1 files changed, 79 insertions, 78 deletions
diff --git a/networking/udhcp/domain_codec.c b/networking/udhcp/domain_codec.c
index 752c0a863..eab4da68b 100644
--- a/networking/udhcp/domain_codec.c
+++ b/networking/udhcp/domain_codec.c
@@ -10,10 +10,14 @@
 # define _GNU_SOURCE
 # define FAST_FUNC /* nothing */
 # define xmalloc malloc
+# define xzalloc(s) calloc(s, 1)
+# define xstrdup strdup
+# define xrealloc realloc
 # include <stdlib.h>
 # include <stdint.h>
 # include <string.h>
 # include <stdio.h>
+# include <ctype.h>
 #else
 # include "common.h"
 #endif
@@ -26,86 +30,77 @@
 /* Expand a RFC1035-compressed list of domain names "cstr", of length "clen";
- * returns a newly allocated string containing the space-separated domains,
+ * return a newly allocated string containing the space-separated domains,
 * prefixed with the contents of string pre, or NULL if an error occurs.
 */
 char* FAST_FUNC dname_dec(const uint8_t *cstr, int clen, const char *pre)
 {
-        char *ret = ret; /* for compiler */
+        char *ret, *end;
-        char *dst = NULL;
+        unsigned len, crtpos, retpos, depth;
-        /* We make two passes over the cstr string. First, we compute
+        crtpos = retpos = depth = 0;
-         * how long the resulting string would be. Then we allocate a
+        len = strlen(pre);
-         * new buffer of the required length, and fill it in with the
+        end = ret = xstrdup(pre);
-         * expanded content. The advantage of this approach is not
-         * having to deal with requiring callers to supply their own
+        /* Scan the string once, allocating new memory as needed */
-         * buffer, then having to check if it's sufficiently large, etc.
+        while (crtpos < clen) {
-         */
-        while (1) {
-                /* note: "return NULL" below are leak-safe since
-                 * dst isn't allocated yet */
                const uint8_t *c;
-                unsigned crtpos, retpos, depth, len;
+                c = cstr + crtpos;
-                crtpos = retpos = depth = len = 0;
+                if ((*c & NS_CMPRSFLGS) == NS_CMPRSFLGS) {
-                while (crtpos < clen) {
+                        /* pointer */
-                        c = cstr + crtpos;
+                        if (crtpos + 2 > clen) /* no offset to jump to? abort */
+                                goto error;
+                        if (retpos == 0) /* toplevel? save return spot */
+                                retpos = crtpos + 2;
+                        depth++;
+                        crtpos = ((c[0] << 8) | c[1]) & 0x3fff; /* jump */
+                } else if (*c) {
+                        unsigned label_len;
+                        /* label */
+                        if (crtpos + *c + 1 > clen) /* label too long? abort */
+                                goto error;
+                        ret = xrealloc(ret, len + *c + 1);
+                        /* \3com ---> "com." */
+                        end = (char *)mempcpy(ret + len, c + 1, *c);
+                        *end = '.';
-                        if ((*c & NS_CMPRSFLGS) == NS_CMPRSFLGS) {
+                        label_len = *c + 1;
-                                /* pointer */
+                        len += label_len;
-                                if (crtpos + 2 > clen) /* no offset to jump to? abort */
+                        crtpos += label_len;
-                                        return NULL;
+                } else {
-                                if (retpos == 0) /* toplevel? save return spot */
+                        /* NUL: end of current domain name */
-                                        retpos = crtpos + 2;
+                        if (retpos == 0) {
-                                depth++;
+                                /* toplevel? keep going */
-                                crtpos = ((c[0] & 0x3f) << 8) | c[1]; /* jump */
+                                crtpos++;
-                        } else if (*c) {
-                                /* label */
-                                if (crtpos + *c + 1 > clen) /* label too long? abort */
-                                        return NULL;
-                                if (dst)
-                                        /* \3com ---> "com." */
-                                        ((char*)mempcpy(dst + len, c + 1, *c))[0] = '.';
-                                len += *c + 1;
-                                crtpos += *c + 1;
                        } else {
-                                /* NUL: end of current domain name */
+                                /* return to toplevel saved spot */
-                                if (retpos == 0) {
+                                crtpos = retpos;
-                                        /* toplevel? keep going */
+                                retpos = depth = 0;
-                                        crtpos++;
-                                } else {
-                                        /* return to toplevel saved spot */
-                                        crtpos = retpos;
-                                        retpos = depth = 0;
-                                }
-                                if (dst && len != 0)
-                                        /* \4host\3com\0\4host and we are at \0:
-                                         * \3com was converted to "com.", change dot to space.
