Save as NULL terminated strings only US-ASCII values

kosmas-valianos · kosmas-valianos · commit 1a9c7bcf8a61 · 2022-03-20T10:14:03.000+01:00
diff --git a/src/proxy_protocol.c b/src/proxy_protocol.c
@@ -154,7 +154,7 @@ static const char *errors[] = {
 
 const char *pp_strerror(int32_t error)
 {
-    if (error < ERR_PP1_DST_PORT || error > ERR_NULL)
+    if (error < ERR_HEAP_ALLOC || error > ERR_NULL)
     {
         return NULL;
     }
@@ -214,6 +214,27 @@ static uint8_t tlv_array_append_tlv(tlv_array_t *tlv_array, tlv_t *tlv)
     return 1;
 }
 
+static uint8_t tlv_array_append_tlv_new(tlv_array_t *tlv_array, uint8_t type, uint16_t length, const void *value)
+{
+    tlv_t *tlv = tlv_new(type, length, value);
+    if (!tlv || !tlv_array_append_tlv(tlv_array, tlv))
+    {
+        return 0;
+    }
+    return 1;
+}
+
+static uint8_t tlv_array_append_tlv_new_usascii(tlv_array_t *tlv_array, uint8_t type, uint16_t length, const void *value)
+{
+    tlv_t *tlv = tlv_new(type, length + 1, value);
+    if (!tlv || !tlv_array_append_tlv(tlv_array, tlv))
+    {
+        return 0;
+    }
+    tlv->value[length] = '\0';
+    return 1;
+}
+
 static void tlv_array_clear(tlv_array_t *tlv_array)
 {
     uint32_t i;
@@ -653,28 +674,14 @@ static int32_t ppv2_parse(uint8_t *pkt, uint32_t pktlen, pp_info_t *pp_info)
 
         switch (pp2_tlv->type)
         {
-        case PP2_TYPE_ALPN:
-        {
-            tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, pp2_tlv->value);
-            if (!tlv || !tlv_array_append_tlv(&pp_info->tlv_array, tlv))
-            {
-                return ERR_HEAP_ALLOC;
-            }
-            break;
-        }
-        case PP2_TYPE_AUTHORITY:
-        case PP2_TYPE_NETNS:
-        {
-            /* +1 to save it as a string */
-            tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len + 1, pp2_tlv->value);
-            if (!tlv || !tlv_array_append_tlv(&pp_info->tlv_array, tlv))
+        case PP2_TYPE_ALPN:      /* Byte sequence */
+        case PP2_TYPE_AUTHORITY: /* UTF8 */
+            if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))
             {
                 return ERR_HEAP_ALLOC;
             }
-            tlv->value[pp2_tlv_len] = '\0';
             break;
-        }
-        case PP2_TYPE_CRC32C:
+        case PP2_TYPE_CRC32C: /* 32-bit number */
         {
             if (pp2_tlv_len != sizeof(uint32_t))
             {
@@ -695,28 +702,24 @@ static int32_t ppv2_parse(uint8_t *pkt, uint32_t pktlen, pp_info_t *pp_info)
                 return ERR_PP2_TYPE_CRC32C;
             }
 
-            tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, &crc32c_chksum);
-            if (!tlv || !tlv_array_append_tlv(&pp_info->tlv_array, tlv))
+            if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, &crc32c_chksum))
             {
                 return ERR_HEAP_ALLOC;
             }
             break;
         }
         case PP2_TYPE_NOOP:
             break;
-        case PP2_TYPE_UNIQUE_ID:
-        {
+        case PP2_TYPE_UNIQUE_ID: /* Byte sequence */
             if (pp2_tlv_len > 128)
             {
                 return ERR_PP2_TYPE_UNIQUE_ID;
