Branch data Line data Source code
1 : : /*
2 : : * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 : : *
4 : : * Licensed under the Apache License, Version 2.0 (the "License").
5 : : * You may not use this file except in compliance with the License.
6 : : * A copy of the License is located at
7 : : *
8 : : * http://aws.amazon.com/apache2.0
9 : : *
10 : : * or in the "license" file accompanying this file. This file is distributed
11 : : * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12 : : * express or implied. See the License for the specific language governing
13 : : * permissions and limitations under the License.
14 : : */
15 : :
16 : : #include "stuffer/s2n_stuffer.h"
17 : :
18 : : #include "error/s2n_errno.h"
19 : : #include "utils/s2n_blob.h"
20 : : #include "utils/s2n_mem.h"
21 : : #include "utils/s2n_safety.h"
22 : :
23 : : S2N_RESULT s2n_stuffer_validate(const struct s2n_stuffer *stuffer)
24 : 540236915 : {
25 : : /**
26 : : * Note that we do not assert any properties on the tainted field,
27 : : * as any boolean value in that field is valid.
28 : : */
29 [ + + ][ + - ]: 540236915 : RESULT_ENSURE_REF(stuffer);
30 [ + + ]: 540236905 : RESULT_GUARD(s2n_blob_validate(&stuffer->blob));
31 [ # # ][ - + ]: 540236904 : RESULT_DEBUG_ENSURE(S2N_IMPLIES(stuffer->growable, stuffer->alloced), S2N_ERR_SAFETY);
[ + + ][ + - ]
32 : :
33 : : /* <= is valid because we can have a fully written/read stuffer */
34 [ # # ][ - + ]: 540236904 : RESULT_DEBUG_ENSURE(stuffer->high_water_mark <= stuffer->blob.size, S2N_ERR_SAFETY);
35 [ + - ][ + + ]: 540236904 : RESULT_DEBUG_ENSURE(stuffer->write_cursor <= stuffer->high_water_mark, S2N_ERR_SAFETY);
36 [ + - ][ + + ]: 540236902 : RESULT_DEBUG_ENSURE(stuffer->read_cursor <= stuffer->write_cursor, S2N_ERR_SAFETY);
37 : 540236901 : return S2N_RESULT_OK;
38 : 540236902 : }
39 : :
40 : : S2N_RESULT s2n_stuffer_reservation_validate(const struct s2n_stuffer_reservation *reservation)
41 : 382131 : {
42 : : /**
43 : : * Note that we need two dereferences here to decrease proof complexity
44 : : * for CBMC (see https://github.com/awslabs/s2n/issues/2290). We can roll back
45 : : * this change once CBMC can handle common subexpression elimination.
46 : : */
47 [ - + ][ # # ]: 382131 : RESULT_ENSURE_REF(reservation);
48 : 382131 : const struct s2n_stuffer_reservation reserve_obj = *reservation;
49 [ + + ]: 382131 : RESULT_GUARD(s2n_stuffer_validate(reserve_obj.stuffer));
50 : 382130 : const struct s2n_stuffer stuffer_obj = *(reserve_obj.stuffer);
51 : :
52 : : /* Verify that write_cursor + length can be represented as a uint32_t without overflow */
53 [ - + ][ # # ]: 382130 : RESULT_ENSURE_LTE(reserve_obj.write_cursor, UINT32_MAX - reserve_obj.length);
54 : : /* The entire reservation must fit between the stuffer read and write cursors */
55 [ + + ][ + - ]: 382130 : RESULT_ENSURE_LTE(reserve_obj.write_cursor + reserve_obj.length, stuffer_obj.write_cursor);
56 [ # # ][ - + ]: 382127 : RESULT_ENSURE_GTE(reserve_obj.write_cursor, stuffer_obj.read_cursor);
57 : :
58 : 382127 : return S2N_RESULT_OK;
59 : 382127 : }
60 : :
61 : : /**
62 : : * Initialize a stuffer to reference some data `in`.
63 : : *
64 : : * `stuffer` will not own the data, and the caller is responsible for ensuring that
65 : : * the data pointed to by `in` outlives `stuffer`.
