 7adb9526c03a12e9f02c11e5e3c07f78ce6d98f6 /source3/lib/util.c | |
| parent | 6013b59b4456cd3989062e4428615b2aaa64a0cf (diff) | |
| download | samba-e5358d6c55cc0aae64447d32611bea4c249f0788.tar.gz samba-e5358d6c55cc0aae64447d32611bea4c249f0788.tar.bz2 samba-e5358d6c55cc0aae64447d32611bea4c249f0788.zip | |
r22042: Try and clean up my own mess using the API Volker
suggested. I now use :
BOOL is_offset_safe(const char *buf_base, size_t buf_len, char *ptr, size_t off)
char *get_safe_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off)
char *get_safe_str_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off)
int get_safe_SVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval)
int get_safe_IVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval)
Volker, please criticize and comment. Thanks,
Jeremy.
(This used to be commit d47af7c9263f519e7307859b6a696d854c5dfca3)
Diffstat (limited to 'source3/lib/util.c')
| -rw-r--r-- | source3/lib/util.c | 62 |
1 files changed, 56 insertions, 6 deletions
diff --git a/source3/lib/util.c b/source3/lib/util.c index b74c08991a..b558571a77 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -3126,24 +3126,74 @@ int this_is_smp(void) } /**************************************************************** - Return a safe offset into a buffer, or NULL. + Check if an offset into a buffer is safe. ****************************************************************/ -char *get_safe_offset(const char *buf_base, size_t buf_len, char *ptr, size_t off) +BOOL is_offset_safe(const char *buf_base, size_t buf_len, char *ptr, size_t off) { const char *end_base = buf_base + buf_len; char *end_ptr = ptr + off; if (!buf_base || !ptr) { - return NULL; + return False; } if (end_base < buf_base || end_ptr < ptr) { - return NULL; /* wrap. */ + return False; /* wrap. */ } if (end_ptr < end_base) { - return end_ptr; + return True; } - return NULL; + return False; +} + +/**************************************************************** + Return a safe pointer into a buffer, or NULL. +****************************************************************/ + +char *get_safe_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + return is_offset_safe(buf_base, buf_len, ptr, off) ? + ptr + off : NULL; +} + +/**************************************************************** + Return a safe pointer into a string within a buffer, or NULL. +****************************************************************/ + +char *get_safe_str_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + if (!is_offset_safe(buf_base, buf_len, ptr, off)) { + return NULL; + } + /* Check if a valid string exists at this offset. */ + if (skip_string(buf_base,buf_len, ptr + off, 1) == NULL) { + return NULL; + } + return ptr + off; +} + +/**************************************************************** + Return an SVAL at a pointer, or failval if beyond the end. +****************************************************************/ + +int get_safe_SVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) +{ + if (!is_offset_safe(buf_base, buf_len, ptr, off+2)) { + return failval; + } + return SVAL(ptr,0); +} + +/**************************************************************** + Return an IVAL at a pointer, or failval if beyond the end. +****************************************************************/ + +int get_safe_IVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) +{ + if (!is_offset_safe(buf_base, buf_len, ptr, off+4)) { + return failval; + } + return IVAL(ptr,0); } |