             }
-            tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, pp2_tlv->value);
-            if (!tlv || !tlv_array_append_tlv(&pp_info->tlv_array, tlv))
+            if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))
             {
                 return ERR_HEAP_ALLOC;
             }
             break;
-        }
         case PP2_TYPE_SSL:
         {
             pp2_tlv_ssl_t *pp2_tlv_ssl = (pp2_tlv_ssl_t*)pp2_tlv->value;
@@ -728,26 +731,32 @@ static int32_t ppv2_parse(uint8_t *pkt, uint32_t pktlen, pp_info_t *pp_info)
                 {
                     break;
                 }
+                if (pp2_sub_tlv_offset > pp2_tlvs_ssl_len)
+                {
+                    return ERR_PP2_TYPE_SSL;
+                }
                 pp2_tlv_t *pp2_sub_tlv_ssl = (pp2_tlv_t * )((uint8_t*) pp2_tlv_ssl->sub_tlv + pp2_sub_tlv_offset);
-                uint16_t pp2_sub_tlv_ssl_len;
+                uint16_t pp2_sub_tlv_ssl_len = pp2_sub_tlv_ssl->length_hi << 8 | pp2_sub_tlv_ssl->length_lo;
                 switch (pp2_sub_tlv_ssl->type)
                 {
-                case PP2_SUBTYPE_SSL_VERSION:
-                case PP2_SUBTYPE_SSL_CN:
-                case PP2_SUBTYPE_SSL_CIPHER:
-                case PP2_SUBTYPE_SSL_SIG_ALG:
-                case PP2_SUBTYPE_SSL_KEY_ALG:
+                case PP2_SUBTYPE_SSL_VERSION: /* US-ASCII */
+                case PP2_SUBTYPE_SSL_CIPHER:  /* US-ASCII */
+                case PP2_SUBTYPE_SSL_SIG_ALG: /* US-ASCII */
+                case PP2_SUBTYPE_SSL_KEY_ALG: /* US-ASCII */
                 {
-                    pp2_sub_tlv_ssl_len = pp2_sub_tlv_ssl->length_hi << 8 | pp2_sub_tlv_ssl->length_lo;
                     /* +1 to save it as a string */
-                    tlv_t *tlv = tlv_new(pp2_sub_tlv_ssl->type, pp2_sub_tlv_ssl_len + 1, pp2_sub_tlv_ssl->value);
-                    if (!tlv || !tlv_array_append_tlv(&pp_info->tlv_array, tlv))
+                    if (!tlv_array_append_tlv_new_usascii(&pp_info->tlv_array, pp2_sub_tlv_ssl->type, pp2_sub_tlv_ssl_len, pp2_sub_tlv_ssl->value))
                     {
                         return ERR_HEAP_ALLOC;
                     }
-                    tlv->value[pp2_sub_tlv_ssl_len] = '\0';
                     break;
                 }
+                case PP2_SUBTYPE_SSL_CN: /* UTF8 */
+                    if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_sub_tlv_ssl->type, pp2_sub_tlv_ssl_len, pp2_sub_tlv_ssl->value))
+                    {
+                        return ERR_HEAP_ALLOC;
+                    }
+                    break;
                 default:
                     return ERR_PP2_TYPE_SSL;
                 }
@@ -757,6 +766,12 @@ static int32_t ppv2_parse(uint8_t *pkt, uint32_t pktlen, pp_info_t *pp_info)
             }
             break;
         }
+        case PP2_TYPE_NETNS: /* US-ASCII */
+            if (!tlv_array_append_tlv_new_usascii(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))
+            {
+                return ERR_HEAP_ALLOC;
+            }
+            break;
         case PP2_TYPE_AWS:
         {
