void check_valid_string(const void *str, void *esp) { char *check_str = (char *)str; check_address((void *)check_str,esp); /* check the all string's address */ while(*check_str != 0) { check_str += 1; check_address(check_str, esp); } }
void get_argument(void* esp, int* arg, int count) { int i; for( i = 0 ; i < count ; i++ ) // copy user stack memory to arg { check_address( &((int*)esp)[i+1] ); check_address( &((int*)esp)[i+1] + sizeof(int)); memcpy(&arg[i], &((int*)esp)[i+1], sizeof(int)); } return; }
void operate(int*num, int*num2, int*num3) // NO printfs allowed here { int *ptr1, *ptr2; if((ptr1 = read_address(1)) && check_address(ptr1, num, num2, num3) && (ptr2 = read_address(2)) && check_address(ptr2, num, num2, num3)) { int operand = read_operand(); // read operand as int char operator = read_operator(); // read operator as char run_operation(ptr1, ptr2, operand, operator); // operate } // endif // done, thank god } // operate();
/** * Creates a new transport for the "autostart" method. * This creates a client-side of a transport. * * @param error address where an error can be returned. * @returns a new transport, or #NULL on failure. */ static DBusTransport* _dbus_transport_new_for_autolaunch (DBusError *error) { DBusString address; DBusTransport *result = NULL; _DBUS_ASSERT_ERROR_IS_CLEAR (error); if (!_dbus_string_init (&address)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } if (!_dbus_get_autolaunch_address (&address, error)) { _DBUS_ASSERT_ERROR_IS_SET (error); goto out; } result = check_address (_dbus_string_get_const_data (&address), error); if (result == NULL) _DBUS_ASSERT_ERROR_IS_SET (error); else _DBUS_ASSERT_ERROR_IS_CLEAR (error); out: _dbus_string_free (&address); return result; }
int SpiFlash::write(byte* _buf, long _addr, uint16_t _length) { // Below if statement checks that device is ready, _address is within device memory, and there won't be a page overflow writing data if (!checkWriteInProgress() && _length <= PAGE_SIZE && check_address(_addr, _length) && checkPageOverflow(_addr, _length)) { digitalWriteFast(SS, LOW); send(PAGE_PROGRAM); send(_addr >> 16); send(_addr >> 8); send(_addr); #ifdef DEBUG Serial.println("Writing Data. . ."); #endif for (int i = 0; i < _length; i++) { send(*_buf); #ifdef DEBUG //Serial.println(*_buf, BIN); #endif _buf++; } digitalWriteFast(SS, HIGH); writeEnable(); return 1; // returns 1 if ok }
static inline void* operator new[] ( size_t size ) { // Dbg_SetPlacementNew( false ); void * rv = Mem::Manager::sHandle().New( size, true ); check_address( rv, size ); return rv; }
void callback1(netresolve_query_t query, void *user_data) { struct priv_common *priv = user_data; check_address(query, AF_INET6, "1:2:3:4:5:6:7:8", 999999); priv->finished++; }
void callback2(netresolve_query_t query, void *user_data) { struct priv_common *priv = user_data; check_address(query, AF_INET, "1.2.3.4", 999999); priv->finished++; }
static DBusHandlerResult register_passkey_agent(DBusConnection *conn, DBusMessage *msg, void *data) { struct passkey_agent *agent, ref; struct adapter *adapter; DBusMessage *reply; const char *path, *addr; if (!data) { error("register_passkey_agent called without any adapter info!"); return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; } adapter = data; if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_STRING, &path, DBUS_TYPE_STRING, &addr, DBUS_TYPE_INVALID)) return error_invalid_arguments(conn, msg, NULL); if ((check_address(addr) < 0) || (path[0] != '/')) return error_invalid_arguments(conn, msg, NULL); memset(&ref, 0, sizeof(ref)); ref.name = (char *) dbus_message_get_sender(msg); ref.addr = (char *) addr; ref.path = (char *) path; if (g_slist_find_custom(adapter->passkey_agents, &ref, (GCompareFunc) agent_cmp)) return error_passkey_agent_already_exists(conn, msg); agent = passkey_agent_new(adapter, conn, ref.name, path, addr); if (!agent) return DBUS_HANDLER_RESULT_NEED_MEMORY; reply = dbus_message_new_method_return(msg); if (!reply) { agent->exited = 1; passkey_agent_free(agent); return DBUS_HANDLER_RESULT_NEED_MEMORY; } /* Only add a name listener if there isn't one already for this name */ ref.addr = NULL; ref.path = NULL; if (!g_slist_find_custom(adapter->passkey_agents, &ref, (GCompareFunc) agent_cmp)) name_listener_add(conn, ref.name, (name_cb_t) agent_exited, adapter); agent->timeout = g_timeout_add(AGENT_TIMEOUT, (GSourceFunc)agent_timeout, agent); adapter->passkey_agents = g_slist_append(adapter->passkey_agents, agent); return send_message_and_unref(conn, reply); }
// Returns 0 if no errors were found, otherwise returns the error int mm_checkheap(int verbose) { // char *bp = heap_listp; if (verbose) printf("Heap (%p):\n", heap_listp); if ((GET_SIZE(HDRP(heap_listp)) != DSIZE) || !GET_ALLOC(HDRP(heap_listp))) printf("Bad prologue header\n"); checkblock(heap_listp); void* list; int count_free_in_list = 0; int count_free_in_heap = 0; for (int i =0; i < 9; i++) { for (list = (void*)(*(long*)GET_BUCKET(root,i)); list != NULL; list = get_succ(list) ) { if (verbose) printblock(list); checkblock(list); if ( get_succ(list) != NULL && get_pred(list) !=NULL) check_succ_pred(list); check_address(list); count_free_in_list++; check_in_correct_bucket(list, i); } } char *bp; for (bp = heap_listp; GET_SIZE(HDRP(bp)) > 0; bp = NEXT_BLKP(bp)) { if (verbose) { if (GET_ALLOC(HDRP(bp)) == 0) count_free_in_heap ++; printblock(bp); checkblock(bp); check_coalescing( (void*)bp); } } if (count_free_in_heap != count_free_in_list) printf ("Number of free block not consistent in heap and list list \n"); if (verbose) printblock(bp); if ((GET_SIZE(HDRP(bp)) != 0) || !(GET_ALLOC(HDRP(bp)))) { printf("Bad epilogue header\n"); if (GET_SIZE(HDRP(bp)) != 0) printf ("size is not 0\n"); if (!(GET_ALLOC(HDRP(bp))) ) printf ("not allocated properly\n"); } return 0; }
/* copy arguments from stack to kernel space with count */ void get_argument (void *esp, int *arg, int count) { int i = 0; int *pointer = NULL; for (i=0; i < count; i++) { pointer = (int*)esp + i + 1; check_address (pointer); arg[i] = *pointer; } }
void* Class::operator new[]( size_t size, Mem::Allocator* pAlloc, bool assert_on_fail ) { void* p_ret = Mem::Manager::sHandle().New( size, assert_on_fail, pAlloc ); if ( p_ret ) { memset ( p_ret, 0, size ); } check_address( p_ret, size ); return p_ret; }
void* Class::operator new( size_t size ) { void* p_ret = Mem::Manager::sHandle().New( size ); if ( p_ret ) { memset ( p_ret, 0, size ); } check_address( p_ret, size ); return p_ret; }
void operate(int *address1, int *address2, int *address3) { int *ptr1, *ptr2, operand; char operator; ptr1 = read_address(1); // if the user inputs 2 addresses and they are both true call for operand and operator if (check_address(ptr1, address1, address2, address3) && (ptr2 = read_address(2)) && check_address(ptr2, address1, address2, address3)) { operand = read_operand(); operator = read_operator(); run_operation(ptr1, ptr2, operand, operator); } return; }//operate()