-                                         */
-                                        dst[len - 1] = ' ';
                        }
-                        if (depth > NS_MAXDNSRCH /* too many jumps? abort, it's a loop */
+                        if (len != 0) {
-                         || len > NS_MAXDNAME * NS_MAXDNSRCH /* result too long? abort */
+                                /* \4host\3com\0\4host and we are at \0:
-                        ) {
+                                 * \3com was converted to "com.", change dot to space.
-                                return NULL;
+                                 */
+                                ret[len - 1] = ' ';
                        }
                }
-                if (!len) /* expanded string has 0 length? abort */
+                if (depth > NS_MAXDNSRCH /* too many jumps? abort, it's a loop */
-                        return NULL;
+                 || len > NS_MAXDNAME * NS_MAXDNSRCH /* result too long? abort */
+                ) {
-                if (!dst) { /* first pass? */
+                        goto error;
-                        /* allocate dst buffer and copy pre */
-                        unsigned plen = strlen(pre);
-                        ret = xmalloc(plen + len);
-                        dst = stpcpy(ret, pre);
-                } else {
-                        dst[len - 1] = '\0';
-                        break;
                }
        }
+        if (ret == end) { /* expanded string is empty? abort */
+ error:
+                free(ret);
+                return NULL;
+        }
+        *end = '\0';
        return ret;
 }
@@ -115,42 +110,40 @@ char* FAST_FUNC dname_dec(const uint8_t *cstr, int clen, const char *pre)
 */
 static uint8_t *convert_dname(const char *src, int *retlen)
 {
-        uint8_t c, *res, *lenptr, *dst;
+        uint8_t *res, *lenptr, *dst;
-        int len;
-        res = xmalloc(strlen(src) + 2);
+        res = xzalloc(strlen(src) + 2);
        dst = lenptr = res;
        dst++;
        for (;;) {
+                uint8_t c;
+                int len;
                c = (uint8_t)*src++;
                if (c == '.' || c == '\0') {  /* end of label */
                        len = dst - lenptr - 1;
-                        /* label too long, too short, or two '.'s in a row? abort */
+                        /* label too long, too short, or two '.'s in a row (len will be 0) */
-                        if (len > NS_MAXLABEL || len == 0 || (c == '.' && *src == '.')) {
+                        if (len > NS_MAXLABEL || len == 0)
-                                free(res);
+                                goto error;
-                                *retlen = 0;
-                                return NULL;
-                        }
                        *lenptr = len;
                        if (c == '\0' || *src == '\0')  /* "" or ".": end of src */
                                break;
                        lenptr = dst++;
                        continue;
                }
-                if (c >= 'A' && c <= 'Z')  /* uppercase? convert to lower */
+                *dst++ = tolower(c);
-                        c += ('a' - 'A');
-                *dst++ = c;
        }
-        if (dst - res >= NS_MAXCDNAME) {  /* dname too long? abort */
