mirror of
https://github.com/systemd/systemd.git
synced 2024-12-23 21:35:11 +03:00
hexdecoct: make unbase64mem and unhexmem always use SIZE_MAX
This commit is contained in:
parent
7f13af72f8
commit
bdd2036e81
@ -48,7 +48,7 @@ static int get_current_pcr(const char *alg, uint32_t pcr, void **ret, size_t *re
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read '%s': %m", p);
|
return log_error_errno(r, "Failed to read '%s': %m", p);
|
||||||
|
|
||||||
r = unhexmem(s, ss, &buf, &bufsize);
|
r = unhexmem_full(s, ss, /* secure = */ false, &buf, &bufsize);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode hex PCR data '%s': %m", s);
|
return log_error_errno(r, "Failed to decode hex PCR data '%s': %m", s);
|
||||||
|
|
||||||
|
@ -114,7 +114,7 @@ int unhexmem_full(
|
|||||||
const char *p,
|
const char *p,
|
||||||
size_t l,
|
size_t l,
|
||||||
bool secure,
|
bool secure,
|
||||||
void **ret,
|
void **ret_data,
|
||||||
size_t *ret_len) {
|
size_t *ret_len) {
|
||||||
|
|
||||||
_cleanup_free_ uint8_t *buf = NULL;
|
_cleanup_free_ uint8_t *buf = NULL;
|
||||||
@ -155,8 +155,8 @@ int unhexmem_full(
|
|||||||
|
|
||||||
if (ret_len)
|
if (ret_len)
|
||||||
*ret_len = (size_t) (z - buf);
|
*ret_len = (size_t) (z - buf);
|
||||||
if (ret)
|
if (ret_data)
|
||||||
*ret = TAKE_PTR(buf);
|
*ret_data = TAKE_PTR(buf);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -766,7 +766,7 @@ int unbase64mem_full(
|
|||||||
const char *p,
|
const char *p,
|
||||||
size_t l,
|
size_t l,
|
||||||
bool secure,
|
bool secure,
|
||||||
void **ret,
|
void **ret_data,
|
||||||
size_t *ret_size) {
|
size_t *ret_size) {
|
||||||
|
|
||||||
_cleanup_free_ uint8_t *buf = NULL;
|
_cleanup_free_ uint8_t *buf = NULL;
|
||||||
@ -854,8 +854,8 @@ int unbase64mem_full(
|
|||||||
|
|
||||||
if (ret_size)
|
if (ret_size)
|
||||||
*ret_size = (size_t) (z - buf);
|
*ret_size = (size_t) (z - buf);
|
||||||
if (ret)
|
if (ret_data)
|
||||||
*ret = TAKE_PTR(buf);
|
*ret_data = TAKE_PTR(buf);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -18,9 +18,9 @@ char hexchar(int x) _const_;
|
|||||||
int unhexchar(char c) _const_;
|
int unhexchar(char c) _const_;
|
||||||
|
|
||||||
char *hexmem(const void *p, size_t l);
|
char *hexmem(const void *p, size_t l);
|
||||||
int unhexmem_full(const char *p, size_t l, bool secure, void **mem, size_t *len);
|
int unhexmem_full(const char *p, size_t l, bool secure, void **ret_data, size_t *ret_size);
|
||||||
static inline int unhexmem(const char *p, size_t l, void **mem, size_t *len) {
|
static inline int unhexmem(const char *p, void **ret_data, size_t *ret_size) {
|
||||||
return unhexmem_full(p, l, false, mem, len);
|
return unhexmem_full(p, SIZE_MAX, false, ret_data, ret_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
char base32hexchar(int x) _const_;
|
char base32hexchar(int x) _const_;
|
||||||
@ -45,9 +45,9 @@ ssize_t base64_append(
|
|||||||
size_t l,
|
size_t l,
|
||||||
size_t margin,
|
size_t margin,
|
||||||
size_t width);
|
size_t width);
|
||||||
int unbase64mem_full(const char *p, size_t l, bool secure, void **mem, size_t *len);
|
int unbase64mem_full(const char *p, size_t l, bool secure, void **ret_data, size_t *ret_size);
|
||||||
static inline int unbase64mem(const char *p, size_t l, void **mem, size_t *len) {
|
static inline int unbase64mem(const char *p, void **ret_data, size_t *ret_size) {
|
||||||
return unbase64mem_full(p, l, false, mem, len);
|
return unbase64mem_full(p, SIZE_MAX, false, ret_data, ret_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
void hexdump(FILE *f, const void *p, size_t s);
|
void hexdump(FILE *f, const void *p, size_t s);
|
||||||
|
@ -419,7 +419,7 @@ static int measure_kernel(PcrState *pcr_states, size_t n) {
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read '%s': %m", p);
|
return log_error_errno(r, "Failed to read '%s': %m", p);
|
||||||
|
|
||||||
r = unhexmem(strstrip(s), SIZE_MAX, &v, &sz);
|
r = unhexmem(strstrip(s), &v, &sz);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode PCR value '%s': %m", s);
|
return log_error_errno(r, "Failed to decode PCR value '%s': %m", s);
|
||||||
|
|
||||||
@ -995,7 +995,7 @@ static int verb_status(int argc, char *argv[], void *userdata) {
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read '%s': %m", p);
|
return log_error_errno(r, "Failed to read '%s': %m", p);
|
||||||
|
|
||||||
r = unhexmem(strstrip(s), SIZE_MAX, &h, &l);
|
r = unhexmem(strstrip(s), &h, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode PCR value '%s': %m", s);
|
return log_error_errno(r, "Failed to decode PCR value '%s': %m", s);
|
||||||
|
|
||||||
|
@ -2670,12 +2670,12 @@ static int exec_context_deserialize(ExecContext *c, FILE *f) {
|
|||||||
return r;
|
return r;
|
||||||
} else if ((val = startswith(l, "exec-context-root-hash="))) {
|
} else if ((val = startswith(l, "exec-context-root-hash="))) {
|
||||||
c->root_hash = mfree(c->root_hash);
|
c->root_hash = mfree(c->root_hash);
|
||||||
r = unhexmem(val, strlen(val), &c->root_hash, &c->root_hash_size);
|
r = unhexmem(val, &c->root_hash, &c->root_hash_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
