Skip to content

Commit 870619c

Browse files
eisenmann-b1sumit-bose
eisenmann-b1
authored and
sumit-bose
committed
sss_client: deduplicate string copying in pc_list_from_response
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com>
1 parent 0fc5280 commit 870619c

File tree

1 file changed

+47
-163
lines changed

1 file changed

+47
-163
lines changed

src/sss_client/pam_sss_prompt_config.c

Lines changed: 47 additions & 163 deletions
Original file line numberDiff line numberDiff line change
@@ -300,6 +300,31 @@ static errno_t pc_list_add_pc(struct prompt_config ***pc_list,
300300
return EOK;
301301
}
302302

303+
static errno_t pc_copy_string(size_t size, uint8_t *buf, size_t *off, char **out) {
304+
char *str;
305+
uint32_t l;
306+
size_t rp = *off;
307+
308+
if (rp > size || size - rp < sizeof(uint32_t)) {
309+
return EINVAL;
310+
}
311+
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
312+
313+
if (l > size - rp) {
314+
return EINVAL;
315+
}
316+
str = strndup((char *) buf + rp, l);
317+
if (str == NULL) {
318+
return ENOMEM;
319+
}
320+
rp += l;
321+
322+
*out = str;
323+
*off = rp;
324+
325+
return EOK;
326+
}
327+
303328
#define DEFAULT_PASSWORD_PROMPT _("Password: ")
304329
#define DEFAULT_2FA_SINGLE_PROMPT _("Password + Token value: ")
305330
#define DEFAULT_2FA_PROMPT_1ST _("First Factor: ")
@@ -774,7 +799,6 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
774799
int ret;
775800
uint32_t count;
776801
uint32_t type;
777-
uint32_t l;
778802
size_t rp;
779803
size_t c;
780804
struct prompt_config **pl = NULL;
@@ -799,22 +823,10 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
799823

800824
switch (type) {
801825
case PC_TYPE_PASSWORD:
802-
if (rp > size - sizeof(uint32_t)) {
803-
ret = EINVAL;
804-
goto done;
805-
}
806-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
807-
808-
if (l > size || rp > size - l) {
809-
ret = EINVAL;
810-
goto done;
811-
}
812-
str = strndup((char *) buf + rp, l);
813-
if (str == NULL) {
814-
ret = ENOMEM;
826+
ret = pc_copy_string(size, buf, &rp, &str);
827+
if (ret != 0) {
815828
goto done;
816829
}
817-
rp += l;
818830

819831
ret = pc_list_add_password(&pl, str);
820832
free(str);
@@ -823,42 +835,16 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
823835
}
824836
break;
825837
case PC_TYPE_2FA:
826-
if (rp > size - sizeof(uint32_t)) {
827-
ret = EINVAL;
828-
goto done;
829-
}
830-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
831-
832-
if (l > size || rp > size - l) {
833-
ret = EINVAL;
834-
goto done;
835-
}
836-
str = strndup((char *) buf + rp, l);
837-
if (str == NULL) {
838-
ret = ENOMEM;
839-
goto done;
840-
}
841-
rp += l;
842-
843-
if (rp > size - sizeof(uint32_t)) {
844-
free(str);
845-
ret = EINVAL;
838+
ret = pc_copy_string(size, buf, &rp, &str);
839+
if (ret != 0) {
846840
goto done;
847841
}
848-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
849842

850-
if (l > size || rp > size - l) {
843+
ret = pc_copy_string(size, buf, &rp, &str2);
844+
if (ret != 0) {
851845
free(str);
852-
ret = EINVAL;
853846
goto done;
854847
}
855-
str2 = strndup((char *) buf + rp, l);
856-
if (str2 == NULL) {
857-
free(str);
858-
ret = ENOMEM;
859-
goto done;
860-
}
861-
rp += l;
862848

863849
ret = pc_list_add_2fa(&pl, str, str2);
864850
free(str);
@@ -868,42 +854,16 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
868854
}
869855
break;
870856
case PC_TYPE_PASSKEY:
871-
if (rp > size - sizeof(uint32_t)) {
872-
ret = EINVAL;
873-
goto done;
874-
}
875-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
876-
877-
if (l > size || rp > size - l) {
878-
ret = EINVAL;
879-
goto done;
880-
}
881-
str = strndup((char *) buf + rp, l);
882-
if (str == NULL) {
883-
ret = ENOMEM;
857+
ret = pc_copy_string(size, buf, &rp, &str);
858+
if (ret != 0) {
884859
goto done;
885860
}
886-
rp += l;
887861

888-
if (rp > size - sizeof(uint32_t)) {
862+
ret = pc_copy_string(size, buf, &rp, &str2);
863+
if (ret != 0) {
889864
free(str);
890-
ret = EINVAL;
891865
goto done;
892866
}
893-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
894-
895-
if (l > size || rp > size - l) {
896-
free(str);
897-
ret = EINVAL;
898-
goto done;
899-
}
900-
str2 = strndup((char *) buf + rp, l);
901-
if (str2 == NULL) {
902-
free(str);
903-
ret = ENOMEM;
904-
goto done;
905-
}
906-
rp += l;
907867