+        *retlen = dst + 1 - res;
+        if (*retlen > NS_MAXCDNAME) {  /* dname too long? abort */
+ error:
                free(res);
                *retlen = 0;
                return NULL;
        }
-        *dst++ = 0;
-        *retlen = dst - res;
        return res;
 }
@@ -245,6 +238,7 @@ int main(int argc, char **argv)
        printf("test4:'%s'\n", DNAME_DEC("\4host\3com\0\xC0\5", ""));
        printf("test5:'%s'\n", DNAME_DEC("\4host\3com\0\xC0\5\1z\xC0\xA", ""));
+#if 0
 #define DNAME_ENC(cache,source,lenp) dname_enc((uint8_t*)(cache), sizeof(cache), (source), (lenp))
        encoded = dname_enc(NULL, 0, "test.net", &len);
        printf("test6:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
@@ -252,6 +246,13 @@ int main(int argc, char **argv)
        printf("test7:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
        encoded = DNAME_ENC("\4test\3net\0", "test.net", &len);
        printf("test8:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
+#endif
+        encoded = dname_enc("test.net", &len);
+        printf("test6:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
+        encoded = dname_enc("test.host.com", &len);
+        printf("test7:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
        return 0;
 }
 #endif

diff --git a/networking/udhcp/domain_codec.c b/networking/udhcp/domain_codec.c index 752c0a863..eab4da68b 100644 --- a/networking/udhcp/domain_codec.c +++ b/networking/udhcp/domain_codec.c
@@ -10,10 +10,14 @@
10	# define _GNU_SOURCE	10	# define _GNU_SOURCE
11	# define FAST_FUNC /* nothing */	11	# define FAST_FUNC /* nothing */
12	# define xmalloc malloc	12	# define xmalloc malloc
		13	# define xzalloc(s) calloc(s, 1)
		14	# define xstrdup strdup
		15	# define xrealloc realloc
13	# include <stdlib.h>	16	# include <stdlib.h>
14	# include <stdint.h>	17	# include <stdint.h>
15	# include <string.h>	18	# include <string.h>
16	# include <stdio.h>	19	# include <stdio.h>
		20	# include <ctype.h>
17	#else	21	#else
18	# include "common.h"	22	# include "common.h"
19	#endif	23	#endif
@@ -26,86 +30,77 @@
26		30
27		31
28	/* Expand a RFC1035-compressed list of domain names "cstr", of length "clen";	32	/* Expand a RFC1035-compressed list of domain names "cstr", of length "clen";
29	* returns a newly allocated string containing the space-separated domains,	33	* return a newly allocated string containing the space-separated domains,
30	* prefixed with the contents of string pre, or NULL if an error occurs.	34	* prefixed with the contents of string pre, or NULL if an error occurs.
31	*/	35	*/
32	char* FAST_FUNC dname_dec(const uint8_t cstr, int clen, const char pre)	36	char* FAST_FUNC dname_dec(const uint8_t cstr, int clen, const char pre)
33	{	37	{
34	char ret = ret; / for compiler */	38	char ret, end;
35	char *dst = NULL;	39	unsigned len, crtpos, retpos, depth;
36		40
37	/* We make two passes over the cstr string. First, we compute	41	crtpos = retpos = depth = 0;
38	* how long the resulting string would be. Then we allocate a	42	len = strlen(pre);
39	* new buffer of the required length, and fill it in with the	43	end = ret = xstrdup(pre);
40	* expanded content. The advantage of this approach is not	44
41	* having to deal with requiring callers to supply their own	45	/* Scan the string once, allocating new memory as needed */