             if (pp2_tlv_len < sizeof(pp2_tlv_aws_t))
@@ -765,15 +780,13 @@ static int32_t ppv2_parse(uint8_t *pkt, uint32_t pktlen, pp_info_t *pp_info)
             }
             pp2_tlv_aws_t *pp2_tlv_aws = (pp2_tlv_aws_t *) pp2_tlv->value;
             /* Connection is done through Private Link/Interface VPC endpoint */
-            if (pp2_tlv_aws->type == PP2_SUBTYPE_AWS_VPCE_ID)
+            if (pp2_tlv_aws->type == PP2_SUBTYPE_AWS_VPCE_ID) /* US-ASCII */
             {
-                /* +1 to save it as a string. Example: \x1vpce-08d2bf15fac5001c9 */
-                tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len + 1, pp2_tlv->value);
-                if (!tlv || !tlv_array_append_tlv(&pp_info->tlv_array, tlv))
+                /* Example: \x1vpce-08d2bf15fac5001c9 */
+                if (!tlv_array_append_tlv_new_usascii(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))
                 {
                     return ERR_HEAP_ALLOC;
                 }
-                tlv->value[pp2_tlv_len] = '\0';
             }
             break;
         }
@@ -785,7 +798,7 @@ static int32_t ppv2_parse(uint8_t *pkt, uint32_t pktlen, pp_info_t *pp_info)
             }
             pp2_tlv_azure_t *pp2_tlv_azure = (pp2_tlv_azure_t *) pp2_tlv->value;
             /* Connection is done through Private Link service */
-            if (pp2_tlv_azure->type == PP2_TYPE_AZURE)
+            if (pp2_tlv_azure->type == PP2_TYPE_AZURE) /* 32-bit number */
             {
                 tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, pp2_tlv->value);
                 if (!tlv || !tlv_array_append_tlv(&pp_info->tlv_array, tlv))

Original file line number	Diff line number	Diff line change
`@@ -154,7 +154,7 @@ static const char *errors[] = {`
`154`	`154`
`155`	`155`	`const char *pp_strerror(int32_t error)`
`156`	`156`	`{`
`157`		`- if (error < ERR_PP1_DST_PORT \|\| error > ERR_NULL)`
	`157`	`+ if (error < ERR_HEAP_ALLOC \|\| error > ERR_NULL)`
`158`	`158`	`{`
`159`	`159`	`return NULL;`
`160`	`160`	`}`
`@@ -214,6 +214,27 @@ static uint8_t tlv_array_append_tlv(tlv_array_t tlv_array, tlv_t tlv)`
`214`	`214`	`return 1;`
`215`	`215`	`}`
`216`	`216`
	`217`	`+static uint8_t tlv_array_append_tlv_new(tlv_array_t tlv_array, uint8_t type, uint16_t length, const void value)`
	`218`	`+{`
	`219`	`+ tlv_t *tlv = tlv_new(type, length, value);`
	`220`	`+ if (!tlv \|\| !tlv_array_append_tlv(tlv_array, tlv))`
	`221`	`+ {`
	`222`	`+ return 0;`
	`223`	`+ }`
	`224`	`+ return 1;`
	`225`	`+}`
	`226`	`+`
	`227`	`+static uint8_t tlv_array_append_tlv_new_usascii(tlv_array_t tlv_array, uint8_t type, uint16_t length, const void value)`
	`228`	`+{`
	`229`	`+ tlv_t *tlv = tlv_new(type, length + 1, value);`
	`230`	`+ if (!tlv \|\| !tlv_array_append_tlv(tlv_array, tlv))`
	`231`	`+ {`
	`232`	`+ return 0;`
	`233`	`+ }`
	`234`	`+ tlv->value[length] = '\0';`
	`235`	`+ return 1;`
	`236`	`+}`
	`237`	`+`
`217`	`238`	`static void tlv_array_clear(tlv_array_t *tlv_array)`
`218`	`239`	`{`
`219`	`240`	`uint32_t i;`
`@@ -653,28 +674,14 @@ static int32_t ppv2_parse(uint8_t pkt, uint32_t pktlen, pp_info_t pp_info)`
`653`	`674`
`654`	`675`	`switch (pp2_tlv->type)`
