/************************************************************************* * * Verify that a packet is legal * *************************************************************************/ int verify_packet( struct session *ses, struct pppoe_packet *p){ struct session * hu_val; /* This code here should do all of the error checking and validation on the incoming packet */ /* If we receive any error tags, abort */ #define CHECK_TAG(name, val) \ if((NULL==p->tags[name])== val){ \ poe_error(ses,"Tag error: " #name ); \ return -1; \ } /* If packet is not directed to our MAC address, forget it */ if (ses->state == PADS_CODE) { if (memcmp(p->addr.sll_addr, ses->remote.sll_addr, ETH_ALEN)) { poe_info(ses,"ETH_DEST mismatch: %E %E \n",p->addr.sll_addr, ses->remote.sll_addr); return -1; } } CHECK_TAG(TAG_SRV_ERR,0); CHECK_TAG(TAG_SYS_ERR,0); CHECK_TAG(TAG_GEN_ERR,0); /* A HOST_UNIQ must be present */ CHECK_TAG(TAG_HOST_UNIQ,1); hu_val = *TAG_DATA(struct session* ,p->tags[TAG_HOST_UNIQ]); if( hu_val != ses ){ poe_info(ses,"HOST_UNIQ mismatch: %08x %i\n",(int)hu_val,getpid()); return -1; } if(ses->filt->htag && !verify_tag(ses,p,TAG_HOST_UNIQ,ses->filt->htag->tag_data,(int)ntohs(ses->filt->htag->tag_len))) { poe_info(ses,"HOST_UNIQ failure"); return -1; } if(ses->filt->ntag && ses->state == PADO_CODE && !verify_tag(ses,p,TAG_AC_NAME,ses->filt->ntag->tag_data,(int)ntohs(ses->filt->ntag->tag_len))){ poe_info(ses,"AC_NAME failure"); return -1; } if(ses->filt->stag && !verify_tag(ses,p,TAG_SRV_NAME,ses->filt->stag->tag_data,(int)ntohs(ses->filt->stag->tag_len))){ poe_info(ses,"SRV_NAME failure"); return -1; } return 0; }
/************************************************************************* * * Verify that a packet is legal * *************************************************************************/ int verify_packet( struct session *ses, struct pppoe_packet *p){ struct session * hu_val; /* This code here should do all of the error checking and validation on the incoming packet */ /* If we receive any error tags, abort */ #define CHECK_TAG(name, val) \ if((NULL==p->tags[name])== val){ \ char format[sizeof("Tag error: ") + sizeof (#name) + \ sizeof("- %.65535s")]; \ sprintf(format, "Tag error: %s - %%.%ds", #name,\ p->tags[name]->tag_len);\ poe_error(ses,format,p->tags[name]->tag_data);\ return -1; \ } /* This causes an unaligned access here */ CHECK_TAG(TAG_SRV_ERR,0); CHECK_TAG(TAG_SYS_ERR,0); CHECK_TAG(TAG_GEN_ERR,0); /* A HOST_UNIQ must be present */ CHECK_TAG(TAG_HOST_UNIQ,1); hu_val = *TAG_DATA(struct session* ,p->tags[TAG_HOST_UNIQ]); if( hu_val != ses ){ poe_info(ses,"HOST_UNIQ mismatch: %08x %i\n",(int)hu_val,getpid()); return -1; } if(ses->filt->htag && !verify_tag(ses,p,TAG_HOST_UNIQ,ses->filt->htag->tag_data,(int)ntohs(ses->filt->htag->tag_len))) { poe_info(ses, "HOST_NAME failure"); return -1; } if(ses->filt->ntag && !verify_tag(ses,p,TAG_AC_NAME,ses->filt->ntag->tag_data,(int)ntohs(ses->filt->ntag->tag_len))){ poe_info(ses,"AC_NAME failure"); return -1; } if(ses->filt->stag && !verify_tag(ses,p,TAG_SRV_NAME,ses->filt->stag->tag_data,(int)ntohs(ses->filt->stag->tag_len))){ poe_info(ses,"SRV_NAME failure"); return -1; } return 1; }
int main(int argc, char **argv) { struct strbuf buf = STRBUF_INIT; unsigned char result_sha1[20]; if (argc != 1) usage("git mktag < signaturefile"); git_extract_argv0_path(argv[0]); setup_git_directory(); if (strbuf_read(&buf, 0, 4096) < 0) { die("could not read from stdin"); } /* Verify it for some basic sanity: it needs to start with "object <sha1>\ntype\ntagger " */ if (verify_tag(buf.buf, buf.len) < 0) die("invalid tag signature file"); if (write_sha1_file(buf.buf, buf.len, tag_type, result_sha1) < 0) die("unable to write tag file"); strbuf_release(&buf); printf("%s\n", sha1_to_hex(result_sha1)); return 0; }