66 : : */
67 : : int s2n_stuffer_init(struct s2n_stuffer *stuffer, struct s2n_blob *in)
68 : 18813114 : {
69 [ + - ][ + + ]: 18813114 : POSIX_ENSURE_MUT(stuffer);
70 [ + + ][ + + ]: 18813113 : POSIX_PRECONDITION(s2n_blob_validate(in));
71 : 18813111 : stuffer->blob = *in;
72 : 18813111 : stuffer->read_cursor = 0;
73 : 18813111 : stuffer->write_cursor = 0;
74 : 18813111 : stuffer->high_water_mark = 0;
75 : 18813111 : stuffer->alloced = 0;
76 : 18813111 : stuffer->growable = 0;
77 : 18813111 : stuffer->tainted = 0;
78 [ - + ][ + - ]: 18813111 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
79 : 18813111 : return S2N_SUCCESS;
80 : 18813111 : }
81 : :
82 : : int s2n_stuffer_init_written(struct s2n_stuffer *stuffer, struct s2n_blob *in)
83 : 120522 : {
84 [ - + ][ # # ]: 120522 : POSIX_ENSURE_REF(in);
85 [ - + ]: 120522 : POSIX_GUARD(s2n_stuffer_init(stuffer, in));
86 [ - + ]: 120522 : POSIX_GUARD(s2n_stuffer_skip_write(stuffer, in->size));
87 : 120522 : return S2N_SUCCESS;
88 : 120522 : }
89 : :
90 : : int s2n_stuffer_alloc(struct s2n_stuffer *stuffer, const uint32_t size)
91 : 7373902 : {
92 [ - + ][ # # ]: 7373902 : POSIX_ENSURE_REF(stuffer);
93 : 7373902 : *stuffer = (struct s2n_stuffer){ 0 };
94 [ - + ]: 7373902 : POSIX_GUARD(s2n_alloc(&stuffer->blob, size));
95 [ - + ]: 7373902 : POSIX_GUARD(s2n_stuffer_init(stuffer, &stuffer->blob));
96 : :
97 : 7373902 : stuffer->alloced = 1;
98 : :
99 [ - + ][ + - ]: 7373902 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
100 : 7373902 : return S2N_SUCCESS;
101 : 7373902 : }
102 : :
103 : : int s2n_stuffer_growable_alloc(struct s2n_stuffer *stuffer, const uint32_t size)
104 : 7349171 : {
105 [ - + ]: 7349171 : POSIX_GUARD(s2n_stuffer_alloc(stuffer, size));
106 : :
107 : 7349171 : stuffer->growable = 1;
108 : :
109 [ - + ][ + - ]: 7349171 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
110 : 7349171 : return S2N_SUCCESS;
111 : 7349171 : }
112 : :
113 : : int s2n_stuffer_free(struct s2n_stuffer *stuffer)
114 : 8351214 : {
115 [ - + ][ + - ]: 8351214 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
116 [ + + ]: 8351214 : if (stuffer->alloced) {
117 [ - + ]: 4066324 : POSIX_GUARD(s2n_free(&stuffer->blob));
118 : 4066324 : }
119 : 8351214 : *stuffer = (struct s2n_stuffer){ 0 };
120 : 8351214 : return S2N_SUCCESS;
121 : 8351214 : }
122 : :
123 : : int s2n_stuffer_free_without_wipe(struct s2n_stuffer *stuffer)
124 : 10 : {
125 [ - + ][ + - ]: 10 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
126 [ + - ]: 10 : if (stuffer->alloced) {
127 [ - + ]: 10 : POSIX_GUARD(s2n_free_without_wipe(&stuffer->blob));
128 : 10 : }
129 : 10 : *stuffer = (struct s2n_stuffer){ 0 };
130 : 10 : return S2N_SUCCESS;
131 : 10 : }
132 : :
133 : : int s2n_stuffer_resize(struct s2n_stuffer *stuffer, const uint32_t size)
134 : 13846851 : {
135 [ - + ][ + - ]: 13846851 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
136 [ - + ][ # # ]: 13846851 : POSIX_ENSURE(!stuffer->tainted, S2N_ERR_RESIZE_TAINTED_STUFFER);