`655`	`676`	`{`
`656`		`- case PP2_TYPE_ALPN:`
`657`		`- {`
`658`		`- tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, pp2_tlv->value);`
`659`		`- if (!tlv \|\| !tlv_array_append_tlv(&pp_info->tlv_array, tlv))`
`660`		`- {`
`661`		`- return ERR_HEAP_ALLOC;`
`662`		`- }`
`663`		`- break;`
`664`		`- }`
`665`		`- case PP2_TYPE_AUTHORITY:`
`666`		`- case PP2_TYPE_NETNS:`
`667`		`- {`
`668`		`- /* +1 to save it as a string */`
`669`		`- tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len + 1, pp2_tlv->value);`
`670`		`- if (!tlv \|\| !tlv_array_append_tlv(&pp_info->tlv_array, tlv))`
	`677`	`+ case PP2_TYPE_ALPN: /* Byte sequence */`
	`678`	`+ case PP2_TYPE_AUTHORITY: /* UTF8 */`
	`679`	`+ if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))`
`671`	`680`	`{`
`672`	`681`	`return ERR_HEAP_ALLOC;`
`673`	`682`	`}`
`674`		`- tlv->value[pp2_tlv_len] = '\0';`
`675`	`683`	`break;`
`676`		`- }`
`677`		`- case PP2_TYPE_CRC32C:`
	`684`	`+ case PP2_TYPE_CRC32C: /* 32-bit number */`
`678`	`685`	`{`
`679`	`686`	`if (pp2_tlv_len != sizeof(uint32_t))`
`680`	`687`	`{`
`@@ -695,28 +702,24 @@ static int32_t ppv2_parse(uint8_t pkt, uint32_t pktlen, pp_info_t pp_info)`
`695`	`702`	`return ERR_PP2_TYPE_CRC32C;`
`696`	`703`	`}`
`697`	`704`
`698`		`- tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, &crc32c_chksum);`
`699`		`- if (!tlv \|\| !tlv_array_append_tlv(&pp_info->tlv_array, tlv))`
	`705`	`+ if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, &crc32c_chksum))`
`700`	`706`	`{`
`701`	`707`	`return ERR_HEAP_ALLOC;`
`702`	`708`	`}`
`703`	`709`	`break;`
`704`	`710`	`}`
`705`	`711`	`case PP2_TYPE_NOOP:`
`706`	`712`	`break;`
`707`		`- case PP2_TYPE_UNIQUE_ID:`
`708`		`- {`
	`713`	`+ case PP2_TYPE_UNIQUE_ID: /* Byte sequence */`
`709`	`714`	`if (pp2_tlv_len > 128)`
`710`	`715`	`{`
`711`	`716`	`return ERR_PP2_TYPE_UNIQUE_ID;`
`712`	`717`	`}`
`713`		`- tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, pp2_tlv->value);`
`714`		`- if (!tlv \|\| !tlv_array_append_tlv(&pp_info->tlv_array, tlv))`
	`718`	`+ if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))`
`715`	`719`	`{`
`716`	`720`	`return ERR_HEAP_ALLOC;`
`717`	`721`	`}`
`718`	`722`	`break;`
`719`		`- }`
`720`	`723`	`case PP2_TYPE_SSL:`
`721`	`724`	`{`
`722`	`725`	`pp2_tlv_ssl_t pp2_tlv_ssl = (pp2_tlv_ssl_t)pp2_tlv->value;`
`@@ -728,26 +731,32 @@ static int32_t ppv2_parse(uint8_t pkt, uint32_t pktlen, pp_info_t pp_info)`
`728`	`731`	`{`
`729`	`732`	`break;`
`730`	`733`	`}`
	`734`	`+ if (pp2_sub_tlv_offset > pp2_tlvs_ssl_len)`
	`735`	`+ {`
	`736`	`+ return ERR_PP2_TYPE_SSL;`
	`737`	`+ }`
`731`	`738`	`pp2_tlv_t pp2_sub_tlv_ssl = (pp2_tlv_t )((uint8_t*) pp2_tlv_ssl->sub_tlv + pp2_sub_tlv_offset);`
`732`		`- uint16_t pp2_sub_tlv_ssl_len;`
	`739`	`+ uint16_t pp2_sub_tlv_ssl_len = pp2_sub_tlv_ssl->length_hi << 8 \| pp2_sub_tlv_ssl->length_lo;`
`733`	`740`	`switch (pp2_sub_tlv_ssl->type)`
`734`	`741`	`{`
`735`		`- case PP2_SUBTYPE_SSL_VERSION:`
`736`		`- case PP2_SUBTYPE_SSL_CN:`
`737`		`- case PP2_SUBTYPE_SSL_CIPHER:`
`738`		`- case PP2_SUBTYPE_SSL_SIG_ALG:`
`739`		`- case PP2_SUBTYPE_SSL_KEY_ALG:`
	`742`	`+ case PP2_SUBTYPE_SSL_VERSION: /* US-ASCII */`