int cmd_mktag(int argc, const char **argv, const char *prefix) { struct strbuf buf = STRBUF_INIT; struct object_id result; if (argc != 1) usage("git mktag"); git_config(git_default_config, NULL); if (strbuf_read(&buf, 0, 4096) < 0) { die_errno("could not read from stdin"); } /* Verify it for some basic sanity: it needs to start with "object <sha1>\ntype\ntagger " */ if (verify_tag(buf.buf, buf.len) < 0) die("invalid tag signature file"); if (write_object_file(buf.buf, buf.len, tag_type, &result) < 0) die("unable to write tag file"); strbuf_release(&buf); printf("%s\n", oid_to_hex(&result)); return 0; }
virtual void pass_long() { _to[0] = *(intptr_t*)(_from+Interpreter::local_offset_in_bytes(1)); debug_only(verify_tag(frame::TagValue)); _to += 1; _from -= 2*Interpreter::stackElementSize(); add_signature( long_sig ); }
/************************************************************************* * * Verify that a packet is legal * *************************************************************************/ int verify_packet( struct session *ses, struct pppoe_packet *p){ struct session * hu_val; /* This code here should do all of the error checking and validation on the incoming packet */ /* If we receive any error tags, abort */ #define CHECK_TAG(name, val) \ if((NULL==p->tags[name])== val){ \ poe_error(ses,"Tag error: " #name ); \ return -1; \ } CHECK_TAG(TAG_SRV_ERR,0); CHECK_TAG(TAG_SYS_ERR,0); CHECK_TAG(TAG_GEN_ERR,0); /* A HOST_UNIQ must be present */ CHECK_TAG(TAG_HOST_UNIQ,1); hu_val = *TAG_DATA(struct session* ,p->tags[TAG_HOST_UNIQ]); if( hu_val != ses ){ poe_info(ses,"HOST_UNIQ mismatch: %08x %i\n",(int)hu_val,getpid()); return -1; } if(ses->filt->htag && !verify_tag(ses,p,TAG_HOST_UNIQ,ses->filt->htag->tag_data,(int)ntohs(ses->filt->htag->tag_len))) return -1; else poe_info(ses,"HOST_UNIQ successful match\n"); if(ses->filt->ntag && !verify_tag(ses,p,TAG_AC_NAME,ses->filt->ntag->tag_data,(int)ntohs(ses->filt->ntag->tag_len))){ poe_info(ses,"AC_NAME failure"); return -1; } if(ses->filt->stag && !verify_tag(ses,p,TAG_SRV_NAME,ses->filt->stag->tag_data,(int)ntohs(ses->filt->stag->tag_len))){ poe_info(ses,"SRV_NAME failure"); return -1; } }
virtual void pass_object() { // pass address of from intptr_t *from_addr = (intptr_t*)(_from + Interpreter::local_offset_in_bytes(0)); *_to++ = (*from_addr == 0) ? NULL : (intptr_t) from_addr; debug_only(verify_tag(frame::TagReference)); _from -= Interpreter::stackElementSize(); add_signature( non_float ); }
virtual void pass_object() { intptr_t *from_addr = (intptr_t*)(_from + Interpreter::local_offset_in_bytes(0)); debug_only(verify_tag(frame::TagReference)); _from -= Interpreter::stackElementSize(); if (_num_args < Argument::n_int_register_parameters_c-1) { *_reg_args++ = (*from_addr == 0) ? NULL : (intptr_t) from_addr; _num_args++; } else { *_to++ = (*from_addr == 0) ? NULL : (intptr_t) from_addr; } }
static char *evaluate_by_udev(const char *token, const char *value, int uevent) { char dev[PATH_MAX]; char *path = NULL; size_t len; struct stat st; DBG(EVALUATE, ul_debug("evaluating by udev %s=%s", token, value)); if (!strcmp(token, "UUID")) strcpy(dev, _PATH_DEV_BYUUID "/"); else if (!strcmp(token, "LABEL")) strcpy(dev, _PATH_DEV_BYLABEL "/"); else if (!strcmp(token, "PARTLABEL")) strcpy(dev, _PATH_DEV_BYPARTLABEL "/"); else if (!strcmp(token, "PARTUUID")) strcpy(dev, _PATH_DEV_BYPARTUUID "/"); else { DBG(EVALUATE, ul_debug("unsupported token %s", token)); return