137 [ - + ][ # # ]: 13846851 : POSIX_ENSURE(stuffer->growable, S2N_ERR_RESIZE_STATIC_STUFFER);
138 : :
139 [ + + ]: 13846851 : if (size == stuffer->blob.size) {
140 : 6917481 : return S2N_SUCCESS;
141 : 6917481 : }
142 : :
143 [ + + ]: 6929370 : if (size == 0) {
144 : 3308334 : s2n_stuffer_wipe(stuffer);
145 : 3308334 : return s2n_free(&stuffer->blob);
146 : 3308334 : }
147 : :
148 [ + + ]: 3621036 : if (size < stuffer->blob.size) {
149 [ # # ][ - + ]: 75 : POSIX_CHECKED_MEMSET(stuffer->blob.data + size, S2N_WIPE_PATTERN, (stuffer->blob.size - size));
[ + - ]
150 [ - + ]: 75 : if (stuffer->read_cursor > size) {
151 : 0 : stuffer->read_cursor = size;
152 : 0 : }
153 [ - + ]: 75 : if (stuffer->write_cursor > size) {
154 : 0 : stuffer->write_cursor = size;
155 : 0 : }
156 [ - + ]: 75 : if (stuffer->high_water_mark > size) {
157 : 0 : stuffer->high_water_mark = size;
158 : 0 : }
159 : 75 : stuffer->blob.size = size;
160 [ - + ][ + - ]: 75 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
161 : 75 : return S2N_SUCCESS;
162 : 75 : }
163 : :
164 [ - + ]: 3620961 : POSIX_GUARD(s2n_realloc(&stuffer->blob, size));
165 [ - + ][ + - ]: 3620961 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
166 : 3620961 : return S2N_SUCCESS;
167 : 3620961 : }
168 : :
169 : : int s2n_stuffer_resize_if_empty(struct s2n_stuffer *stuffer, const uint32_t size)
170 : 841240 : {
171 [ - + ][ + - ]: 841240 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
172 [ + + ]: 841240 : if (stuffer->blob.data == NULL) {
173 [ - + ][ # # ]: 15632 : POSIX_ENSURE(!stuffer->tainted, S2N_ERR_RESIZE_TAINTED_STUFFER);
174 [ + + ][ + - ]: 15632 : POSIX_ENSURE(stuffer->growable, S2N_ERR_RESIZE_STATIC_STUFFER);
175 [ - + ]: 15631 : POSIX_GUARD(s2n_realloc(&stuffer->blob, size));
176 : 15631 : }
177 [ - + ][ + - ]: 841239 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
178 : 841239 : return S2N_SUCCESS;
179 : 841239 : }
180 : :
181 : : /**
182 : : * Reset read and write progress.
183 : : *
184 : : * This sets the read and write cursors to zero.
185 : : */
186 : : int s2n_stuffer_rewrite(struct s2n_stuffer *stuffer)
187 : 4472775 : {
188 [ - + ][ + - ]: 4472775 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
189 : 4472775 : stuffer->write_cursor = 0;
190 : 4472775 : stuffer->read_cursor = 0;
191 [ - + ][ + - ]: 4472775 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
192 : 4472775 : return S2N_SUCCESS;
193 : 4472775 : }
194 : :
195 : : int s2n_stuffer_rewind_read(struct s2n_stuffer *stuffer, const uint32_t size)
196 : 538041 : {
197 [ - + ][ + - ]: 538041 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
198 [ + + ][ + - ]: 538041 : POSIX_ENSURE(stuffer->read_cursor >= size, S2N_ERR_STUFFER_OUT_OF_DATA);
199 : 538036 : stuffer->read_cursor -= size;
200 [ - + ][ + - ]: 538036 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
201 : 538036 : return S2N_SUCCESS;
202 : 538036 : }
203 : :
204 : : /**
205 : : * Reset read progress.
206 : : *
207 : : * This sets the read cursor to zero.