} else if ((val = startswith(l, "exec-context-root-hash-sig="))) {
|
} else if ((val = startswith(l, "exec-context-root-hash-sig="))) {
|
||||||
c->root_hash_sig = mfree(c->root_hash_sig);
|
c->root_hash_sig = mfree(c->root_hash_sig);
|
||||||
r= unbase64mem(val, strlen(val), &c->root_hash_sig, &c->root_hash_sig_size);
|
r= unbase64mem(val, &c->root_hash_sig, &c->root_hash_sig_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
} else if ((val = startswith(l, "exec-context-root-ephemeral="))) {
|
} else if ((val = startswith(l, "exec-context-root-ephemeral="))) {
|
||||||
@ -3055,7 +3055,7 @@ static int exec_context_deserialize(ExecContext *c, FILE *f) {
|
|||||||
if (c->stdin_data)
|
if (c->stdin_data)
|
||||||
return -EINVAL; /* duplicated */
|
return -EINVAL; /* duplicated */
|
||||||
|
|
||||||
r = unbase64mem(val, strlen(val), &c->stdin_data, &c->stdin_data_size);
|
r = unbase64mem(val, &c->stdin_data, &c->stdin_data_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
} else if ((val = startswith(l, "exec-context-tty-path="))) {
|
} else if ((val = startswith(l, "exec-context-tty-path="))) {
|
||||||
@ -3690,7 +3690,7 @@ static int exec_context_deserialize(ExecContext *c, FILE *f) {
|
|||||||
.encrypted = r,
|
.encrypted = r,
|
||||||
};
|
};
|
||||||
|
|
||||||
r = unbase64mem(data, strlen(data), &sc->data, &sc->size);
|
r = unbase64mem(data, &sc->data, &sc->size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
|
@ -314,7 +314,7 @@ static int proc_cmdline_callback(const char *key, const char *value, void *data)
|
|||||||
colon++;
|
colon++;
|
||||||
|
|
||||||
if (base64) {
|
if (base64) {
|
||||||
r = unbase64mem(colon, SIZE_MAX, &binary, &l);
|
r = unbase64mem(colon, &binary, &l);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "Failed to decode binary credential '%s' data, ignoring: %m", n);
|
log_warning_errno(r, "Failed to decode binary credential '%s' data, ignoring: %m", n);
|
||||||
return 0;
|
return 0;
|
||||||
@ -525,7 +525,7 @@ static int parse_smbios_strings(ImportCredentialContext *c, const char *data, si
|
|||||||
|
|
||||||
/* Optionally base64 decode the data, if requested, to allow binary credentials */
|
/* Optionally base64 decode the data, if requested, to allow binary credentials */
|
||||||
if (unbase64) {
|
if (unbase64) {
|
||||||
r = unbase64mem(eq + 1, nul - (eq + 1), &buf, &buflen);
|
r = unbase64mem_full(eq + 1, nul - (eq + 1), /* secure = */ false, &buf, &buflen);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "Failed to base64 decode credential '%s', ignoring: %m", cn);
|
log_warning_errno(r, "Failed to base64 decode credential '%s', ignoring: %m", cn);
|
||||||
continue;
|
continue;
|
||||||
|
@ -1254,7 +1254,7 @@ int config_parse_exec_input_data(
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unbase64mem(rvalue, SIZE_MAX, &p, &sz);
|
r = unbase64mem(rvalue, &p, &sz);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||||
"Failed to decode base64 data, ignoring: %s", rvalue);
|
"Failed to decode base64 data, ignoring: %s", rvalue);
|
||||||
@ -1748,7 +1748,7 @@ int config_parse_exec_root_hash(
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* We have a roothash to decode, eg: RootHash=012345789abcdef */
|
/* We have a roothash to decode, eg: RootHash=012345789abcdef */
|
||||||
r = unhexmem(rvalue, strlen(rvalue), &roothash_decoded, &roothash_decoded_size);
|
r = unhexmem(rvalue, &roothash_decoded, &roothash_decoded_size);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHash=, ignoring: %s", rvalue);
|
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHash=, ignoring: %s", rvalue);
|
||||||
return 0;
|
return 0;
|
||||||
@ -1816,7 +1816,7 @@ int config_parse_exec_root_hash_sig(
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */
|
/* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */
|
||||||
r = unbase64mem(value, strlen(value), &roothash_sig_decoded, &roothash_sig_decoded_size);
|
r = unbase64mem(value, &roothash_sig_decoded, &roothash_sig_decoded_size);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHashSignature=, ignoring: %s", rvalue);
|
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to decode RootHashSignature=, ignoring: %s", rvalue);
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -464,7 +464,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
|||||||
if (proc_cmdline_value_missing(key, value))
|
if (proc_cmdline_value_missing(key, value))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
r = unbase64mem(value, SIZE_MAX, &p, &sz);
|
r = unbase64mem(value, &p, &sz);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_warning_errno(r, "Failed to parse systemd.random_seed= argument, ignoring: %s", value);
|
log_warning_errno(r, "Failed to parse systemd.random_seed= argument, ignoring: %s", value);
|
||||||
|
|
||||||
|
@ -51,7 +51,7 @@ static int search_policy_hash(
|
|||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"TPM2 token data lacks 'tpm2-policy-hash' field.");
|
"TPM2 token data lacks 'tpm2-policy-hash' field.");
|
||||||
|
|
||||||
r = unhexmem(json_variant_string(w), SIZE_MAX, &thash, &thash_size);