NULL; /* unsupported tag */ } len = strlen(dev); if (blkid_encode_string(value, &dev[len], sizeof(dev) - len) != 0) return NULL; DBG(EVALUATE, ul_debug("expected udev link: %s", dev)); if (stat(dev, &st)) goto failed; /* link or device does not exist */ if (!S_ISBLK(st.st_mode)) return NULL; path = canonicalize_path(dev); if (!path) return NULL; #ifdef CONFIG_BLKID_VERIFY_UDEV if (verify_tag(path, token, value)) goto failed; #endif return path; failed: DBG(EVALUATE, ul_debug("failed to evaluate by udev")); if (uevent && path) blkid_send_uevent(path, "change"); free(path); return NULL; }
virtual void pass_float() { jint from_obj = *(jint*)(_from+Interpreter::local_offset_in_bytes(0)); debug_only(verify_tag(frame::TagValue)); _from -= Interpreter::stackElementSize(); if (_num_fp_args < Argument::n_float_register_parameters_c) { *_fp_args++ = from_obj; _num_fp_args++; } else { *_to++ = from_obj; } }
virtual void pass_long() { intptr_t from_obj = *(intptr_t*)(_from+Interpreter::local_offset_in_bytes(1)); debug_only(verify_tag(frame::TagValue)); _from -= 2*Interpreter::stackElementSize(); if (_num_int_args < Argument::n_int_register_parameters_c-1) { *_int_args++ = from_obj; _num_int_args++; } else { *_to++ = from_obj; } }
void BT_kFree(void *p) { if(!p) return; struct MEM_TAG *tag = (struct MEM_TAG *) p; tag -= 1; struct MAGIC_TAG *postmem = (struct MAGIC_TAG *) ((BT_u8 *) (tag+1) + tag->size); if(!verify_tag(&tag->tag_0) || !verify_tag(&tag->tag_1) || !verify_tag(postmem)) { BT_kPrint("Kernel Panic - Corrupted FREE"); while(1) { ; } } BT_CACHE *pCache = tag->pCache; if(pCache) { BT_CacheFree(pCache, tag); } else { bt_page_free((BT_PHYS_ADDR) bt_virt_to_phys(tag), tag->size+sizeof(struct MEM_TAG)+sizeof(struct MAGIC_TAG)); } }
virtual void pass_double() { intptr_t from_obj = *(intptr_t*)(_from+Interpreter::local_offset_in_bytes(1)); debug_only(verify_tag(frame::TagValue)); _from -= 2*Interpreter::stackElementSize(); if (_num_args < Argument::n_float_register_parameters_c-1) { *_reg_args++ = from_obj; *_fp_identifiers |= (intptr_t)(0x3 << (_num_args*2)); // mark as double _num_args++; } else { *_to++ = from_obj; } }
int cmd_verify_tag(int argc, const char **argv, const char *prefix) { int i = 1, verbose = 0, had_error = 0; git_config(git_default_config, NULL); if (argc == 1) usage(builtin_verify_tag_usage); if (!strcmp(argv[i], "-v") || !strcmp(argv[i], "--verbose")) { verbose = 1; i++; } /* sometimes the program was terminated because this signal * was received in the process of writing the gpg input: */ signal(SIGPIPE, SIG_IGN); while (i < argc) if (verify_tag(argv[i++], verbose)) had_error = 1; return had_error; }
int cmd_verify_tag(int argc, const char **argv, const char *prefix) { int i = 1, verbose = 0, had_error = 0; const struct option verify_tag_options[] = { OPT__VERBOSE(&verbose, "print tag contents"), OPT_END() }; git_config(git_default_config, NULL); argc = parse_options(argc, argv, prefix, verify_tag_options, verify_tag_usage, PARSE_OPT_KEEP_ARGV0); if (argc <= i) usage_with_options(verify_tag_usage, verify_tag_options); /* sometimes the program was terminated because this signal * was received in the process of writing the gpg input: */ signal(SIGPIPE, SIG_IGN); while (i < argc) if (verify_tag(argv[i++], verbose)) had_error = 1; return had_error; }