/* get_argument function */ void get_argument(void *esp, int *arg, int count) { int i; void *stack_pointer=esp+4; if(count > 0) { for(i=0; i<count; i++){ check_address(stack_pointer); arg[i] = *(int *)stack_pointer; stack_pointer = stack_pointer + 4; } } }
static gboolean get_address_maybe (TTXProviderMgr *prov_mgr, Opts *opts, GError **err) { GRegex *rx; GMatchInfo *minfo; char* str; const char *addr; minfo = NULL; str = NULL; if (!opts->params || !opts->params[0]) return TRUE; /* nothing to do here */ addr = opts->params[0]; rx = g_regex_new ("(\\w+):(\\d{3})(/(\\d{1,2}))?", 0, 0, err); if (!rx) return FALSE; if (!g_regex_match (rx, addr, 0, &minfo)) { g_printerr (_("invalid link; expected: " "<provider-id>:<page>[/<subpage>]\n" "e.g., nos:101/1 or yle:200\n")); g_match_info_free (minfo); g_regex_unref (rx); return FALSE; } opts->prov_id = g_match_info_fetch (minfo, 1); str = g_match_info_fetch (minfo, 2); opts->page = atoi (str); g_free (str); if (g_match_info_get_match_count (minfo) < 5) opts->subpage = 1; else { str = g_match_info_fetch (minfo, 4); opts->subpage = atoi (str); g_free (str); } g_match_info_free (minfo); g_regex_unref (rx); return check_address (prov_mgr, opts->prov_id, opts->page, opts->subpage); }
bool register_service_provider (string address, string port) { int socket; bool result = false; if (!check_address (address) || atoi(port.c_str()) < 1023 || atoi(port.c_str()) > 65535 || !socket_initialization_client (&socket, SR_address, SR_port)) return false; if (send_string (socket, "add_service_provider") && receive_int (socket) != -1 && send_string (socket, address) && send_string (socket, port)) result = true; close(socket); return result; }
int mask_match_address(SERVER_REC *server, const char *mask, const char *nick, const char *address) { char *str; int ret, wildcards; g_return_val_if_fail(server == NULL || IS_SERVER(server), FALSE); g_return_val_if_fail(mask != NULL && nick != NULL, FALSE); if (address == NULL) address = ""; str = !check_address(mask, &wildcards) ? (char *) nick : g_strdup_printf("%s!%s", nick, address); ret = check_mask(server, mask, str, wildcards); if (str != nick) g_free(str); return ret; }
END_TEST //------------------------------------------------------------------------------ START_TEST(stuntcp_binding_request) { struct stun_message *stun = stun_new(STUN_BINDING_REQUEST); struct sockaddr addr; socklen_t len = sizeof(addr); cli_send(stun, cli); srv_loop(); stun = cli_recv(cli); fail_if(stun == NULL, "No message"); fail_if(stun->mapped_address == NULL, "No mapping response"); getsockname(cli, &addr, &len); check_address(stun->mapped_address, &addr); stun_free(stun); }
HRESULT bCap_Close_Server(int *pfd) { int index, *sock; struct CONN_BCAP_SERVER *bcap_param; struct CONN_PARAM_COMMON *device; if(pfd == NULL) return E_HANDLE; index = *pfd; bcap_param = check_address(index); if(bcap_param == NULL) return E_HANDLE; device = &bcap_param->device; sock = &device->sock; /* Ends main thread */ set_event(&bcap_param->term_main_evt); exit_thread(bcap_param->main_thread); /* Destroys event */ destroy_event(&bcap_param->term_main_evt); /* Closes connection */ device->dn_close(sock); /* Releases argument */ if(device->arg != NULL) { free(device->arg); device->arg = NULL; } /* Resets connection parameters */ memset(bcap_param, 0, sizeof(struct CONN_BCAP_SERVER)); *pfd = 0; return S_OK; }
