From 91ebfc82ea75dee6b9751353c39220b8236f496e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ond=C5=99ej=20Kuzn=C3=ADk?= Date: Tue, 7 Nov 2017 18:35:05 +0000 Subject: [PATCH] ITS#8753 Move base64 decoding to separate file --- libraries/libldap/Makefile.in | 4 +- libraries/libldap/lbase64.c | 108 ++++++++++++++++++++++++++++++++ libraries/libldap/ldap-int.h | 7 +++ libraries/libldap/ldif.c | 75 +++------------------- libraries/libldap_r/Makefile.in | 4 +- libraries/libldap_r/lbase64.c | 1 + 6 files changed, 129 insertions(+), 70 deletions(-) create mode 100644 libraries/libldap/lbase64.c create mode 120000 libraries/libldap_r/lbase64.c diff --git a/libraries/libldap/Makefile.in b/libraries/libldap/Makefile.in index e72c14d705..443e8fe0a4 100644 --- a/libraries/libldap/Makefile.in +++ b/libraries/libldap/Makefile.in @@ -28,7 +28,7 @@ SRCS = bind.c open.c result.c error.c compare.c search.c \ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \ tls2.c tls_o.c tls_g.c tls_m.c \ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \ - assertion.c deref.c ldifutil.c ldif.c fetch.c + assertion.c deref.c ldifutil.c ldif.c fetch.c lbase64.c OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \ controls.lo messages.lo references.lo extended.lo cyrus.lo \ @@ -41,7 +41,7 @@ OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \ tls2.lo tls_o.lo tls_g.lo tls_m.lo \ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \ - assertion.lo deref.lo ldifutil.lo ldif.lo fetch.lo + assertion.lo deref.lo ldifutil.lo ldif.lo fetch.lo lbase64.lo LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries diff --git a/libraries/libldap/lbase64.c b/libraries/libldap/lbase64.c new file mode 100644 index 0000000000..fc60bb8a74 --- /dev/null +++ b/libraries/libldap/lbase64.c @@ -0,0 +1,108 @@ +/* lbase64.c - routines for dealing with base64 strings */ +/* $OpenLDAP$ */ +/* This work is part of OpenLDAP Software . + * + * Copyright 1998-2017 The OpenLDAP Foundation. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted only as authorized by the OpenLDAP + * Public License. + * + * A copy of this license is available in the file LICENSE in the + * top-level directory of the distribution or, alternatively, at + * . + */ +/* Portions Copyright (c) 1992-1996 Regents of the University of Michigan. + * All rights reserved. + * + * Redistribution and use in source and binary forms are permitted + * provided that this notice is preserved and that due credit is given + * to the University of Michigan at Ann Arbor. The name of the + * University may not be used to endorse or promote products derived + * from this software without specific prior written permission. This + * software is provided ``as is'' without express or implied warranty. + */ +/* This work was originally developed by the University of Michigan + * and distributed as part of U-MICH LDAP. + */ + +#include "portable.h" + +#include "ldap-int.h" + +#define RIGHT2 0x03 +#define RIGHT4 0x0f + +static const unsigned char b642nib[0x80] = { + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f, + 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, + 0x3c, 0x3d, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, + 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, + 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, 0xff, 0xff +}; + +int +ldap_int_decode_b64_inplace( struct berval *value ) +{ + char *p, *end, *byte; + char nib; + + byte = value->bv_val; + end = value->bv_val + value->bv_len; + + for ( p = value->bv_val, value->bv_len = 0; + p < end; + p += 4, value->bv_len += 3 ) + { + int i; + for ( i = 0; i < 4; i++ ) { + if ( p[i] != '=' && (p[i] & 0x80 || + b642nib[ p[i] & 0x7f ] > 0x3f) ) { + Debug( LDAP_DEBUG_ANY, + _("ldap_pvt_decode_b64_inplace: invalid base64 encoding" + " char (%c) 0x%x\n"), p[i], p[i], 0 ); + return( -1 ); + } + } + + /* first digit */ + nib = b642nib[ p[0] & 0x7f ]; + byte[0] = nib << 2; + /* second digit */ + nib = b642nib[ p[1] & 0x7f ]; + byte[0] |= nib >> 4; + byte[1] = (nib & RIGHT4) << 4; + /* third digit */ + if ( p[2] == '=' ) { + value->bv_len += 1; + break; + } + nib = b642nib[ p[2] & 0x7f ]; + byte[1] |= nib >> 2; + byte[2] = (nib & RIGHT2) << 6; + /* fourth digit */ + if ( p[3] == '=' ) { + value->bv_len += 2; + break; + } + nib = b642nib[ p[3] & 0x7f ]; + byte[2] |= nib; + + byte += 