summaryrefslogtreecommitdiff
path: root/src/providers/krb5
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2010-03-01 16:41:12 -0500
committerSimo Sorce <ssorce@redhat.com>2010-03-03 10:39:52 -0500
commit6adf5b8a078f2b37f2d3d91cd060b891c2a7efaa (patch)
tree78f1d2796c090e17d6c7cff2976c83ad0691d307 /src/providers/krb5
parent8615b37ca00ea7d25a7b984a773dbd72a0025171 (diff)
downloadsssd-6adf5b8a078f2b37f2d3d91cd060b891c2a7efaa.tar.gz
sssd-6adf5b8a078f2b37f2d3d91cd060b891c2a7efaa.tar.bz2
sssd-6adf5b8a078f2b37f2d3d91cd060b891c2a7efaa.zip
Improve safe alignment buffer handling macros
Make the counter optional so that alignment safe macros can be used also where there is no counter to update. Change arguments names so that they are not deceiving (ptr normlly identify a pointer) Turn the memcpy substitute into an inline function so that passing a pointer to rp and checking for it doesn't make the compiler spit lots of warnings.
Diffstat (limited to 'src/providers/krb5')
-rw-r--r--src/providers/krb5/krb5_auth.c33
-rw-r--r--src/providers/krb5/krb5_child.c30
2 files changed, 32 insertions, 31 deletions
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 0e5230c6..e46ee2b4 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -331,28 +331,29 @@ errno_t create_send_buffer(struct krb5child_req *kr, struct io_buffer **io_buf)
}
rp = 0;
- COPY_UINT32(&buf->data[rp], &kr->pd->cmd, rp);
- COPY_UINT32(&buf->data[rp], &kr->uid, rp);
- COPY_UINT32(&buf->data[rp], &kr->gid, rp);
- COPY_UINT32(&buf->data[rp], &validate, rp);
- COPY_UINT32(&buf->data[rp], &kr->is_offline, rp);
+ SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->pd->cmd, &rp);
+ SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->uid, &rp);
+ SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->gid, &rp);
+ SAFEALIGN_COPY_UINT32(&buf->data[rp], &validate, &rp);
+ SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->is_offline, &rp);
- COPY_UINT32_VALUE(&buf->data[rp], strlen(kr->upn), rp);
- COPY_MEM(&buf->data[rp], kr->upn, rp, strlen(kr->upn));
+ SAFEALIGN_SET_UINT32(&buf->data[rp], strlen(kr->upn), &rp);
+ safealign_memcpy(&buf->data[rp], kr->upn, strlen(kr->upn), &rp);
- COPY_UINT32_VALUE(&buf->data[rp], strlen(kr->ccname), rp);
- COPY_MEM(&buf->data[rp], kr->ccname, rp, strlen(kr->ccname));
+ SAFEALIGN_SET_UINT32(&buf->data[rp], strlen(kr->ccname), &rp);
+ safealign_memcpy(&buf->data[rp], kr->ccname, strlen(kr->ccname), &rp);
- COPY_UINT32_VALUE(&buf->data[rp], strlen(keytab), rp);
- COPY_MEM(&buf->data[rp], keytab, rp, strlen(keytab));
+ SAFEALIGN_SET_UINT32(&buf->data[rp], strlen(keytab), &rp);
+ safealign_memcpy(&buf->data[rp], keytab, strlen(keytab), &rp);
- COPY_UINT32(&buf->data[rp], &kr->pd->authtok_size, rp);
- COPY_MEM(&buf->data[rp], kr->pd->authtok, rp, kr->pd->authtok_size);
+ SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->pd->authtok_size, &rp);
+ safealign_memcpy(&buf->data[rp], kr->pd->authtok,
+ kr->pd->authtok_size, &rp);
if (kr->pd->cmd == SSS_PAM_CHAUTHTOK) {
- COPY_UINT32(&buf->data[rp], &kr->pd->newauthtok_size, rp);
- COPY_MEM(&buf->data[rp], kr->pd->newauthtok,