END_TEST //------------------------------------------------------------------------------ START_TEST(stuntcp_multiple) { struct stun_message *stun; int i; int clis[6]; struct sockaddr addr; socklen_t len = sizeof(addr); clis[0] = cli; for (i = 1; i < 6; i++) clis[i] = stuntcp_client(); srv_loop(); for (i = 0; i < 4; i++) { stun = stun_new(STUN_BINDING_REQUEST); cli_send(stun, clis[i]); } close(clis[3]); shutdown(clis[4], SHUT_WR); usleep(200000); srv_loop(); for (i = 0; i < 3; i++) { stun = cli_recv(clis[i]); fail_if(stun == NULL, "No message"); fail_if(stun->mapped_address == NULL, "No mapping response"); getsockname(clis[i], &addr, &len); check_address(stun->mapped_address, &addr); stun_free(stun); } fail_unless(cli_recv(clis[4]) == NULL, "EOF expected"); fail_unless(cli_recv(clis[5]) == NULL, "EOF expected"); for (i = 1; i < 6; i++) close(clis[i]); }
int sighandler(struct pcb* process, int signal, void (*newhandler)(void *), void (** oldhandler)(void *)){ //kprintf("%d %d %d\n",signal,newhandler,oldhandler); if(signal<0 || signal > SIG_TABLE_SIZE-1){ return -1; //invalid signal number } if(check_address(NULL,newhandler)<0){ //kprintf("signal handler chk addr error = %d\n",check_address(process,newhandler)); return -2; //invalid handler } // kprintf("K 1 old address = %d\n",oldhandler); // kprintf("K 1 *old address = %d\n",*oldhandler); // kprintf("K 1 **old address = %d\n",**oldhandler); //save old handler *oldhandler = process->sig_handler_table[signal]; //oldhandler = process->sig_handler_table[signal]; // kprintf("K 2 old address = %d\n",oldhandler); // kprintf("K 2 *old address = %d\n",*oldhandler); // kprintf("K 2 **old address = %d\n",**oldhandler); //assign new handler process->sig_handler_table[signal] = newhandler; //set register mask process->sig_register_mask = (1 << signal) | process->sig_register_mask; //clear wait mask //process->sig_waiting_mask = process->sig_waiting_mask & ~(1 << signal); //kprintf("handler mask = %b\n",process->sig_register_mask); return 0; //every okay! }
void check_valid_buffer(void *buffer, unsigned size, void *esp, bool to_write) { struct vm_entry *vme; unsigned i; char *check_buffer = (char *)buffer; /* check buffer */ for(i=0; i<size; i++) { check_address((void *)check_buffer, esp); vme = find_vme((void *)check_buffer); if(vme != NULL) { /* if to_write is true, vm_entry must writable. so if to_write is true but vm_entry is not writable exit the process. */ if(to_write == true) { if(vme->writable == false) exit(-1); } } check_buffer++; } }
static int client_connect(void) { struct fi_eq_cm_entry entry; uint32_t event; ssize_t rd; int ret; ret = fi_getinfo(FT_FIVERSION, opts.dst_addr, opts.dst_port, 0, hints, &fi); if (ret) { FT_PRINTERR("fi_getinfo", ret); return ret; } ret = fi_domain(fabric, fi, &domain, NULL); if (ret) { FT_PRINTERR("fi_domain", ret); return ret; } ret = check_address(&pep->fid, "fi_endpoint (pep)"); if (ret) return ret; assert(fi->handle == &pep->fid); ret = ft_alloc_active_res(fi); if (ret) return ret; /* Close the passive endpoint that we "stole" the source address * from */ FT_CLOSE_FID(pep); ret = check_address(&ep->fid, "fi_endpoint (ep)"); if (ret) return ret; ret = ft_init_ep(); if (ret) return ret; /* Connect to server */ ret = fi_connect(ep, fi->dest_addr, NULL, 0); if (ret) { FT_PRINTERR("fi_connect", ret); return ret; } /* Wait for the connection to be established */ rd = fi_eq_sread(eq, &event, &entry, sizeof entry, -1, 0); if (rd != sizeof entry) { FT_PRINTERR("fi_eq_sread", rd); return (int) rd; } if (event != FI_CONNECTED || entry.fid != &ep->fid) { FT_ERR("Unexpected CM event %d fid %p (ep %p)\n", event, entry.fid, ep); return -FI_EOTHER; } ret = check_address(&ep->fid, "connect"); if (ret) { return ret; } return 0; }