3; + } + value->bv_val[ value->bv_len ] = '\0'; + + return LDAP_SUCCESS; +} diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h index bcd6118b5f..d7d1afada1 100644 --- a/libraries/libldap/ldap-int.h +++ b/libraries/libldap/ldap-int.h @@ -548,6 +548,13 @@ LDAP_F (BerElement *) ldap_build_add_req LDAP_P(( LDAPControl **cctrls, ber_int_t *msgidp )); +/* + * in lbase64.c + */ + +LDAP_F (int) ldap_int_decode_b64_inplace LDAP_P(( + struct berval *value )); + /* * in compare.c */ diff --git a/libraries/libldap/ldif.c b/libraries/libldap/ldif.c index 8b20c2a82a..5756d6ac6c 100644 --- a/libraries/libldap/ldif.c +++ b/libraries/libldap/ldif.c @@ -40,12 +40,9 @@ int ldif_debug = 0; -#include "ldap_log.h" -#include "lber_pvt.h" +#include "ldap-int.h" #include "ldif.h" -#define RIGHT2 0x03 -#define RIGHT4 0x0f #define CONTINUED_LINE_MARKER '\r' #ifdef CSRIMALLOC @@ -58,25 +55,6 @@ int ldif_debug = 0; static const char nib2b64[0x40] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; -static const unsigned char b642nib[0x80] = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f, - 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, - 0x3c, 0x3d, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, - 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, - 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, - 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, - 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, 0xff, 0xff -}; - /* * ldif_parse_line - takes a line of the form "type:[:] value" and splits it * into components "type" and "value". if a double colon separates type from @@ -117,7 +95,6 @@ ldif_parse_line2( ) { char *s, *p, *d; - char nib; int b64, url; BER_BVZERO( type ); @@ -196,49 +173,15 @@ ldif_parse_line2( return( -1 ); } - byte = value->bv_val = s; - - for ( p = s, value->bv_len = 0; p < d; p += 4, value->bv_len += 3 ) { - int i; - for ( i = 0; i < 4; i++ ) { - if ( p[i] != '=' && (p[i] & 0x80 || - b642nib[ p[i] & 0x7f ] > 0x3f) ) { - ber_pvt_log_printf( LDAP_DEBUG_ANY, ldif_debug, - _("ldif_parse_line: %s: invalid base64 encoding" - " char (%c) 0x%x\n"), - type->bv_val, p[i], p[i] ); - if ( !freeval ) ber_memfree( line ); - return( -1 ); - } - } - - /* first digit */ - nib = b642nib[ p[0] & 0x7f ]; - byte[0] = nib << 2; - /* second digit */ - nib = b642nib[ p[1] & 0x7f ]; - byte[0] |= nib >> 4; - byte[1] = (nib & RIGHT4) << 4; - /* third digit */ - if ( p[2] == '=' ) { - value->bv_len += 1; - break; - } - nib = b642nib[ p[2] & 0x7f ]; - byte[1] |= nib >> 2; - byte[2] = (nib & RIGHT2) << 6; - /* fourth digit */ - if ( p[3] == '=' ) { - value->bv_len += 2; - break; - } - nib = b642nib[ p[3] & 0x7f ]; - byte[2] |= nib; - - byte += 3; + value->bv_val = s; + value->bv_len = d - s; + if ( ldap_int_decode_b64_inplace( value ) != LDAP_SUCCESS ) { + ber_pvt_log_printf( LDAP_DEBUG_PARSE, ldif_debug, + _("ldif_parse_line: %s base64 decode failed\n"), + type->bv_val ); + if ( !freeval ) ber_memfree( line ); + return( -1 ); } - s[ value->bv_len ] = '\0'; - } else if ( url ) { if ( *s == '\0' ) { /* no value is present, error out */ diff --git a/libraries/libldap_r/Makefile.in b/libraries/libldap_r/Makefile.in index 62712e2095..2110fd4eaf 100644 --- a/libraries/libldap_r/Makefile.in +++ b/libraries/libldap_r/Makefile.in @@ -30,7 +30,7 @@ XXSRCS = apitest.c test.c \ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \ tls2.c tls_o.c tls_g.c tls_m.c \ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \ - assertion.c deref.c ldifutil.c ldif.c fetch.c + assertion.c deref.c ldifutil.c ldif.c fetch.c lbase64.c SRCS = threads.c rdwr.c rmutex.c tpool.c rq.c \ thr_posix.c thr_cthreads.c thr_thr.c thr_nt.c \ thr_pth.c thr_stub.c thr_debug.c @@ -48,7 +48,7 @@ OBJS = threads.lo rdwr.lo rmutex.lo tpool.lo rq.lo \ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \ tls2.lo tls_o.lo tls_g.lo tls_m.lo \ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \ - assertion.lo deref.lo ldifutil.lo ldif.lo fetch.lo + assertion.lo deref.lo ldifutil.lo ldif.lo fetch.lo lbase64.lo LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries diff --git a/libraries/libldap_r/lbase64.c b/libraries/libldap_r/lbase64.c new file mode 120000 index 0000000000..4344f60eab --- /dev/null +++ b/libraries/libldap_r/lbase64.c @@ -0,0 +1 @@ +../libldap/lbase64.c \ No newline at end of file -- 2.39.5