|
r = unhexmem(json_variant_string(w), &thash, &thash_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"Invalid base64 data in 'tpm2-policy-hash' field.");
|
"Invalid base64 data in 'tpm2-policy-hash' field.");
|
||||||
|
@ -154,7 +154,7 @@ int find_pkcs11_auto_data(
|
|||||||
|
|
||||||
assert(!key);
|
assert(!key);
|
||||||
assert(key_size == 0);
|
assert(key_size == 0);
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, &key, &key_size);
|
r = unbase64mem(json_variant_string(w), &key, &key_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode base64 encoded key.");
|
return log_error_errno(r, "Failed to decode base64 encoded key.");
|
||||||
}
|
}
|
||||||
|
@ -172,7 +172,7 @@ _public_ int cryptsetup_token_validate(
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, NULL, NULL);
|
r = unbase64mem(json_variant_string(w), NULL, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_debug_errno(cd, r, "Invalid base64 data in 'fido2-credential' field: %m");
|
return crypt_log_debug_errno(cd, r, "Invalid base64 data in 'fido2-credential' field: %m");
|
||||||
|
|
||||||
@ -182,7 +182,7 @@ _public_ int cryptsetup_token_validate(
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, NULL, NULL);
|
r = unbase64mem(json_variant_string(w), NULL, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_debug_errno(cd, r, "Failed to decode base64 encoded salt: %m.");
|
return crypt_log_debug_errno(cd, r, "Failed to decode base64 encoded salt: %m.");
|
||||||
|
|
||||||
|
@ -136,7 +136,7 @@ _public_ int cryptsetup_token_validate(
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, NULL, NULL);
|
r = unbase64mem(json_variant_string(w), NULL, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_debug_errno(cd, r, "Failed to decode base64 encoded key: %m.");
|
return crypt_log_debug_errno(cd, r, "Failed to decode base64 encoded key: %m.");
|
||||||
|
|
||||||
|
@ -309,7 +309,7 @@ _public_ int cryptsetup_token_validate(
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, NULL, NULL);
|
r = unbase64mem(json_variant_string(w), NULL, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_debug_errno(cd, r, "Invalid base64 data in 'tpm2-blob' field: %m");
|
return crypt_log_debug_errno(cd, r, "Invalid base64 data in 'tpm2-blob' field: %m");
|
||||||
|
|
||||||
@ -319,7 +319,7 @@ _public_ int cryptsetup_token_validate(
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unhexmem(json_variant_string(w), SIZE_MAX, NULL, NULL);
|
r = unhexmem(json_variant_string(w), NULL, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_debug_errno(cd, r, "Invalid base64 data in 'tpm2-policy-hash' field: %m");
|
return crypt_log_debug_errno(cd, r, "Invalid base64 data in 'tpm2-policy-hash' field: %m");
|
||||||
|
|
||||||
|
@ -104,7 +104,7 @@ int parse_luks2_fido2_data(
|
|||||||
if (!w)
|
if (!w)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, &cid, &cid_size);
|
r = unbase64mem(json_variant_string(w), &cid, &cid_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_error_errno(cd, r, "Failed to parse 'fido2-credentials' field: %m");
|
return crypt_log_error_errno(cd, r, "Failed to parse 'fido2-credentials' field: %m");
|
||||||
|
|
||||||
@ -112,7 +112,7 @@ int parse_luks2_fido2_data(
|
|||||||
if (!w)
|
if (!w)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, &salt, &salt_size);
|
r = unbase64mem(json_variant_string(w), &salt, &salt_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_error_errno(cd, r, "Failed to parse 'fido2-salt' field: %m");
|
return crypt_log_error_errno(cd, r, "Failed to parse 'fido2-salt' field: %m");
|
||||||
|
|
||||||
|
@ -260,7 +260,7 @@ int parse_luks2_pkcs11_data(
|
|||||||
if (!w)
|
if (!w)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, &key, &key_size);
|
r = unbase64mem(json_variant_string(w), &key, &key_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return crypt_log_debug_errno(cd, r, "Failed to decode base64 encoded key: %m.");
|
return crypt_log_debug_errno(cd, r, "Failed to decode base64 encoded key: %m.");
|
||||||
|
|
||||||
|
@ -368,7 +368,7 @@ static int parse_one_option(const char *option) {
|
|||||||
_cleanup_free_ void *cid = NULL;
|
_cleanup_free_ void *cid = NULL;
|
||||||
size_t cid_size;
|
size_t cid_size;
|
||||||
|
|
||||||
r = unbase64mem(val, SIZE_MAX, &cid, &cid_size);
|
r = unbase64mem(val, &cid, &cid_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode FIDO2 CID data: %m");
|
return log_error_errno(r, "Failed to decode FIDO2 CID data: %m");
|
||||||
|
|
||||||
|
@ -423,7 +423,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
_cleanup_free_ void *p = NULL;
|
_cleanup_free_ void *p = NULL;
|
||||||
size_t l;
|
size_t l;
|
||||||
|
|
||||||
r = unhexmem(optarg, strlen(optarg), &p, &l);
|
r = unhexmem(optarg, &p, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse root hash '%s': %m", optarg);
|
return log_error_errno(r, "Failed to parse root hash '%s': %m", optarg);
|
||||||
if (l < sizeof(sd_id128_t))
|
if (l < sizeof(sd_id128_t))
|
||||||
@ -441,7 +441,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
void *p;
|