static int server_connect(void) { struct fi_eq_cm_entry entry; uint32_t event; struct fi_info *info = NULL; ssize_t rd; int ret; /* Wait for connection request from client */ rd = fi_eq_sread(eq, &event, &entry, sizeof entry, -1, 0); if (rd != sizeof entry) { FT_PRINTERR("fi_eq_sread", rd); return (int) rd; } info = entry.info; if (event != FI_CONNREQ) { FT_ERR("Unexpected CM event %d\n", event); ret = -FI_EOTHER; goto err; } ret = fi_domain(fabric, info, &domain, NULL); if (ret) { FT_PRINTERR("fi_domain", ret); goto err; } ret = ft_alloc_active_res(info); if (ret) goto err; ret = ft_init_ep(); if (ret) goto err; /* Accept the incoming connection. Also transitions endpoint to active state */ ret = fi_accept(ep, NULL, 0); if (ret) { FT_PRINTERR("fi_accept", ret); goto err; } /* Wait for the connection to be established */ rd = fi_eq_sread(eq, &event, &entry, sizeof entry, -1, 0); if (rd != sizeof entry) { FT_PRINTERR("fi_eq_sread", rd); goto err; } if (event != FI_CONNECTED || entry.fid != &ep->fid) { FT_ERR("Unexpected CM event %d fid %p (ep %p)\n", event, entry.fid, ep); ret = -FI_EOTHER; goto err; } ret = check_address(&ep->fid, "accept"); if (ret) { goto err; } fi_freeinfo(info); return 0; err: fi_reject(pep, info->handle, NULL, 0); fi_freeinfo(info); return ret; }
static void syscall_handler (struct intr_frame *f ) { /* VALUE */ int syscall_num; int arg[5]; void *esp = f->esp; /* VALUE */ check_address(esp); syscall_num = *(int *)esp; switch(syscall_num) { case SYS_HALT: halt(); break; case SYS_EXIT: get_argument(esp,arg,1); exit(arg[0]); break; case SYS_EXEC: get_argument(esp,arg,1); check_address((void *)arg[0]); f->eax = exec((const char *)arg[0]); break; case SYS_WAIT: get_argument(esp,arg,1); f->eax = wait(arg[0]); break; case SYS_CREATE: get_argument(esp,arg,2); check_address((void *)arg[0]); f->eax = create((const char *)arg[0],(unsigned)arg[1]); break; case SYS_REMOVE: get_argument(esp,arg,1); check_address((void *)arg[0]); f->eax=remove((const char *)arg[0]); break; case SYS_OPEN: get_argument(esp,arg,1); check_address((void *)arg[0]); f->eax = open((const char *)arg[0]); break; case SYS_FILESIZE: get_argument(esp,arg,1); f->eax = filesize(arg[0]); break; case SYS_READ: get_argument(esp,arg,3); check_address((void *)arg[1]); f->eax = read(arg[0],(void *)arg[1],(unsigned)arg[2]); break; case SYS_WRITE: get_argument(esp,arg,3); check_address((void *)arg[1]); f->eax = write(arg[0],(void *)arg[1],(unsigned)arg[2]); break; case SYS_SEEK: get_argument(esp,arg,2); seek(arg[0],(unsigned)arg[1]); break; case SYS_TELL: get_argument(esp,arg,1); f->eax = tell(arg[0]); break; case SYS_CLOSE: get_argument(esp,arg,1); close(arg[0]); break; case SYS_ISDIR: get_argument(esp,arg,1); sys_isdir(arg[0]); break; case SYS_MKDIR: get_argument(esp, arg, 1); check_address((void *)arg[0]); f->eax = sys_mkdir((const char *)arg[0]); break; case SYS_READDIR: get_argument(esp, arg, 2); check_address((char *)arg[1]); f->eax = sys_readdir(arg[0], (char *)arg[1]); break; case SYS_CHDIR: get_argument(esp, arg, 1); check_address((void *)arg[0]); f->eax = sys_chdir((const char *)arg[0]); break; } }
