a_d2i_fp.c 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253
  1. /*
  2. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <limits.h>
  11. #include "internal/cryptlib.h"
  12. #include "internal/numbers.h"
  13. #include <openssl/buffer.h>
  14. #include <openssl/asn1.h>
  15. #include "internal/asn1.h"
  16. #include "crypto/asn1.h"
  17. #ifndef NO_OLD_ASN1
  18. # ifndef OPENSSL_NO_STDIO
  19. void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x)
  20. {
  21. BIO *b;
  22. void *ret;
  23. if ((b = BIO_new(BIO_s_file())) == NULL) {
  24. ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB);
  25. return NULL;
  26. }
  27. BIO_set_fp(b, in, BIO_NOCLOSE);
  28. ret = ASN1_d2i_bio(xnew, d2i, b, x);
  29. BIO_free(b);
  30. return ret;
  31. }
  32. # endif
  33. void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
  34. {
  35. BUF_MEM *b = NULL;
  36. const unsigned char *p;
  37. void *ret = NULL;
  38. int len;
  39. len = asn1_d2i_read_bio(in, &b);
  40. if (len < 0)
  41. goto err;
  42. p = (unsigned char *)b->data;
  43. ret = d2i(x, &p, len);
  44. err:
  45. BUF_MEM_free(b);
  46. return ret;
  47. }
  48. #endif
  49. void *ASN1_item_d2i_bio_ex(const ASN1_ITEM *it, BIO *in, void *x,
  50. OSSL_LIB_CTX *libctx, const char *propq)
  51. {
  52. BUF_MEM *b = NULL;
  53. const unsigned char *p;
  54. void *ret = NULL;
  55. int len;
  56. if (in == NULL)
  57. return NULL;
  58. len = asn1_d2i_read_bio(in, &b);
  59. if (len < 0)
  60. goto err;
  61. p = (const unsigned char *)b->data;
  62. ret = ASN1_item_d2i_ex(x, &p, len, it, libctx, propq);
  63. err:
  64. BUF_MEM_free(b);
  65. return ret;
  66. }
  67. void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
  68. {
  69. return ASN1_item_d2i_bio_ex(it, in, x, NULL, NULL);
  70. }
  71. #ifndef OPENSSL_NO_STDIO
  72. void *ASN1_item_d2i_fp_ex(const ASN1_ITEM *it, FILE *in, void *x,
  73. OSSL_LIB_CTX *libctx, const char *propq)
  74. {
  75. BIO *b;
  76. char *ret;
  77. if ((b = BIO_new(BIO_s_file())) == NULL) {
  78. ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB);
  79. return NULL;
  80. }
  81. BIO_set_fp(b, in, BIO_NOCLOSE);
  82. ret = ASN1_item_d2i_bio_ex(it, b, x, libctx, propq);
  83. BIO_free(b);
  84. return ret;
  85. }
  86. void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
  87. {
  88. return ASN1_item_d2i_fp_ex(it, in, x, NULL, NULL);
  89. }
  90. #endif
  91. #define HEADER_SIZE 8
  92. #define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
  93. int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
  94. {
  95. BUF_MEM *b;
  96. unsigned char *p;
  97. int i;
  98. size_t want = HEADER_SIZE;
  99. uint32_t eos = 0;
  100. size_t off = 0;
  101. size_t len = 0;
  102. size_t diff;
  103. const unsigned char *q;
  104. long slen;
  105. int inf, tag, xclass;
  106. b = BUF_MEM_new();
  107. if (b == NULL) {
  108. ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
  109. return -1;
  110. }
  111. ERR_set_mark();
  112. for (;;) {
  113. diff = len - off;
  114. if (want >= diff) {
  115. want -= diff;
  116. if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
  117. ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
  118. goto err;
  119. }
  120. i = BIO_read(in, &(b->data[len]), want);
  121. if (i < 0 && diff == 0) {
  122. ERR_raise(ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA);
  123. goto err;
  124. }
  125. if (i > 0) {
  126. if (len + i < len) {
  127. ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG);
  128. goto err;
  129. }
  130. len += i;
  131. }
  132. }
  133. /* else data already loaded */
  134. p = (unsigned char *)&(b->data[off]);
  135. q = p;
  136. diff = len - off;
  137. if (diff == 0)
  138. goto err;
  139. inf = ASN1_get_object(&q, &slen, &tag, &xclass, diff);
  140. if (inf & 0x80) {
  141. unsigned long e;
  142. e = ERR_GET_REASON(ERR_peek_last_error());
  143. if (e != ASN1_R_TOO_LONG)
  144. goto err;
  145. ERR_pop_to_mark();
  146. }
  147. i = q - p; /* header length */
  148. off += i; /* end of data */
  149. if (inf & 1) {
  150. /* no data body so go round again */
  151. if (eos == UINT32_MAX) {
  152. ERR_raise(ERR_LIB_ASN1, ASN1_R_HEADER_TOO_LONG);
  153. goto err;
  154. }
  155. eos++;
  156. want = HEADER_SIZE;
  157. } else if (eos && (slen == 0) && (tag == V_ASN1_EOC)) {
  158. /* eos value, so go back and read another header */
  159. eos--;
  160. if (eos == 0)
  161. break;
  162. else
  163. want = HEADER_SIZE;
  164. } else {
  165. /* suck in slen bytes of data */
  166. want = slen;
  167. if (want > (len - off)) {
  168. size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
  169. want -= (len - off);
  170. if (want > INT_MAX /* BIO_read takes an int length */ ||
  171. len + want < len) {
  172. ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG);
  173. goto err;
  174. }
  175. while (want > 0) {
  176. /*
  177. * Read content in chunks of increasing size
  178. * so we can return an error for EOF without
  179. * having to allocate the entire content length
  180. * in one go.
  181. */
  182. size_t chunk = want > chunk_max ? chunk_max : want;
  183. if (!BUF_MEM_grow_clean(b, len + chunk)) {
  184. ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
  185. goto err;
  186. }
  187. want -= chunk;
  188. while (chunk > 0) {
  189. i = BIO_read(in, &(b->data[len]), chunk);
  190. if (i <= 0) {
  191. ERR_raise(ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA);
  192. goto err;
  193. }
  194. /*
  195. * This can't overflow because |len+want| didn't
  196. * overflow.
  197. */
  198. len += i;
  199. chunk -= i;
  200. }
  201. if (chunk_max < INT_MAX/2)
  202. chunk_max *= 2;
  203. }
  204. }
  205. if (off + slen < off) {
  206. ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG);
  207. goto err;
  208. }
  209. off += slen;
  210. if (eos == 0) {
  211. break;
  212. } else
  213. want = HEADER_SIZE;
  214. }
  215. }
  216. if (off > INT_MAX) {
  217. ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG);
  218. goto err;
  219. }
  220. *pb = b;
  221. return off;
  222. err:
  223. ERR_clear_last_mark();
  224. BUF_MEM_free(b);
  225. return -1;
  226. }