freebsd-skq/contrib/smbfs/lib/smb/nb_name.c
ian 1a16baceaa Avoid unaligned memory accesses when encoding netbios names in libsmb.
The current code for encoding a netbios name converts each byte to a 16-bit
value and stores the result by casting a char* to u_short*, resulting in
alignment faults on strict-alignment platforms.

This change reimplements the encoding routine using only byte accesses to
memory. There is no particular reason to work with 16-bit values just
because the encoding process creates two bytes of output for every byte of
input. Working a byte at at time also avoids endian problems for big-endian
platforms.

PR:		180438
PR:		189415
Differential Revision:	https://reviews.freebsd.org/D4622
2015-12-21 17:17:00 +00:00

198 lines
4.6 KiB
C

/*
* Copyright (c) 2000-2001, Boris Popov
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Boris Popov.
* 4. Neither the name of the author nor the names of any co-contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: nb_name.c,v 1.2 2001/08/22 03:31:36 bp Exp $
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/endian.h>
#include <sys/socket.h>
#include <ctype.h>
#include <err.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <netsmb/netbios.h>
#include <netsmb/smb_lib.h>
#include <netsmb/nb_lib.h>
int
nb_snballoc(int namelen, struct sockaddr_nb **dst)
{
struct sockaddr_nb *snb;
int slen;
slen = namelen + sizeof(*snb) - sizeof(snb->snb_name);
snb = malloc(slen);
if (snb == NULL)
return ENOMEM;
bzero(snb, slen);
snb->snb_family = AF_NETBIOS;
snb->snb_len = slen;
*dst = snb;
return 0;
}
void
nb_snbfree(struct sockaddr *snb)
{
free(snb);
}
/*
* Create a full NETBIOS address
*/
int
nb_sockaddr(struct sockaddr *peer, struct nb_name *np,
struct sockaddr_nb **dst)
{
struct sockaddr_nb *snb;
int nmlen, error;
if (peer && (peer->sa_family != AF_INET && peer->sa_family != AF_IPX))
return EPROTONOSUPPORT;
nmlen = nb_name_len(np);
if (nmlen < NB_ENCNAMELEN)
return EINVAL;
error = nb_snballoc(nmlen, &snb);
if (error)
return error;
if (nmlen != nb_name_encode(np, snb->snb_name))
printf("a bug somewhere in the nb_name* code\n");
if (peer)
memcpy(&snb->snb_tran, peer, peer->sa_len);
*dst = snb;
return 0;
}
int
nb_name_len(struct nb_name *np)
{
u_char *name;
int len, sclen;
len = 1 + NB_ENCNAMELEN;
if (np->nn_scope == NULL)
return len + 1;
sclen = 0;
for (name = np->nn_scope; *name; name++) {
if (*name == '.') {
sclen = 0;
} else {
if (sclen < NB_MAXLABLEN) {
sclen++;
len++;
}
}
}
return len + 1;
}
int
nb_encname_len(const char *str)
{
const u_char *cp = (const u_char *)str;
int len, blen;
if ((cp[0] & 0xc0) == 0xc0)
return -1; /* first two bytes are offset to name */
len = 1;
for (;;) {
blen = *cp;
if (blen++ == 0)
break;
len += blen;
cp += blen;
}
return len;
}
static inline void
nb_char_encode(u_char **ptr, u_char c, int n)
{
while (n--) {
*(*ptr)++ = 0x41 + (c >> 4);
*(*ptr)++ = 0x41 + (c & 0x0f);
}
}
int
nb_name_encode(struct nb_name *np, u_char *dst)
{
u_char *name, *plen;
u_char *cp = dst;
int i, lblen;
*cp++ = NB_ENCNAMELEN;
name = np->nn_name;
if (name[0] == '*' && name[1] == 0) {
nb_char_encode(&cp, '*', 1);
nb_char_encode(&cp, ' ', NB_NAMELEN - 1);
} else {
for (i = 0; i < NB_NAMELEN - 1; i++)
if (*name != 0)
nb_char_encode(&cp, toupper(*name++), 1);
else
nb_char_encode(&cp, ' ', 1);
nb_char_encode(&cp, np->nn_type, 1);
}
*cp = 0;
if (np->nn_scope == NULL)
return nb_encname_len(dst);
plen = cp++;
lblen = 0;
for (name = np->nn_scope; ; name++) {
if (*name == '.' || *name == 0) {
*plen = lblen;
plen = cp++;
*plen = 0;
if (*name == 0)
break;
} else {
if (lblen < NB_MAXLABLEN) {
*cp++ = *name;
lblen++;
}
}
}
return nb_encname_len(dst);
}