//-(Method)---------------------------------------------------------------- // Extract Payload //------------------------------------------------------------------------- void sc_h264d_top::extract_payload() { if(dbg_info) std::cout<<"H264: ===extract_payload()==="<<std::endl; tlm::tlm_response_status response_status; sc_uint<32> tmp; uint64 previous_addr, masked_addr; // Access the required attributes from the payload uint64 address = payload_ptr->get_address(); // memory address tlm::tlm_command command = payload_ptr->get_command(); // memory command unsigned char *data_ptr = payload_ptr->get_data_ptr(); // data pointer unsigned int length = payload_ptr->get_data_length(); // data length uint64 every_addr = address; bool check = 1; for (unsigned int i = 0; i < length; i++) { ///if(!check_address(every_addr)) if(check_address(every_addr)) check = 0; every_addr = every_addr + i; } if(check == 1) response_status = tlm::TLM_OK_RESPONSE; else { cout << name() << ": decoding error, addr=0x" << hex << address << ", length=0x" << length << "\n"; payload_ptr->set_response_status( tlm::TLM_ADDRESS_ERROR_RESPONSE); return; } if (payload_ptr->get_byte_enable_ptr()) { payload_ptr->set_response_status(tlm::TLM_BYTE_ENABLE_ERROR_RESPONSE); return; } else if (payload_ptr->get_streaming_width() != payload_ptr->get_data_length()) { payload_ptr->set_response_status(tlm::TLM_BURST_ERROR_RESPONSE); return; } switch (command) { default: { payload_ptr->set_response_status(tlm::TLM_COMMAND_ERROR_RESPONSE); cout << name() <<": Unsupport GP command extension\n"; //time = sc_core::SC_ZERO_TIME; break; } // Setup a TLM_WRITE_COMMAND Informational Message and Write the Data from // the Generic Payload Data pointer to Memory case tlm::TLM_WRITE_COMMAND: { if (response_status == tlm::TLM_OK_RESPONSE) { tmp = 0; for (unsigned int i = 0; i < length; i++) { // Call to write must be a WORD based, one cannot call write BYTE by BYTE. //Collect data[i] until a word-aligned data is full if(address % 4 == 0) tmp = data_ptr[i]; else if(address % 4 == 1) tmp = tmp | data_ptr[i] << 8; else if(address % 4 == 2) tmp = tmp | data_ptr[i] << 16; else if(address % 4 == 3) tmp = tmp | data_ptr[i] << 24; if(i == length-1 || address % 4 == 3){ write(address & 0xFFFFFFFC, tmp); tmp = 0; //time = time + write_response_delay; } address++; } } break; } case tlm::TLM_READ_COMMAND: { if (response_status == tlm::TLM_OK_RESPONSE) { previous_addr = 0x0; for (unsigned int i = 0; i < length; i++) { masked_addr = address & 0xFFFFFFFC; if(i == 0 || masked_addr != previous_addr){ read(masked_addr, &tmp); } if(address % 4 == 0) data_ptr[i] = tmp; else if(address % 4 == 1) data_ptr[i] = tmp >> 8; else if(address % 4 == 2) data_ptr[i] = tmp >> 16; else if(address % 4 == 3) data_ptr[i] = tmp >> 24; previous_addr = masked_addr; address++; } //time = time + read_response_delay; }
int main(void) { int init_res; puts("\nRIOT netdev test"); dev = NETDEV_DEFAULT; if (dev == NULL) { puts("Default device was NULL"); return 1; } printf("Initialized dev "); switch (dev->type) { case NETDEV_TYPE_UNKNOWN: printf("of unknown type\n"); break; case NETDEV_TYPE_BASE: printf("as basic device\n"); break; default: printf("of undefined type\n"); break; } if (dev->driver == NULL) { puts("Default driver is defined as NULL!"); return 1; } dev->driver->init(dev); if (!(init_res = init_channel())) { return 1; } if (check_channel() == 0) { printf("Channel is not as expected. "); if (init_res == 2) { printf("But initialization is not supported. Continuing.