void *p;
|
||||||
|
|
||||||
if ((value = startswith(optarg, "base64:"))) {
|
if ((value = startswith(optarg, "base64:"))) {
|
||||||
r = unbase64mem(value, strlen(value), &p, &l);
|
r = unbase64mem(value, &p, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", optarg);
|
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", optarg);
|
||||||
} else {
|
} else {
|
||||||
|
@ -239,10 +239,11 @@ static int fscrypt_setup(
|
|||||||
if (!e)
|
if (!e)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "xattr %s lacks ':' separator: %m", xa);
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "xattr %s lacks ':' separator: %m", xa);
|
||||||
|
|
||||||
r = unbase64mem(value, e - value, &salt, &salt_size);
|
r = unbase64mem_full(value, e - value, /* secure = */ false, &salt, &salt_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode salt of %s: %m", xa);
|
return log_error_errno(r, "Failed to decode salt of %s: %m", xa);
|
||||||
r = unbase64mem(e+1, n - (e - value) - 1, &encrypted, &encrypted_size);
|
|
||||||
|
r = unbase64mem_full(e + 1, n - (e - value) - 1, /* secure = */ false, &encrypted, &encrypted_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode encrypted key of %s: %m", xa);
|
return log_error_errno(r, "Failed to decode encrypted key of %s: %m", xa);
|
||||||
|
|
||||||
|
@ -353,7 +353,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
/* If this is not a valid verification mode, maybe it's a literally specified
|
/* If this is not a valid verification mode, maybe it's a literally specified
|
||||||
* SHA256 hash? We can handle that too... */
|
* SHA256 hash? We can handle that too... */
|
||||||
|
|
||||||
r = unhexmem(optarg, (size_t) -1, &h, &n);
|
r = unhexmem(optarg, &h, &n);
|
||||||
if (r < 0 || n == 0)
|
if (r < 0 || n == 0)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"Invalid verification setting: %s", optarg);
|
"Invalid verification setting: %s", optarg);
|
||||||
|
@ -1479,7 +1479,7 @@ int dhcp_lease_load(sd_dhcp_lease **ret, const char *lease_file) {
|
|||||||
_cleanup_free_ void *data = NULL;
|
_cleanup_free_ void *data = NULL;
|
||||||
size_t data_size;
|
size_t data_size;
|
||||||
|
|
||||||
r = unhexmem(client_id_hex, SIZE_MAX, &data, &data_size);
|
r = unhexmem(client_id_hex, &data, &data_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_debug_errno(r, "Failed to parse client ID %s, ignoring: %m", client_id_hex);
|
log_debug_errno(r, "Failed to parse client ID %s, ignoring: %m", client_id_hex);
|
||||||
|
|
||||||
@ -1489,7 +1489,7 @@ int dhcp_lease_load(sd_dhcp_lease **ret, const char *lease_file) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (vendor_specific_hex) {
|
if (vendor_specific_hex) {
|
||||||
r = unhexmem(vendor_specific_hex, SIZE_MAX, &lease->vendor_specific, &lease->vendor_specific_len);
|
r = unhexmem(vendor_specific_hex, &lease->vendor_specific, &lease->vendor_specific_len);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_debug_errno(r, "Failed to parse vendor specific data %s, ignoring: %m", vendor_specific_hex);
|
log_debug_errno(r, "Failed to parse vendor specific data %s, ignoring: %m", vendor_specific_hex);
|
||||||
}
|
}
|
||||||
@ -1501,7 +1501,7 @@ int dhcp_lease_load(sd_dhcp_lease **ret, const char *lease_file) {
|
|||||||
if (!options[i])
|
if (!options[i])
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
r = unhexmem(options[i], SIZE_MAX, &data, &len);
|
r = unhexmem(options[i], &data, &len);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_debug_errno(r, "Failed to parse private DHCP option %s, ignoring: %m", options[i]);
|
log_debug_errno(r, "Failed to parse private DHCP option %s, ignoring: %m", options[i]);
|
||||||
continue;
|
continue;
|
||||||
|
@ -266,7 +266,7 @@ static int verify_anonymous_token(sd_bus *b, const char *p, size_t l) {
|
|||||||
if (l % 2 != 0)
|
if (l % 2 != 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
r = unhexmem(p, l, (void **) &token, &len);
|
r = unhexmem_full(p, l, /* secure = */ false, (void**) &token, &len);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
@ -298,7 +298,7 @@ static int verify_external_token(sd_bus *b, const char *p, size_t l) {
|
|||||||
if (l % 2 != 0)
|
if (l % 2 != 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
r = unhexmem(p, l, (void**) &token, &len);
|
r = unhexmem_full(p, l, /* secure = */ false, (void**) &token, &len);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
@ -1976,7 +1976,7 @@ _public_ int sd_event_add_memory_pressure(
|
|||||||
|
|
||||||
env = secure_getenv("MEMORY_PRESSURE_WRITE");
|
env = secure_getenv("MEMORY_PRESSURE_WRITE");
|
||||||
if (env) {
|
if (env) {
|
||||||
r = unbase64mem(env, SIZE_MAX, &write_buffer, &write_buffer_size);
|
r = unbase64mem(env, &write_buffer, &write_buffer_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
@ -712,7 +712,7 @@ int config_parse_macsec_key(
|
|||||||
|
|
||||||
dest = a ? &a->sa : &b->sa;
|
dest = a ? &a->sa : &b->sa;
|
||||||
|
|
||||||
r = unhexmem_full(rvalue, strlen(rvalue), true, &p, &l);
|
r = unhexmem_full(rvalue, SIZE_MAX, /* secure = */ true, &p, &l);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse key. Ignoring assignment: %m");