208 : : */
209 : : int s2n_stuffer_reread(struct s2n_stuffer *stuffer)
210 : 8938167 : {
211 [ - + ][ + - ]: 8938167 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
212 : 8938167 : stuffer->read_cursor = 0;
213 : 8938167 : return S2N_SUCCESS;
214 : 8938167 : }
215 : :
216 : : int s2n_stuffer_wipe_n(struct s2n_stuffer *stuffer, const uint32_t size)
217 : 507805 : {
218 [ - + ][ + - ]: 507805 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
219 [ + + ]: 507805 : uint32_t wipe_size = S2N_MIN(size, stuffer->write_cursor);
220 : :
221 : 507805 : stuffer->write_cursor -= wipe_size;
222 [ + + ]: 507805 : stuffer->read_cursor = S2N_MIN(stuffer->read_cursor, stuffer->write_cursor);
223 [ - + ][ # # ]: 507805 : POSIX_CHECKED_MEMSET(stuffer->blob.data + stuffer->write_cursor, S2N_WIPE_PATTERN, wipe_size);
[ + + ]
224 : :
225 [ - + ][ + - ]: 507805 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
226 : 507805 : return S2N_SUCCESS;
227 : 507805 : }
228 : :
229 : : bool s2n_stuffer_is_consumed(struct s2n_stuffer *stuffer)
230 : 247590 : {
231 [ + - ][ + + ]: 247590 : return stuffer && (stuffer->read_cursor == stuffer->write_cursor) && !stuffer->tainted;
[ + + ]
232 : 247590 : }
233 : :
234 : : int s2n_stuffer_wipe(struct s2n_stuffer *stuffer)
235 : 41485075 : {
236 [ - + ][ + - ]: 41485075 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
237 [ + + ]: 41485075 : if (!s2n_stuffer_is_wiped(stuffer)) {
238 [ # # ][ - + ]: 10735964 : POSIX_CHECKED_MEMSET(stuffer->blob.data, S2N_WIPE_PATTERN, stuffer->high_water_mark);
[ + - ]
239 : 10735964 : }
240 : :
241 : 41485075 : stuffer->tainted = 0;
242 : 41485075 : stuffer->write_cursor = 0;
243 : 41485075 : stuffer->read_cursor = 0;
244 : 41485075 : stuffer->high_water_mark = 0;
245 [ - + ][ + - ]: 41485075 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
246 : 41485075 : return S2N_SUCCESS;
247 : 41485075 : }
248 : :
249 : : int s2n_stuffer_skip_read(struct s2n_stuffer *stuffer, uint32_t n)
250 : 36816354 : {
251 [ - + ][ + + ]: 36816354 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
252 [ + - ][ + + ]: 36816354 : POSIX_ENSURE(s2n_stuffer_data_available(stuffer) >= n, S2N_ERR_STUFFER_OUT_OF_DATA);
253 : :
254 : 36799709 : stuffer->read_cursor += n;
255 : 36799709 : return S2N_SUCCESS;
256 : 36816354 : }
257 : :
258 : : void *s2n_stuffer_raw_read(struct s2n_stuffer *stuffer, uint32_t data_len)
259 : 5054146 : {
260 [ + + ]: 5054146 : PTR_GUARD_POSIX(s2n_stuffer_skip_read(stuffer, data_len));
261 : :
262 : 5054143 : stuffer->tainted = 1;
263 : :
264 [ + - ]: 5054143 : return (stuffer->blob.data) ? (stuffer->blob.data + stuffer->read_cursor - data_len) : NULL;
265 : 5054146 : }
266 : :
267 : : int s2n_stuffer_read(struct s2n_stuffer *stuffer, struct s2n_blob *out)
268 : 146563 : {
269 [ # # ][ - + ]: 146563 : POSIX_ENSURE_REF(out);
270 : :
271 : 146563 : return s2n_stuffer_read_bytes(stuffer, out->data, out->size);
272 : 146563 : }
273 : :
274 : : int s2n_stuffer_erase_and_read(struct s2n_stuffer *stuffer, struct s2n_blob *out)
275 : 181901 : {
276 [ - + ]: 181901 : POSIX_GUARD(s2n_stuffer_skip_read(stuffer, out->size));
277 : :
278 [ + - ]: 181901 : void *ptr = (stuffer->blob.data) ? (stuffer->blob.data + stuffer->read_cursor - out->size) : NULL;
279 [ # # ][ - + ]: 181901 : POSIX_ENSURE(S2N_MEM_IS_READABLE(ptr, out->size), S2N_ERR_NULL);
[ + - ]
280 : :
281 [ - + ][ # # ]: 181901 : POSIX_CHECKED_MEMCPY(out->data, ptr, out->size);