	`743`	`+ case PP2_SUBTYPE_SSL_CIPHER: /* US-ASCII */`
	`744`	`+ case PP2_SUBTYPE_SSL_SIG_ALG: /* US-ASCII */`
	`745`	`+ case PP2_SUBTYPE_SSL_KEY_ALG: /* US-ASCII */`
`740`	`746`	`{`
`741`		`- pp2_sub_tlv_ssl_len = pp2_sub_tlv_ssl->length_hi << 8 \| pp2_sub_tlv_ssl->length_lo;`
`742`	`747`	`/* +1 to save it as a string */`
`743`		`- tlv_t *tlv = tlv_new(pp2_sub_tlv_ssl->type, pp2_sub_tlv_ssl_len + 1, pp2_sub_tlv_ssl->value);`
`744`		`- if (!tlv \|\| !tlv_array_append_tlv(&pp_info->tlv_array, tlv))`
	`748`	`+ if (!tlv_array_append_tlv_new_usascii(&pp_info->tlv_array, pp2_sub_tlv_ssl->type, pp2_sub_tlv_ssl_len, pp2_sub_tlv_ssl->value))`
`745`	`749`	`{`
`746`	`750`	`return ERR_HEAP_ALLOC;`
`747`	`751`	`}`
`748`		`- tlv->value[pp2_sub_tlv_ssl_len] = '\0';`
`749`	`752`	`break;`
`750`	`753`	`}`
	`754`	`+ case PP2_SUBTYPE_SSL_CN: /* UTF8 */`
	`755`	`+ if (!tlv_array_append_tlv_new(&pp_info->tlv_array, pp2_sub_tlv_ssl->type, pp2_sub_tlv_ssl_len, pp2_sub_tlv_ssl->value))`
	`756`	`+ {`
	`757`	`+ return ERR_HEAP_ALLOC;`
	`758`	`+ }`
	`759`	`+ break;`
`751`	`760`	`default:`
`752`	`761`	`return ERR_PP2_TYPE_SSL;`
`753`	`762`	`}`
`@@ -757,6 +766,12 @@ static int32_t ppv2_parse(uint8_t pkt, uint32_t pktlen, pp_info_t pp_info)`
`757`	`766`	`}`
`758`	`767`	`break;`
`759`	`768`	`}`
	`769`	`+ case PP2_TYPE_NETNS: /* US-ASCII */`
	`770`	`+ if (!tlv_array_append_tlv_new_usascii(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))`
	`771`	`+ {`
	`772`	`+ return ERR_HEAP_ALLOC;`
	`773`	`+ }`
	`774`	`+ break;`
`760`	`775`	`case PP2_TYPE_AWS:`
`761`	`776`	`{`
`762`	`777`	`if (pp2_tlv_len < sizeof(pp2_tlv_aws_t))`
`@@ -765,15 +780,13 @@ static int32_t ppv2_parse(uint8_t pkt, uint32_t pktlen, pp_info_t pp_info)`
`765`	`780`	`}`
`766`	`781`	`pp2_tlv_aws_t pp2_tlv_aws = (pp2_tlv_aws_t ) pp2_tlv->value;`
`767`	`782`	`/* Connection is done through Private Link/Interface VPC endpoint */`
`768`		`- if (pp2_tlv_aws->type == PP2_SUBTYPE_AWS_VPCE_ID)`
	`783`	`+ if (pp2_tlv_aws->type == PP2_SUBTYPE_AWS_VPCE_ID) /* US-ASCII */`
`769`	`784`	`{`
`770`		`- /* +1 to save it as a string. Example: \x1vpce-08d2bf15fac5001c9 */`
`771`		`- tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len + 1, pp2_tlv->value);`
`772`		`- if (!tlv \|\| !tlv_array_append_tlv(&pp_info->tlv_array, tlv))`
	`785`	`+ /* Example: \x1vpce-08d2bf15fac5001c9 */`
	`786`	`+ if (!tlv_array_append_tlv_new_usascii(&pp_info->tlv_array, pp2_tlv->type, pp2_tlv_len, pp2_tlv->value))`
`773`	`787`	`{`
`774`	`788`	`return ERR_HEAP_ALLOC;`
`775`	`789`	`}`
`776`		`- tlv->value[pp2_tlv_len] = '\0';`
`777`	`790`	`}`
`778`	`791`	`break;`
`779`	`792`	`}`
`@@ -785,7 +798,7 @@ static int32_t ppv2_parse(uint8_t pkt, uint32_t pktlen, pp_info_t pp_info)`
`785`	`798`	`}`
`786`	`799`	`pp2_tlv_azure_t pp2_tlv_azure = (pp2_tlv_azure_t ) pp2_tlv->value;`
`787`	`800`	`/* Connection is done through Private Link service */`
`788`		`- if (pp2_tlv_azure->type == PP2_TYPE_AZURE)`
	`801`	`+ if (pp2_tlv_azure->type == PP2_TYPE_AZURE) /* 32-bit number */`
`789`	`802`	`{`
`790`	`803`	`tlv_t *tlv = tlv_new(pp2_tlv->type, pp2_tlv_len, pp2_tlv->value);`
`791`	`804`	`if (!tlv \|\| !tlv_array_append_tlv(&pp_info->tlv_array, tlv))`