|
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse key. Ignoring assignment: %m");
|
||||||
return 0;
|
return 0;
|
||||||
@ -820,7 +820,7 @@ int config_parse_macsec_key_id(
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
r = unhexmem(rvalue, strlen(rvalue), &p, &l);
|
r = unhexmem(rvalue, &p, &l);
|
||||||
if (r == -ENOMEM)
|
if (r == -ENOMEM)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
|
@ -1396,7 +1396,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
_cleanup_free_ void *k = NULL;
|
_cleanup_free_ void *k = NULL;
|
||||||
size_t l;
|
size_t l;
|
||||||
|
|
||||||
r = unhexmem(optarg, strlen(optarg), &k, &l);
|
r = unhexmem(optarg, &k, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse root hash: %s", optarg);
|
return log_error_errno(r, "Failed to parse root hash: %s", optarg);
|
||||||
if (l < sizeof(sd_id128_t))
|
if (l < sizeof(sd_id128_t))
|
||||||
@ -1413,7 +1413,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
void *p;
|
void *p;
|
||||||
|
|
||||||
if ((value = startswith(optarg, "base64:"))) {
|
if ((value = startswith(optarg, "base64:"))) {
|
||||||
r = unbase64mem(value, strlen(value), &p, &l);
|
r = unbase64mem(value, &p, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", optarg);
|
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", optarg);
|
||||||
|
|
||||||
|
@ -362,7 +362,7 @@ int config_parse_dnssd_txt(
|
|||||||
|
|
||||||
case DNS_TXT_ITEM_DATA:
|
case DNS_TXT_ITEM_DATA:
|
||||||
if (value) {
|
if (value) {
|
||||||
r = unbase64mem(value, strlen(value), &decoded, &length);
|
r = unbase64mem(value, &decoded, &length);
|
||||||
if (r == -ENOMEM)
|
if (r == -ENOMEM)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
|
@ -279,7 +279,7 @@ static int dns_trust_anchor_load_positive(DnsTrustAnchor *d, const char *path, u
|
|||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unhexmem(p, strlen(p), &dd, &l);
|
r = unhexmem(p, &dd, &l);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning("Failed to parse DS digest %s on line %s:%u", p, path, line);
|
log_warning("Failed to parse DS digest %s on line %s:%u", p, path, line);
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
@ -338,7 +338,7 @@ static int dns_trust_anchor_load_positive(DnsTrustAnchor *d, const char *path, u
|
|||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = unbase64mem(p, strlen(p), &k, &l);
|
r = unbase64mem(p, &k, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_warning_errno(r, "Failed to parse DNSKEY key data %s on line %s:%u", p, path, line);
|
return log_warning_errno(r, "Failed to parse DNSKEY key data %s on line %s:%u", p, path, line);
|
||||||
|
|
||||||
|
@ -1213,7 +1213,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
|
|||||||
_cleanup_free_ void *decoded = NULL;
|
_cleanup_free_ void *decoded = NULL;
|
||||||
size_t decoded_size;
|
size_t decoded_size;
|
||||||
|
|
||||||
r = unbase64mem(p, SIZE_MAX, &decoded, &decoded_size);
|
r = unbase64mem(p, &decoded, &decoded_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to base64 decode encrypted credential: %m");
|
return log_error_errno(r, "Failed to base64 decode encrypted credential: %m");
|
||||||
|
|
||||||
@ -1400,7 +1400,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
|
|||||||
_cleanup_free_ void *decoded = NULL;
|
_cleanup_free_ void *decoded = NULL;
|
||||||
size_t sz;
|
size_t sz;
|
||||||
|
|
||||||
r = unbase64mem(eq, SIZE_MAX, &decoded, &sz);
|
r = unbase64mem(eq, &decoded, &sz);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode base64 data '%s': %m", eq);
|
return log_error_errno(r, "Failed to decode base64 data '%s': %m", eq);
|
||||||
|
|
||||||
@ -1787,7 +1787,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
|
|||||||
return bus_append_string(m, "RootHashPath", eq);
|
return bus_append_string(m, "RootHashPath", eq);
|
||||||
|
|
||||||
/* We have a roothash to decode, eg: RootHash=012345789abcdef */
|
/* We have a roothash to decode, eg: RootHash=012345789abcdef */
|
||||||
r = unhexmem(eq, strlen(eq), &roothash_decoded, &roothash_decoded_size);
|
r = unhexmem(eq, &roothash_decoded, &roothash_decoded_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode RootHash= '%s': %m", eq);
|
return log_error_errno(r, "Failed to decode RootHash= '%s': %m", eq);
|
||||||
if (roothash_decoded_size < sizeof(sd_id128_t))
|
if (roothash_decoded_size < sizeof(sd_id128_t))
|
||||||
@ -1809,7 +1809,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
|
|||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to decode RootHashSignature= '%s', not a path but doesn't start with 'base64:': %m", eq);
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to decode RootHashSignature= '%s', not a path but doesn't start with 'base64:': %m", eq);
|
||||||
|
|
||||||
/* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */
|
/* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */
|
||||||
r = unbase64mem(value, strlen(value), &roothash_sig_decoded, &roothash_sig_decoded_size);
|