static partition_result_t get_anch_vol_desc(partition_private_t *partition_privatep, anch_vol_desc_ptr_t **anchor_vol_desc_ptrpp, int32_t *block_sizep) { int8_t *block_bufferp; int32_t block_size; anch_vol_desc_ptr_t *anchor_vol_desc_ptrp; off_t offset; partition_result_t partition_result; medium_private_t *medium_privatep; anchor_vol_desc_ptrp = NULL; block_bufferp = NULL; block_size = 0; partition_result = PARTITION_SUCCESS; medium_privatep = (medium_private_t *)partition_privatep->on_mediump; block_bufferp = malloc(MAXIMUM_BLOCK_SIZE); *anchor_vol_desc_ptrpp = NULL; anchor_vol_desc_ptrp = malloc(sizeof (anch_vol_desc_ptr_t)); if ((block_bufferp == NULL) || (anchor_vol_desc_ptrp == NULL)) { partition_result = PARTITION_OUT_OF_MEMORY; } if (partition_result == PARTITION_SUCCESS) { block_size = MINIMUM_BLOCK_SIZE; partition_result = PARTITION_NOT_THIS_TYPE; } while ((partition_result == PARTITION_NOT_THIS_TYPE) && (block_size <= MAXIMUM_BLOCK_SIZE)) { offset = partition_privatep->offset + (off_t)(ANCHOR_VOL_DESC_LOC * block_size); if ((offset + block_size) > medium_privatep->medium_capacity) { partition_result = PARTITION_CANT_READ_MEDIUM; continue; } if (lseek(partition_privatep->file_descriptor, offset, SEEK_SET) == -1) { partition_result = PARTITION_CANT_READ_MEDIUM; } else if (read(partition_privatep->file_descriptor, block_bufferp, block_size) != block_size) { partition_result = PARTITION_CANT_READ_MEDIUM; } else { (void) memcpy(anchor_vol_desc_ptrp, block_bufferp, sizeof (anch_vol_desc_ptr_t)); partition_result = verify_tag(&(anchor_vol_desc_ptrp->avd_tag), UD_ANCH_VOL_DESC); if (partition_result == PARTITION_SUCCESS) { *anchor_vol_desc_ptrpp = anchor_vol_desc_ptrp; *block_sizep = block_size; } } block_size = 2 * block_size; } if (block_bufferp != NULL) { free(block_bufferp); } /* * if we don't pass the buffer, but the buffer was allocated, * we need to free. */ if (*anchor_vol_desc_ptrpp == NULL && anchor_vol_desc_ptrp != NULL) { free(anchor_vol_desc_ptrp); } return (partition_result); }
virtual void pass_float() { *_to++ = *(jint *)(_from+Interpreter::local_offset_in_bytes(0)); debug_only(verify_tag(frame::TagValue)); _from -= Interpreter::stackElementSize(); add_signature( float_sig ); }
int crypto_aead_decrypt(unsigned char *m, unsigned long long *outputmlen, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) { AES_KEY key[1]; AES_KEY kappa_0[1]; AES_KEY kappa_m[1]; unsigned char nonce[BLOCK_LENGTH]; CPFB_BLOCK X[1]; CPFB_BLOCK P[1]; CPFB_BLOCK stream[1]; unsigned long long counter; unsigned long long mlen; (void)nsec; /* avoid warning */ if (clen < TAG_LENGTH) return -1; *outputmlen = mlen = clen - TAG_LENGTH; init(npub,k,kappa_0,key,nonce); /* Block encoding alen and mlen * In an online implementation, it would be done at the end, and X would be 0 */ store64(X->u8, mlen); X->u32[2] = htobe32((crypto_uint32)adlen); X->counter = 0; AES_encrypt(X, X, kappa_0); /* AD processing */ counter = 0; while (adlen > PAYLOAD_LENGTH) { load_96_ctr(P,ad,++counter); AES_encrypt(P, stream, kappa_0); xor_128(X, stream, X); ad += PAYLOAD_LENGTH; adlen -= PAYLOAD_LENGTH; } if (adlen > 0) { load_partial_ctr(P,ad,adlen,++counter); AES_encrypt(P, stream, kappa_0); xor_128(X, stream, X); } /* Plaintext processing */ if (mlen > 0) { /* New kappa */ gen_next_kappa(nonce,kappa_0,kappa_m,key); counter = 0; /* P_0 processing */ P->u64[0] = P->u64[1] = 0; AES_encrypt(P, stream, kappa_m); while (mlen > PAYLOAD_LENGTH) { store_xor_96(m,(CPFB_BLOCK*)c,stream); load_96_ctr(P,m,++counter); AES_encrypt(P, stream, kappa_m); xor_128(X, stream, X); c += PAYLOAD_LENGTH; m += PAYLOAD_LENGTH; mlen -= PAYLOAD_LENGTH; } if (mlen > 0) { store_xor_partial(m,(CPFB_BLOCK*)c,stream,mlen); load_partial_ctr(P,m,mlen,++counter); AES_encrypt(P, stream, kappa_m); xor_128(X, stream, X); c += mlen; } } AES_encrypt(X, X, kappa_0); return verify_tag(c,X->u8); }