42	* buffer, then having to check if it's sufficiently large, etc.	46	while (crtpos < clen) {
43	*/
44	while (1) {
45	/* note: "return NULL" below are leak-safe since
46	* dst isn't allocated yet */
47	const uint8_t *c;	47	const uint8_t *c;
48	unsigned crtpos, retpos, depth, len;	48	c = cstr + crtpos;
49		49
50	crtpos = retpos = depth = len = 0;	50	if ((*c & NS_CMPRSFLGS) == NS_CMPRSFLGS) {
51	while (crtpos < clen) {	51	/* pointer */
52	c = cstr + crtpos;	52	if (crtpos + 2 > clen) /* no offset to jump to? abort */
		53	goto error;
		54	if (retpos == 0) /* toplevel? save return spot */
		55	retpos = crtpos + 2;
		56	depth++;
		57	crtpos = ((c[0] << 8) \| c[1]) & 0x3fff; /* jump */
		58	} else if (*c) {
		59	unsigned label_len;
		60	/* label */
		61	if (crtpos + c + 1 > clen) / label too long? abort */
		62	goto error;
		63	ret = xrealloc(ret, len + *c + 1);
		64	/* \3com ---> "com." */
		65	end = (char )mempcpy(ret + len, c + 1, c);
		66	*end = '.';
53		67
54	if ((*c & NS_CMPRSFLGS) == NS_CMPRSFLGS) {	68	label_len = *c + 1;
55	/* pointer */	69	len += label_len;
56	if (crtpos + 2 > clen) /* no offset to jump to? abort */	70	crtpos += label_len;
57	return NULL;	71	} else {
58	if (retpos == 0) /* toplevel? save return spot */	72	/* NUL: end of current domain name */
59	retpos = crtpos + 2;	73	if (retpos == 0) {
60	depth++;	74	/* toplevel? keep going */
61	crtpos = ((c[0] & 0x3f) << 8) \| c[1]; /* jump */	75	crtpos++;
62	} else if (*c) {
63	/* label */
64	if (crtpos + c + 1 > clen) / label too long? abort */
65	return NULL;
66	if (dst)
67	/* \3com ---> "com." */
68	((char)mempcpy(dst + len, c + 1, c))[0] = '.';
69	len += *c + 1;
70	crtpos += *c + 1;
71	} else {	76	} else {
72	/* NUL: end of current domain name */	77	/* return to toplevel saved spot */
73	if (retpos == 0) {	78	crtpos = retpos;
74	/* toplevel? keep going */	79	retpos = depth = 0;
75	crtpos++;
76	} else {
77	/* return to toplevel saved spot */
78	crtpos = retpos;
79	retpos = depth = 0;
80	}
81	if (dst && len != 0)
82	/* \4host\3com\0\4host and we are at \0:
83	* \3com was converted to "com.", change dot to space.
84	*/
85	dst[len - 1] = ' ';
86	}	80	}
87		81
88	if (depth > NS_MAXDNSRCH /* too many jumps? abort, it's a loop */	82	if (len != 0) {
89	\|\| len > NS_MAXDNAME * NS_MAXDNSRCH /* result too long? abort */	83	/* \4host\3com\0\4host and we are at \0:
90	) {	84	* \3com was converted to "com.", change dot to space.
91	return NULL;	85	*/
		86	ret[len - 1] = ' ';
92	}	87	}
93	}	88	}
94		89
95	if (!len) /* expanded string has 0 length? abort */	90	if (depth > NS_MAXDNSRCH /* too many jumps? abort, it's a loop */
96	return NULL;	91	\|\| len > NS_MAXDNAME * NS_MAXDNSRCH /* result too long? abort */
97		92	) {
98	if (!dst) { /* first pass? */	93	goto error;
99	/* allocate dst buffer and copy pre */
100	unsigned plen = strlen(pre);
101	ret = xmalloc(plen + len);
102	dst = stpcpy(ret, pre);
103	} else {
104	dst[len - 1] = '\0';
105	break;
106	}	94	}
107	}	95	}
108		96
		97	if (ret == end) { /* expanded string is empty? abort */
		98	error:
		99	free(ret);
		100	return NULL;
		101	}
		102
		103	*end = '\0';
109	return ret;	104	return ret;
110	}	105	}
111		106
@@ -115,42 +110,40 @@ char* FAST_FUNC dname_dec(const uint8_t cstr, int clen, const char pre)
115	*/	110	*/