r = unbase64mem(value, &roothash_sig_decoded, &roothash_sig_decoded_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode RootHashSignature= '%s': %m", eq);
|
return log_error_errno(r, "Failed to decode RootHashSignature= '%s': %m", eq);
|
||||||
|
|
||||||
|
@ -177,7 +177,7 @@ int acquire_fido2_key_auto(
|
|||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"FIDO2 token data lacks 'fido2-credential' field.");
|
"FIDO2 token data lacks 'fido2-credential' field.");
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, &cid, &cid_size);
|
r = unbase64mem(json_variant_string(w), &cid, &cid_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"Invalid base64 data in 'fido2-credential' field.");
|
"Invalid base64 data in 'fido2-credential' field.");
|
||||||
@ -189,7 +189,7 @@ int acquire_fido2_key_auto(
|
|||||||
|
|
||||||
assert(!salt);
|
assert(!salt);
|
||||||
assert(salt_size == 0);
|
assert(salt_size == 0);
|
||||||
r = unbase64mem(json_variant_string(w), SIZE_MAX, &salt, &salt_size);
|
r = unbase64mem(json_variant_string(w), &salt, &salt_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to decode base64 encoded salt.");
|
return log_error_errno(r, "Failed to decode base64 encoded salt.");
|
||||||
|
|
||||||
|
@ -3166,7 +3166,7 @@ int verity_settings_load(
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (text) {
|
if (text) {
|
||||||
r = unhexmem(text, strlen(text), &root_hash, &root_hash_size);
|
r = unhexmem(text, &root_hash, &root_hash_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
if (root_hash_size < sizeof(sd_id128_t))
|
if (root_hash_size < sizeof(sd_id128_t))
|
||||||
@ -3320,7 +3320,7 @@ int dissected_image_load_verity_sig_partition(
|
|||||||
if (!json_variant_is_string(rh))
|
if (!json_variant_is_string(rh))
|
||||||
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "'rootHash' field of signature JSON object is not a string.");
|
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "'rootHash' field of signature JSON object is not a string.");
|
||||||
|
|
||||||
r = unhexmem(json_variant_string(rh), SIZE_MAX, &root_hash, &root_hash_size);
|
r = unhexmem(json_variant_string(rh), &root_hash, &root_hash_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Failed to parse root hash field: %m");
|
return log_debug_errno(r, "Failed to parse root hash field: %m");
|
||||||
|
|
||||||
@ -3341,7 +3341,7 @@ int dissected_image_load_verity_sig_partition(
|
|||||||
if (!json_variant_is_string(sig))
|
if (!json_variant_is_string(sig))
|
||||||
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "'signature' field of signature JSON object is not a string.");
|
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "'signature' field of signature JSON object is not a string.");
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(sig), SIZE_MAX, &root_hash_sig, &root_hash_sig_size);
|
r = unbase64mem(json_variant_string(sig), &root_hash_sig, &root_hash_sig_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Failed to parse signature field: %m");
|
return log_debug_errno(r, "Failed to parse signature field: %m");
|
||||||
|
|
||||||
|
@ -5139,14 +5139,14 @@ int json_variant_unbase64(JsonVariant *v, void **ret, size_t *ret_size) {
|
|||||||
if (!json_variant_is_string(v))
|
if (!json_variant_is_string(v))
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
return unbase64mem(json_variant_string(v), SIZE_MAX, ret, ret_size);
|
return unbase64mem(json_variant_string(v), ret, ret_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
int json_variant_unhex(JsonVariant *v, void **ret, size_t *ret_size) {
|
int json_variant_unhex(JsonVariant *v, void **ret, size_t *ret_size) {
|
||||||
if (!json_variant_is_string(v))
|
if (!json_variant_is_string(v))
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
return unhexmem(json_variant_string(v), SIZE_MAX, ret, ret_size);
|
return unhexmem(json_variant_string(v), ret, ret_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char* const json_variant_type_table[_JSON_VARIANT_TYPE_MAX] = {
|
static const char* const json_variant_type_table[_JSON_VARIANT_TYPE_MAX] = {
|
||||||
|
@ -79,7 +79,7 @@ bool can_memlock(void);
|
|||||||
#define DEFINE_HEX_PTR(name, hex) \
|
#define DEFINE_HEX_PTR(name, hex) \
|
||||||
_cleanup_free_ void *name = NULL; \
|
_cleanup_free_ void *name = NULL; \
|
||||||
size_t name##_len = 0; \
|
size_t name##_len = 0; \
|
||||||
assert_se(unhexmem(hex, strlen_ptr(hex), &name, &name##_len) >= 0);
|
assert_se(unhexmem_full(hex, strlen_ptr(hex), false, &name, &name##_len) >= 0);
|
||||||
|
|
||||||
#define TEST_REQ_RUNNING_SYSTEMD(x) \
|
#define TEST_REQ_RUNNING_SYSTEMD(x) \
|
||||||
if (sd_booted() > 0) { \
|
if (sd_booted() > 0) { \
|
||||||
|
@ -1875,7 +1875,7 @@ int tpm2_pcr_value_from_string(const char *arg, Tpm2PCRValue *ret_pcr_value) {
|
|||||||
|
|
||||||
_cleanup_free_ void *buf = NULL;
|
_cleanup_free_ void *buf = NULL;
|
||||||
size_t buf_size = 0;
|
size_t buf_size = 0;
|
||||||
r = unhexmem(p, SIZE_MAX, &buf, &buf_size);
|
r = unhexmem(p, &buf, &buf_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Invalid pcr hash value '%s': %m", p);
|
return log_debug_errno(r, "Invalid pcr hash value '%s': %m", p);