[ + - ]
282 [ # # ][ - + ]: 181901 : POSIX_CHECKED_MEMSET(ptr, 0, out->size);
[ + - ]
283 : :
284 : 181901 : return S2N_SUCCESS;
285 : 181901 : }
286 : :
287 : : int s2n_stuffer_read_bytes(struct s2n_stuffer *stuffer, uint8_t *data, uint32_t size)
288 : 23470967 : {
289 [ + - ][ + + ]: 23470967 : POSIX_ENSURE_REF(data);
290 [ + + ][ + + ]: 23470965 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
291 [ + + ]: 23470964 : POSIX_GUARD(s2n_stuffer_skip_read(stuffer, size));
292 [ - + ][ # # ]: 23454330 : POSIX_ENSURE_REF(stuffer->blob.data);
293 : 23454330 : void *ptr = stuffer->blob.data + stuffer->read_cursor - size;
294 : :
295 [ - + ][ # # ]: 23454330 : POSIX_CHECKED_MEMCPY(data, ptr, size);
[ + + ]
296 : :
297 : 23454330 : return S2N_SUCCESS;
298 : 23454330 : }
299 : :
300 : : int s2n_stuffer_erase_and_read_bytes(struct s2n_stuffer *stuffer, uint8_t *data, uint32_t size)
301 : 7847 : {
302 [ - + ]: 7847 : POSIX_GUARD(s2n_stuffer_skip_read(stuffer, size));
303 [ - + ][ # # ]: 7847 : POSIX_ENSURE_REF(stuffer->blob.data);
304 : 7847 : void *ptr = stuffer->blob.data + stuffer->read_cursor - size;
305 : :
306 [ - + ][ # # ]: 7847 : POSIX_CHECKED_MEMCPY(data, ptr, size);
[ + - ]
307 [ - + ][ # # ]: 7847 : POSIX_CHECKED_MEMSET(ptr, 0, size);
[ + - ]
308 : :
309 : 7847 : return S2N_SUCCESS;
310 : 7847 : }
311 : :
312 : : int s2n_stuffer_skip_write(struct s2n_stuffer *stuffer, const uint32_t n)
313 : 61178150 : {
314 [ - + ][ + + ]: 61178150 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
315 [ + + ]: 61178150 : POSIX_GUARD(s2n_stuffer_reserve_space(stuffer, n));
316 : 61160674 : stuffer->write_cursor += n;
317 [ + + ]: 61160674 : stuffer->high_water_mark = S2N_MAX(stuffer->write_cursor, stuffer->high_water_mark);
318 [ - + ][ + + ]: 61160674 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
319 : 61160674 : return S2N_SUCCESS;
320 : 61160674 : }
321 : :
322 : : void *s2n_stuffer_raw_write(struct s2n_stuffer *stuffer, const uint32_t data_len)
323 : 7274565 : {
324 [ + + ]: 7274565 : PTR_GUARD_POSIX(s2n_stuffer_skip_write(stuffer, data_len));
325 : :
326 : 7274564 : stuffer->tainted = 1;
327 : :
328 [ + - ]: 7274564 : return (stuffer->blob.data) ? (stuffer->blob.data + stuffer->write_cursor - data_len) : NULL;
329 : 7274565 : }
330 : :
331 : : int s2n_stuffer_write(struct s2n_stuffer *stuffer, const struct s2n_blob *in)
332 : 563417 : {
333 [ + + ][ + + ]: 563417 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
334 [ - + ][ + - ]: 563415 : POSIX_PRECONDITION(s2n_blob_validate(in));
335 : 563415 : return s2n_stuffer_write_bytes(stuffer, in->data, in->size);
336 : 563415 : }
337 : :
338 : : int s2n_stuffer_write_bytes(struct s2n_stuffer *stuffer, const uint8_t *data, const uint32_t size)
339 : 29827030 : {
340 [ + + ]: 29827030 : if (size == 0) {
341 : 125520 : return S2N_SUCCESS;
342 : 125520 : }
343 : :
344 [ # # ][ - + ]: 29701510 : POSIX_ENSURE(S2N_MEM_IS_READABLE(data, size), S2N_ERR_SAFETY);
[ + - ]
345 [ - + ][ + - ]: 29701510 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
346 [ + + ]: 29701510 : POSIX_GUARD(s2n_stuffer_skip_write(stuffer, size));
347 : :
348 : 29684040 : void *ptr = stuffer->blob.data + stuffer->write_cursor - size;
349 [ # # ][ - + ]: 29684040 : POSIX_ENSURE(S2N_MEM_IS_READABLE(ptr, size), S2N_ERR_NULL);
[ + - ]
350 : :
351 [ + + ]: 29684040 : if (ptr == data) {
352 [ - + ][ + - ]: 8418 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