116	static uint8_t convert_dname(const char src, int *retlen)	111	static uint8_t convert_dname(const char src, int *retlen)
117	{	112	{
118	uint8_t c, res, lenptr, *dst;	113	uint8_t res, lenptr, *dst;
119	int len;
120		114
121	res = xmalloc(strlen(src) + 2);	115	res = xzalloc(strlen(src) + 2);
122	dst = lenptr = res;	116	dst = lenptr = res;
123	dst++;	117	dst++;
124		118
125	for (;;) {	119	for (;;) {
		120	uint8_t c;
		121	int len;
		122
126	c = (uint8_t)*src++;	123	c = (uint8_t)*src++;
127	if (c == '.' \|\| c == '\0') { /* end of label */	124	if (c == '.' \|\| c == '\0') { /* end of label */
128	len = dst - lenptr - 1;	125	len = dst - lenptr - 1;
129	/* label too long, too short, or two '.'s in a row? abort */	126	/* label too long, too short, or two '.'s in a row (len will be 0) */
130	if (len > NS_MAXLABEL \|\| len == 0 \|\| (c == '.' && *src == '.')) {	127	if (len > NS_MAXLABEL \|\| len == 0)
131	free(res);	128	goto error;
132	*retlen = 0;	129
133	return NULL;
134	}
135	*lenptr = len;	130	*lenptr = len;
136	if (c == '\0' \|\| src == '\0') / "" or ".": end of src */	131	if (c == '\0' \|\| src == '\0') / "" or ".": end of src */
137	break;	132	break;
138	lenptr = dst++;	133	lenptr = dst++;
139	continue;	134	continue;
140	}	135	}
141	if (c >= 'A' && c <= 'Z') /* uppercase? convert to lower */	136	*dst++ = tolower(c);
142	c += ('a' - 'A');
143	*dst++ = c;
144	}	137	}
145		138
146	if (dst - res >= NS_MAXCDNAME) { /* dname too long? abort */	139	*retlen = dst + 1 - res;
		140	if (retlen > NS_MAXCDNAME) { / dname too long? abort */
		141	error:
147	free(res);	142	free(res);
148	*retlen = 0;	143	*retlen = 0;
149	return NULL;	144	return NULL;
150	}	145	}
151		146
152	*dst++ = 0;
153	*retlen = dst - res;
154	return res;	147	return res;
155	}	148	}
156		149
@@ -245,6 +238,7 @@ int main(int argc, char **argv)
245	printf("test4:'%s'\n", DNAME_DEC("\4host\3com\0\xC0\5", ""));	238	printf("test4:'%s'\n", DNAME_DEC("\4host\3com\0\xC0\5", ""));
246	printf("test5:'%s'\n", DNAME_DEC("\4host\3com\0\xC0\5\1z\xC0\xA", ""));	239	printf("test5:'%s'\n", DNAME_DEC("\4host\3com\0\xC0\5\1z\xC0\xA", ""));
247		240
		241	#if 0
248	#define DNAME_ENC(cache,source,lenp) dname_enc((uint8_t*)(cache), sizeof(cache), (source), (lenp))	242	#define DNAME_ENC(cache,source,lenp) dname_enc((uint8_t*)(cache), sizeof(cache), (source), (lenp))
249	encoded = dname_enc(NULL, 0, "test.net", &len);	243	encoded = dname_enc(NULL, 0, "test.net", &len);
250	printf("test6:'%s' len:%d\n", dname_dec(encoded, len, ""), len);	244	printf("test6:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
@@ -252,6 +246,13 @@ int main(int argc, char **argv)
252	printf("test7:'%s' len:%d\n", dname_dec(encoded, len, ""), len);	246	printf("test7:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
253	encoded = DNAME_ENC("\4test\3net\0", "test.net", &len);	247	encoded = DNAME_ENC("\4test\3net\0", "test.net", &len);
254	printf("test8:'%s' len:%d\n", dname_dec(encoded, len, ""), len);	248	printf("test8:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
		249	#endif
		250
		251	encoded = dname_enc("test.net", &len);
		252	printf("test6:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
		253	encoded = dname_enc("test.host.com", &len);
		254	printf("test7:'%s' len:%d\n", dname_dec(encoded, len, ""), len);
		255
255	return 0;	256	return 0;
256	}	257	}
257	#endif	258	#endif