|
||||||
|
|
||||||
|
@ -711,7 +711,7 @@ static int dispatch_pkcs11_key_data(const char *name, JsonVariant *variant, Json
|
|||||||
if (!json_variant_is_string(variant))
|
if (!json_variant_is_string(variant))
|
||||||
return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
|
return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(variant), SIZE_MAX, &b, &l);
|
r = unbase64mem(json_variant_string(variant), &b, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return json_log(variant, flags, r, "Failed to decode encrypted PKCS#11 key: %m");
|
return json_log(variant, flags, r, "Failed to decode encrypted PKCS#11 key: %m");
|
||||||
|
|
||||||
@ -778,7 +778,7 @@ static int dispatch_fido2_hmac_credential(const char *name, JsonVariant *variant
|
|||||||
if (!json_variant_is_string(variant))
|
if (!json_variant_is_string(variant))
|
||||||
return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
|
return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(variant), SIZE_MAX, &b, &l);
|
r = unbase64mem(json_variant_string(variant), &b, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return json_log(variant, flags, r, "Failed to decode FIDO2 credential ID: %m");
|
return json_log(variant, flags, r, "Failed to decode FIDO2 credential ID: %m");
|
||||||
|
|
||||||
@ -808,7 +808,7 @@ static int dispatch_fido2_hmac_credential_array(const char *name, JsonVariant *v
|
|||||||
if (!array)
|
if (!array)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(e), SIZE_MAX, &b, &l);
|
r = unbase64mem(json_variant_string(e), &b, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return json_log(variant, flags, r, "Failed to decode FIDO2 credential ID: %m");
|
return json_log(variant, flags, r, "Failed to decode FIDO2 credential ID: %m");
|
||||||
|
|
||||||
@ -838,7 +838,7 @@ static int dispatch_fido2_hmac_salt_value(const char *name, JsonVariant *variant
|
|||||||
if (!json_variant_is_string(variant))
|
if (!json_variant_is_string(variant))
|
||||||
return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
|
return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not a string.", strna(name));
|
||||||
|
|
||||||
r = unbase64mem(json_variant_string(variant), SIZE_MAX, &b, &l);
|
r = unbase64mem(json_variant_string(variant), &b, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return json_log(variant, flags, r, "Failed to decode FIDO2 salt: %m");
|
return json_log(variant, flags, r, "Failed to decode FIDO2 salt: %m");
|
||||||
|
|
||||||
|
@ -404,7 +404,7 @@ int pattern_match(const char *pattern, const char *s, InstanceMetadata *ret) {
|
|||||||
if (strlen(t) != sizeof(found.sha256sum) * 2)
|
if (strlen(t) != sizeof(found.sha256sum) * 2)
|
||||||
goto nope;
|
goto nope;
|
||||||
|
|
||||||
r = unhexmem(t, sizeof(found.sha256sum) * 2, &d, &l);
|
r = unhexmem_full(t, sizeof(found.sha256sum) * 2, /* secure = */ false, &d, &l);
|
||||||
if (r == -ENOMEM)
|
if (r == -ENOMEM)
|
||||||
return r;
|
return r;
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -398,7 +398,7 @@ static int resource_load_from_web(
|
|||||||
if (p[0] == '\\')
|
if (p[0] == '\\')
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "File names with escapes not supported in manifest at line %zu, refusing.", line_nr);
|
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "File names with escapes not supported in manifest at line %zu, refusing.", line_nr);
|
||||||
|
|
||||||
r = unhexmem(p, 64, &h, &hlen);
|
r = unhexmem_full(p, 64, /* secure = */ false, &h, &hlen);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse digest at manifest line %zu, refusing.", line_nr);
|
return log_error_errno(r, "Failed to parse digest at manifest line %zu, refusing.", line_nr);
|
||||||
|
|
||||||
|
@ -82,7 +82,7 @@ static void test_hexmem_one(const char *in, const char *expected) {
|
|||||||
log_debug("hexmem(\"%s\") → \"%s\" (expected: \"%s\")", strnull(in), result, expected);
|
log_debug("hexmem(\"%s\") → \"%s\" (expected: \"%s\")", strnull(in), result, expected);
|
||||||
assert_se(streq(result, expected));
|
assert_se(streq(result, expected));
|
||||||
|
|
||||||
assert_se(unhexmem(result, SIZE_MAX, &mem, &len) >= 0);
|
assert_se(unhexmem(result, &mem, &len) >= 0);
|
||||||
assert_se(memcmp_safe(mem, in, len) == 0);
|
assert_se(memcmp_safe(mem, in, len) == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -97,7 +97,7 @@ static void test_unhexmem_one(const char *s, size_t l, int retval) {
|
|||||||
_cleanup_free_ void *mem = NULL;
|
_cleanup_free_ void *mem = NULL;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|
||||||
assert_se(unhexmem(s, l, &mem, &len) == retval);
|
assert_se(unhexmem_full(s, l, /* secure = */ false, &mem, &len) == retval);
|
||||||
if (retval == 0) {
|
if (retval == 0) {
|
||||||
char *answer;
|
char *answer;
|
||||||
|
|
||||||
@ -318,7 +318,7 @@ TEST(base64mem_linebreak) {
|
|||||||
assert_se(encoded);
|
assert_se(encoded);
|
||||||
assert_se((size_t) l == strlen(encoded));
|
assert_se((size_t) l == strlen(encoded));
|
||||||
|
|
||||||
assert_se(unbase64mem(encoded, SIZE_MAX, &decoded, &decoded_size) >= 0);
|