353 : 8418 : return S2N_SUCCESS;
354 : 8418 : }
355 : :
356 [ - + ][ # # ]: 29675622 : POSIX_CHECKED_MEMCPY(ptr, data, size);
[ + - ]
357 : :
358 [ - + ][ + - ]: 29675622 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
359 : 29675622 : return S2N_SUCCESS;
360 : 29675622 : }
361 : :
362 : : int s2n_stuffer_writev_bytes(struct s2n_stuffer *stuffer, const struct iovec *iov, size_t iov_count, uint32_t offs,
363 : : uint32_t size)
364 : 3606574 : {
365 [ - + ][ + - ]: 3606574 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
366 [ - + ][ # # ]: 3606574 : POSIX_ENSURE_REF(iov);
367 : 3606574 : void *ptr = s2n_stuffer_raw_write(stuffer, size);
368 [ # # ][ + + ]: 3606574 : POSIX_ENSURE(S2N_MEM_IS_READABLE(ptr, size), S2N_ERR_NULL);
[ + - ]
369 : :
370 : 3606574 : size_t size_left = size, to_skip = offs;
371 [ + + ]: 3638029 : for (size_t i = 0; i < iov_count; i++) {
372 [ + + ]: 3637936 : if (to_skip >= iov[i].iov_len) {
373 : 31371 : to_skip -= iov[i].iov_len;
374 : 31371 : continue;
375 : 31371 : }
376 : 3606565 : size_t iov_len_op = iov[i].iov_len - to_skip;
377 [ - + ][ # # ]: 3606565 : POSIX_ENSURE_LTE(iov_len_op, UINT32_MAX);
378 : 3606565 : uint32_t iov_len = (uint32_t) iov_len_op;
379 [ + + ]: 3606565 : uint32_t iov_size_to_take = S2N_MIN(size_left, iov_len);
380 [ - + ][ # # ]: 3606565 : POSIX_ENSURE_REF(iov[i].iov_base);
381 [ - + ][ # # ]: 3606565 : POSIX_ENSURE_LT(to_skip, iov[i].iov_len);
382 [ - + ][ # # ]: 3606565 : POSIX_CHECKED_MEMCPY(ptr, ((uint8_t *) (iov[i].iov_base)) + to_skip, iov_size_to_take);
[ + - ]
383 : 3606565 : size_left -= iov_size_to_take;
384 [ + + ]: 3606565 : if (size_left == 0) {
385 : 3606481 : break;
386 : 3606481 : }
387 : 84 : ptr = (void *) ((uint8_t *) ptr + iov_size_to_take);
388 : 84 : to_skip = 0;
389 : 84 : }
390 : :
391 : 3606574 : return S2N_SUCCESS;
392 : 3606574 : }
393 : :
394 : : static int s2n_stuffer_copy_impl(struct s2n_stuffer *from, struct s2n_stuffer *to, const uint32_t len)
395 : 7335817 : {
396 [ - + ]: 7335817 : POSIX_GUARD(s2n_stuffer_skip_read(from, len));
397 [ - + ]: 7335817 : POSIX_GUARD(s2n_stuffer_skip_write(to, len));
398 : :
399 [ + - ]: 7335817 : uint8_t *from_ptr = (from->blob.data) ? (from->blob.data + from->read_cursor - len) : NULL;
400 [ + - ]: 7335817 : uint8_t *to_ptr = (to->blob.data) ? (to->blob.data + to->write_cursor - len) : NULL;
401 : :
402 [ # # ][ - + ]: 7335817 : POSIX_CHECKED_MEMCPY(to_ptr, from_ptr, len);
[ + + ]
403 : :
404 : 7335817 : return S2N_SUCCESS;
405 : 7335817 : }
406 : :
407 : : int s2n_stuffer_reserve_space(struct s2n_stuffer *stuffer, uint32_t n)
408 : 62108954 : {
409 [ - + ][ + + ]: 62108954 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
410 [ + + ]: 62108954 : if (s2n_stuffer_space_remaining(stuffer) < n) {
411 [ + + ][ + - ]: 3508216 : POSIX_ENSURE(stuffer->growable, S2N_ERR_STUFFER_IS_FULL);
412 : : /* Always grow a stuffer by at least 1k */
413 [ + + ]: 3490739 : const uint32_t growth = S2N_MAX(n - s2n_stuffer_space_remaining(stuffer), S2N_MIN_STUFFER_GROWTH_IN_BYTES);
414 : 3490739 : uint32_t new_size = 0;
415 [ - + ]: 3490739 : POSIX_GUARD(s2n_add_overflow(stuffer->blob.size, growth, &new_size));
416 [ - + ]: 3490739 : POSIX_GUARD(s2n_stuffer_resize(stuffer, new_size));
417 : 3490739 : }
418 [ - + ][ + + ]: 62091477 : POSIX_POSTCONDITION(s2n_stuffer_validate(stuffer));
419 : 62091477 : return S2N_SUCCESS;
420 : 62091477 : }
421 : :
422 : : /* Copies "len" bytes from "from" to "to".