- rp, kr->pd->newauthtok_size);
+ SAFEALIGN_COPY_UINT32(&buf->data[rp], &kr->pd->newauthtok_size, &rp);
+ safealign_memcpy(&buf->data[rp], kr->pd->newauthtok,
+ kr->pd->newauthtok_size, &rp);
}
*io_buf = buf;
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index 08df5984..234b8389 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -264,17 +264,17 @@ static struct response *init_response(TALLOC_CTX *mem_ctx) {
static errno_t pack_response_packet(struct response *resp, int status, int type,
size_t len, const uint8_t *data)
{
- int p=0;
+ size_t p = 0;
if ((3*sizeof(int32_t) + len +1) > resp->max_size) {
DEBUG(1, ("response message too big.\n"));
return ENOMEM;
}
- COPY_INT32_VALUE(&resp->buf[p], status, p);
- COPY_INT32_VALUE(&resp->buf[p], type, p);
- COPY_INT32_VALUE(&resp->buf[p], len, p);
- COPY_MEM(&resp->buf[p], data, p, len);
+ SAFEALIGN_SET_INT32(&resp->buf[p], status, &p);
+ SAFEALIGN_SET_INT32(&resp->buf[p], type, &p);
+ SAFEALIGN_SET_INT32(&resp->buf[p], len, &p);
+ safealign_memcpy(&resp->buf[p], data, len, &p);
resp->size = p;
@@ -733,32 +733,32 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd,
uint32_t len;
uint32_t validate;
- COPY_UINT32_CHECK(&pd->cmd, buf + p, p, size);
- COPY_UINT32_CHECK(&kr->uid, buf + p, p, size);
- COPY_UINT32_CHECK(&kr->gid, buf + p, p, size);
- COPY_UINT32_CHECK(&validate, buf + p, p, size);
+ SAFEALIGN_COPY_UINT32_CHECK(&pd->cmd, buf + p, size, &p);
+ SAFEALIGN_COPY_UINT32_CHECK(&kr->uid, buf + p, size, &p);
+ SAFEALIGN_COPY_UINT32_CHECK(&kr->gid, buf + p, size, &p);
+ SAFEALIGN_COPY_UINT32_CHECK(&validate, buf + p, size, &p);
kr->validate = (validate == 0) ? false : true;
- COPY_UINT32_CHECK(offline, buf + p, p, size);
+ SAFEALIGN_COPY_UINT32_CHECK(offline, buf + p, size, &p);
- COPY_UINT32_CHECK(&len, buf + p, p, size);
+ SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p);
if ((p + len ) > size) return EINVAL;
kr->upn = talloc_strndup(pd, (char *)(buf + p), len);
if (kr->upn == NULL) return ENOMEM;
p += len;
- COPY_UINT32_CHECK(&len, buf + p, p, size);
+ SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p);
if ((p + len ) > size) return EINVAL;
kr->ccname = talloc_strndup(pd, (char *)(buf + p), len);
if (kr->ccname == NULL) return ENOMEM;
p += len;
- COPY_UINT32_CHECK(&len, buf + p, p, size);
+ SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p);
if ((p + len ) > size) return EINVAL;
kr->keytab = talloc_strndup(pd, (char *)(buf + p), len);
if (kr->keytab == NULL) return ENOMEM;
p += len;
- COPY_UINT32_CHECK(&len, buf + p, p, size);
+ SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p);
if ((p + len) > size) return EINVAL;
pd->authtok = (uint8_t *)talloc_strndup(pd, (char *)(buf + p), len);
if (pd->authtok == NULL) return ENOMEM;
@@ -766,7 +766,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd,
p += len;
if (pd->cmd == SSS_PAM_CHAUTHTOK) {
- COPY_UINT32_CHECK(&len, buf + p, p, size);
+ SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p);
if ((p + len) > size) return EINVAL;
pd->newauthtok = (uint8_t *)talloc_strndup(pd, (char *)(buf + p), len);