assert_se(unbase64mem(encoded, &decoded, &decoded_size) >= 0);
|
||||||
assert_se(decoded_size == n);
|
assert_se(decoded_size == n);
|
||||||
assert_se(memcmp(data, decoded, n) == 0);
|
assert_se(memcmp(data, decoded, n) == 0);
|
||||||
|
|
||||||
@ -452,7 +452,7 @@ static void test_unbase64mem_one(const char *input, const char *output, int ret)
|
|||||||
_cleanup_free_ void *buffer = NULL;
|
_cleanup_free_ void *buffer = NULL;
|
||||||
size_t size = 0;
|
size_t size = 0;
|
||||||
|
|
||||||
assert_se(unbase64mem(input, SIZE_MAX, &buffer, &size) == ret);
|
assert_se(unbase64mem(input, &buffer, &size) == ret);
|
||||||
if (ret >= 0) {
|
if (ret >= 0) {
|
||||||
assert_se(size == strlen(output));
|
assert_se(size == strlen(output));
|
||||||
assert_se(memcmp(buffer, output, size) == 0);
|
assert_se(memcmp(buffer, output, size) == 0);
|
||||||
@ -533,12 +533,12 @@ TEST(base64withwithouturl) {
|
|||||||
size_t size;
|
size_t size;
|
||||||
|
|
||||||
/* This is regular base64 */
|
/* This is regular base64 */
|
||||||
assert_se(unbase64mem("zKFyIq7aZn4EpuCCmpcF9jPgD8JFE1g/xfT0Mas8X4M0WycyigRsQ4IH4yysufus0AORQsuk3oeGhRC7t1tLyKD0Ih0VcYedv5+p8e6itqrIwzecu98+rNyUVDhWBzS0PMwxEw==", SIZE_MAX, &buffer, &size) >= 0);
|
assert_se(unbase64mem("zKFyIq7aZn4EpuCCmpcF9jPgD8JFE1g/xfT0Mas8X4M0WycyigRsQ4IH4yysufus0AORQsuk3oeGhRC7t1tLyKD0Ih0VcYedv5+p8e6itqrIwzecu98+rNyUVDhWBzS0PMwxEw==", &buffer, &size) >= 0);
|
||||||
assert_se(memcmp_nn(plaintext, sizeof(plaintext), buffer, size) == 0);
|
assert_se(memcmp_nn(plaintext, sizeof(plaintext), buffer, size) == 0);
|
||||||
buffer = mfree(buffer);
|
buffer = mfree(buffer);
|
||||||
|
|
||||||
/* This is the same but in base64url */
|
/* This is the same but in base64url */
|
||||||
assert_se(unbase64mem("zKFyIq7aZn4EpuCCmpcF9jPgD8JFE1g_xfT0Mas8X4M0WycyigRsQ4IH4yysufus0AORQsuk3oeGhRC7t1tLyKD0Ih0VcYedv5-p8e6itqrIwzecu98-rNyUVDhWBzS0PMwxEw==", SIZE_MAX, &buffer, &size) >= 0);
|
assert_se(unbase64mem("zKFyIq7aZn4EpuCCmpcF9jPgD8JFE1g_xfT0Mas8X4M0WycyigRsQ4IH4yysufus0AORQsuk3oeGhRC7t1tLyKD0Ih0VcYedv5-p8e6itqrIwzecu98-rNyUVDhWBzS0PMwxEw==", &buffer, &size) >= 0);
|
||||||
assert_se(memcmp_nn(plaintext, sizeof(plaintext), buffer, size) == 0);
|
assert_se(memcmp_nn(plaintext, sizeof(plaintext), buffer, size) == 0);
|
||||||
|
|
||||||
/* Hint: use xxd -i to generate the static C array from some data, and basenc --base64 + basenc
|
/* Hint: use xxd -i to generate the static C array from some data, and basenc --base64 + basenc
|
||||||
|
@ -3795,7 +3795,8 @@ static int parse_line(
|
|||||||
_cleanup_free_ void *data = NULL;
|
_cleanup_free_ void *data = NULL;
|
||||||
size_t data_size = 0;
|
size_t data_size = 0;
|
||||||
|
|
||||||
r = unbase64mem(item_binary_argument(&i), item_binary_argument_size(&i), &data, &data_size);
|
r = unbase64mem_full(item_binary_argument(&i), item_binary_argument_size(&i), /* secure = */ false,
|
||||||
|
&data, &data_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_syntax(NULL, LOG_ERR, fname, line, r, "Failed to base64 decode specified argument '%s': %m", i.argument);
|
return log_syntax(NULL, LOG_ERR, fname, line, r, "Failed to base64 decode specified argument '%s': %m", i.argument);
|
||||||
|
|
||||||
|
@ -252,7 +252,7 @@ static int determine_device(
|
|||||||
if (*data_what && *hash_what)
|
if (*data_what && *hash_what)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
r = unhexmem(hash, strlen(hash), &m, &l);
|
r = unhexmem(hash, &m, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse hash: %s", hash);
|
return log_error_errno(r, "Failed to parse hash: %s", hash);
|
||||||
if (l < sizeof(sd_id128_t)) {
|
if (l < sizeof(sd_id128_t)) {
|
||||||
|
@ -205,7 +205,7 @@ static int parse_options(const char *options) {
|
|||||||
size_t l;
|
size_t l;
|
||||||
void *m;
|
void *m;
|
||||||
|
|
||||||
r = unhexmem(val, strlen(val), &m, &l);
|
r = unhexmem(val, &m, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse salt '%s': %m", word);
|
return log_error_errno(r, "Failed to parse salt '%s': %m", word);
|
||||||
|
|
||||||
@ -312,7 +312,7 @@ static int run(int argc, char *argv[]) {
|
|||||||
if (!filename_is_valid(volume))
|
if (!filename_is_valid(volume))
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
|
||||||
|
|
||||||
r = unhexmem(root_hash, SIZE_MAX, &m, &l);
|
r = unhexmem(root_hash, &m, &l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse root hash: %m");
|
return log_error_errno(r, "Failed to parse root hash: %m");
|
||||||
|
|
||||||
@ -378,7 +378,7 @@ static int run(int argc, char *argv[]) {
|
|||||||
char *value;
|
char *value;
|
||||||
|
|
||||||
if ((value = startswith(arg_root_hash_signature, "base64:"))) {
|
if ((value = startswith(arg_root_hash_signature, "base64:"))) {
|
||||||
r = unbase64mem(value, strlen(value), (void *)&hash_sig, &hash_sig_size);
|
r = unbase64mem(value, (void*) &hash_sig, &hash_sig_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", arg_root_hash_signature);
|
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", arg_root_hash_signature);
|
||||||
} else {
|
} else {
|
||||||
|
Loading…
Reference in New Issue
Block a user