423 : : * If the copy cannot succeed (i.e. there are either not enough bytes available, or there is not enough space to write them
424 : : * restore the old value of the stuffer */
425 : : int s2n_stuffer_copy(struct s2n_stuffer *from, struct s2n_stuffer *to, const uint32_t len)
426 : 7335817 : {
427 : 7335817 : const uint32_t orig_read_cursor = from->read_cursor;
428 : 7335817 : const uint32_t orig_write_cursor = to->write_cursor;
429 : :
430 [ - + ]: 7335817 : if (s2n_stuffer_copy_impl(from, to, len) < 0) {
431 : 0 : from->read_cursor = orig_read_cursor;
432 : 0 : to->write_cursor = orig_write_cursor;
433 : 0 : S2N_ERROR_PRESERVE_ERRNO();
434 : 0 : }
435 : :
436 : 7335817 : return S2N_SUCCESS;
437 : 7335817 : }
438 : :
439 : : int s2n_stuffer_extract_blob(struct s2n_stuffer *stuffer, struct s2n_blob *out)
440 : 23 : {
441 [ - + ][ + - ]: 23 : POSIX_PRECONDITION(s2n_stuffer_validate(stuffer));
442 [ - + ][ # # ]: 23 : POSIX_ENSURE_REF(out);
443 [ - + ]: 23 : POSIX_GUARD(s2n_realloc(out, s2n_stuffer_data_available(stuffer)));
444 : :
445 [ + - ]: 23 : if (s2n_stuffer_data_available(stuffer) > 0) {
446 [ - + ][ # # ]: 23 : POSIX_CHECKED_MEMCPY(out->data, stuffer->blob.data + stuffer->read_cursor, s2n_stuffer_data_available(stuffer));
[ + - ]
447 : 23 : }
448 : :
449 [ - + ][ + - ]: 23 : POSIX_POSTCONDITION(s2n_blob_validate(out));
450 : 23 : return S2N_SUCCESS;
451 : 23 : }
452 : :
453 : : int s2n_stuffer_shift(struct s2n_stuffer *stuffer)
454 : 508 : {
455 [ + - ][ + + ]: 508 : POSIX_ENSURE_REF(stuffer);
456 : 507 : struct s2n_stuffer copy = *stuffer;
457 [ - + ]: 507 : POSIX_GUARD(s2n_stuffer_rewrite(©));
458 : :
459 : 507 : uint8_t *data = stuffer->blob.data;
460 : : /* Adding 0 to a NULL value is undefined behavior */
461 [ + + ]: 507 : if (stuffer->read_cursor != 0) {
462 : 505 : data += stuffer->read_cursor;
463 : 505 : }
464 : :
465 : 507 : uint32_t data_size = s2n_stuffer_data_available(stuffer);
466 [ - + ]: 507 : POSIX_GUARD(s2n_stuffer_write_bytes(©, data, data_size));
467 : 507 : *stuffer = copy;
468 : 507 : return S2N_SUCCESS;
469 : 507 : }
|