908868
ret = pc_list_add_passkey(&pl, str, str2);
909869
free(str);
@@ -913,22 +873,10 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
913873
}
914874
break;
915875
case PC_TYPE_OAUTH2:
916-
if (rp > size - sizeof(uint32_t)) {
917-
ret = EINVAL;
918-
goto done;
919-
}
920-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
921-
922-
if (l > size || rp > size - l) {
923-
ret = EINVAL;
924-
goto done;
925-
}
926-
str = strndup((char *) buf + rp, l);
927-
if (str == NULL) {
928-
ret = ENOMEM;
876+
ret = pc_copy_string(size, buf, &rp, &str);
877+
if (ret != 0) {
929878
goto done;
930879
}
931-
rp += l;
932880

933881
ret = pc_list_add_oauth2(&pl, str);
934882
free(str);
@@ -937,22 +885,10 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
937885
}
938886
break;
939887
case PC_TYPE_2FA_SINGLE:
940-
if (rp > size - sizeof(uint32_t)) {
941-
ret = EINVAL;
888+
ret = pc_copy_string(size, buf, &rp, &str);
889+
if (ret != 0) {
942890
goto done;
943891
}
944-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
945-
946-
if (l > size || rp > size - l) {
947-
ret = EINVAL;
948-
goto done;
949-
}
950-
str = strndup((char *) buf + rp, l);
951-
if (str == NULL) {
952-
ret = ENOMEM;
953-
goto done;
954-
}
955-
rp += l;
956892

957893
ret = pc_list_add_2fa_single(&pl, str);
958894
free(str);
@@ -961,42 +897,16 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
961897
}
962898
break;
963899
case PC_TYPE_SMARTCARD:
964-
if (rp > size - sizeof(uint32_t)) {
965-
ret = EINVAL;
966-
goto done;
967-
}
968-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
969-
970-
if (l > size || rp > size - l) {
971-
ret = EINVAL;
972-
goto done;
973-
}
974-
str = strndup((char *) buf + rp, l);
975-
if (str == NULL) {
976-
ret = ENOMEM;
900+
ret = pc_copy_string(size, buf, &rp, &str);
901+
if (ret != 0) {
977902
goto done;
978903
}
979-
rp += l;
980904

981-
if (rp > size - sizeof(uint32_t)) {
905+
ret = pc_copy_string(size, buf, &rp, &str2);
906+
if (ret != 0) {
982907
free(str);
983-
ret = EINVAL;
984908
goto done;
985909
}
986-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
987-
988-
if (l > size || rp > size - l) {
989-
free(str);
990-
ret = EINVAL;
991-
goto done;
992-
}
993-
str2 = strndup((char *) buf + rp, l);
994-
if (str2 == NULL) {
995-
free(str);
996-
ret = ENOMEM;
997-
goto done;
998-
}
999-
rp += l;
1000910

1001911
ret = pc_list_add_smartcard(&pl, str, str2);
1002912
free(str);
@@ -1006,42 +916,16 @@ errno_t pc_list_from_response(int size, uint8_t *buf,
1006916
}
1007917
break;
1008918
case PC_TYPE_EIDP:
1009-
if (rp > size - sizeof(uint32_t)) {
1010-
ret = EINVAL;
919+
ret = pc_copy_string(size, buf, &rp, &str);
920+
if (ret != 0) {
1011921
goto done;
1012922
}
1013-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
1014923

1015-
if (l > size || rp > size - l) {
1016-
ret = EINVAL;
1017-
goto done;
1018-
}
1019-
str = strndup((char *) buf + rp, l);
1020-
if (str == NULL) {
1021-
ret = ENOMEM;
1022-
goto done;
1023-
}
1024-
rp += l;
1025-
1026-
if (rp > size - sizeof(uint32_t)) {
1027-
free(str);
1028-
ret = EINVAL;
1029-
goto done;
1030-
}
1031-
SAFEALIGN_COPY_UINT32(&l, buf + rp, &rp);
1032-
1033-
if (l > size || rp > size - l) {
1034-
free(str);
1035-
ret = EINVAL;
1036-
goto done;
1037-
}
1038-
str2 = strndup((char *) buf + rp, l);
1039-
if (str2 == NULL) {
924+
ret = pc_copy_string(size, buf, &rp, &str2);
925+
if (ret != 0) {
1040926
free(str);
1041-
ret = ENOMEM;
1042927
goto done;
1043928
}
1044-
rp += l;
1045929

1046930
ret = pc_list_add_eidp(&pl, str, str2);
1047931
free(str);

0 commit comments

Comments
 (0)