static partition_result_t read_label(partition_private_t *partition_privatep, anch_vol_desc_ptr_t *anchor_vol_desc_ptrp, int32_t block_size) { uchar_t *block_bufferp; uint32_t block_number; uint32_t end_of_vol_desc_blocks; uint32_t first_vol_desc_block; char *key_bufferp; char *name_bufferp; uint32_t number_of_vol_desc_blocks; partition_result_t partition_result; struct pri_vol_desc *primary_vol_descp; char *string_bufferp; off_t offset; medium_private_t *medium_privatep; first_vol_desc_block = SWAP_32(anchor_vol_desc_ptrp->avd_main_vdse.ext_loc); number_of_vol_desc_blocks = SWAP_32(anchor_vol_desc_ptrp->avd_main_vdse.ext_len) / block_size; end_of_vol_desc_blocks = first_vol_desc_block + number_of_vol_desc_blocks; partition_result = PARTITION_SUCCESS; medium_privatep = (medium_private_t *)partition_privatep->on_mediump; block_bufferp = malloc(block_size); key_bufferp = malloc(MAXPATHLEN); name_bufferp = malloc(MAXNAMELEN); primary_vol_descp = malloc(sizeof (struct pri_vol_desc)); string_bufferp = malloc(MAX_UNICODE_NAMELEN); if ((block_bufferp == NULL) || (key_bufferp == NULL) || (name_bufferp == NULL) || (primary_vol_descp == NULL) || (string_bufferp == NULL)) { partition_result = PARTITION_OUT_OF_MEMORY; } if (partition_result == PARTITION_SUCCESS) { block_number = first_vol_desc_block; partition_result = PARTITION_NOT_THIS_TYPE; } while ((partition_result == PARTITION_NOT_THIS_TYPE) && (block_number < end_of_vol_desc_blocks)) { offset = partition_privatep->offset + (off_t)(block_number * block_size); if ((offset + block_size) > medium_privatep->medium_capacity) { partition_result = PARTITION_CANT_READ_MEDIUM; continue; } if (lseek(partition_privatep->file_descriptor, offset, SEEK_SET) == -1) { partition_result = PARTITION_CANT_READ_MEDIUM; } else if (read(partition_privatep->file_descriptor, block_bufferp, block_size) != block_size) { partition_result = PARTITION_CANT_READ_MEDIUM; } else { (void) memcpy(primary_vol_descp, block_bufferp, sizeof (struct pri_vol_desc)); partition_result = verify_tag(&(primary_vol_descp->pvd_tag), UD_PRI_VOL_DESC); } block_number++; } if (partition_result == PARTITION_SUCCESS) { /* * Check the character set. Solaris only supports * the OSTA Compressed Unicode character set for UDFS. */ if ((primary_vol_descp->pvd_desc_cs.cs_type != CS_TYPE0) || (strncmp(primary_vol_descp->pvd_desc_cs.cs_info, osta_comp_uni, 63) != 0)) { partition_result = PARTITION_CANT_READ_MEDIUM; } else { (void) ud_convert2utf8( (uint8_t *)(primary_vol_descp->pvd_vol_id), (uint8_t *)string_bufferp, strlen(primary_vol_descp->pvd_vol_id)); if ((string_bufferp[0] == NULLC) || (strcmp(string_bufferp, "UNDEFINED") == 0)) { partition_privatep->has_volume_name = B_FALSE; (void) snprintf(name_bufferp, MAXNAMELEN, "%s%s", UNNAMED_PREFIX, partition_privatep->medium_typep); partition_privatep->labelp->volume_namep = strdup(name_bufferp); } else { partition_privatep->has_volume_name = B_TRUE; partition_privatep->labelp->volume_namep = strdup(string_bufferp); } if (partition_privatep->labelp->volume_namep == NULL) { partition_result = PARTITION_OUT_OF_MEMORY; } else { partition_privatep->labelp->crc = calc_crc(block_bufferp, block_size); (void) snprintf(key_bufferp, MAXPATHLEN, "0x%lx", partition_privatep->labelp->crc); partition_privatep->labelp->keyp = strdup(key_bufferp); if (partition_privatep->labelp->keyp == NULL) { partition_result = PARTITION_OUT_OF_MEMORY; } } } } if (block_bufferp != NULL) { free(block_bufferp); } if (key_bufferp != NULL) { free(key_bufferp); } if (name_bufferp != NULL) { free(name_bufferp); } if (primary_vol_descp != NULL) { free(primary_vol_descp); } if (string_bufferp != NULL) { free(string_bufferp); } return (partition_result); }