\n"); } else { printf("Aborting\n"); return 1; } } if (!(init_res = init_address())) { return 1; } if (check_address() == 0) { printf("Address is not as expected. "); if (init_res == 2) { printf("But initialization is not supported. Continuing.\n"); } else { printf("Aborting\n"); return 1; } } if (!(init_res = init_long_address())) { return 1; } if (check_long_address() == 0) { printf("Long address is not as expected. "); if (init_res == 2) { printf("But initialization is not supported. Continuing.\n"); } else { printf("Aborting\n"); return 1; } } if (!(init_res = init_nid())) { return 1; } if (check_nid() == 0) { printf("Network ID is not as expected. "); if (init_res == 2) { printf("But initialization is not supported. Continuing.\n"); } else { printf("Aborting\n"); return 1; } } if (check_max_packet_size() == 0) { return 1; } if (check_protocol() == 0) { return 1; } if (!init_state()) { return 1; } if (!check_state()) { return 1; } #ifdef SENDER if (!send_packet()) { return 1; } #elif RECEIVER if (!init_receiver_callback()) { return 1; } #endif return 0; }
/********************************************************* * Core Memory Management Operation *********************************************************/ static int access_page(pid_t pid, char mode, addr_t address, addr_t *physical_addr) { frame_t frame; int ret; /* * Check for a context switch */ if(last_pid != pid ) { last_pid = pid; stats.num_context_switch++; //stats.num_procs++; stats.pid_list[stats.num_procs++] = pid; } /* * Check for valid page reference */ if( 0 != check_address(address) ) { /*printf("%s: Fault! Invalid Address Reference!\n", current_ref);*/ stats.num_errors++; return -1; } /* * Check the Cache * - Success: Load page! * - Failure: Check TLB * Return: * > 0: Resolved in cache * = 0: Not resolved in cache * < 0: Error! */ ret = check_cache(pid, mode, address, &frame); if( ret < 0 ) { fprintf(stderr, "Error: Cache lookup failed!\n"); stats.num_errors++; return -1; } else if( ret > 0 ) { /*printf("%s: Cache Hit!\n", current_ref);*/ stats.cache_hit++; *physical_addr = frame*PAGE_SIZE + GET_OFFSET(address); return 0; } stats.cache_miss++; printf("%s: Cache Miss...\n", current_ref); /* * Check the TLB * - Success: Access page from RAM, update cache * - Failure: Look in Page Table * * Return: * > 0: Resolved in TLB * = 0: Not resolved in TLB * < 0: Error! */ ret = check_tlb(pid, mode, address, &frame); if( ret < 0 ) { fprintf(stderr, "Error: TLB lookup failed!\n"); stats.num_errors++; return -1; } else if( ret > 0 ) { printf("%s: TLB Hit!\n", current_ref); stats.tlb_hit++; *physical_addr = frame*PAGE_SIZE + GET_OFFSET(address); return 0; } stats.tlb_miss++; printf("%s: TLB Miss...\n", current_ref); /* * Check the Page Table * - In RAM: * - Access Page from RAM * - Update TLB, Cache * - In Swap: * - Find a frame to replace * - Page-Fault * - Update Page Table * - Update TLB, Cache */ //ret = check_page_table(pid, mode, address, &frame); ret = check_page_dir(pid, mode, address, &frame); if( ret < 0 ) { fprintf(stderr, "Error: Page Table lookup failed!\n"); stats.num_errors++; return -1; } else if( ret > 0 ) { *physical_addr = frame*PAGE_SIZE + GET_OFFSET(address); return 0; } fprintf(stderr, "%s: Error: Page Table Miss! This should never happen\n", current_ref); exit(-1); return -1; }
static void doit(int f, struct sockaddr_storage *fromp, krb5_context krb_context, int encr_flag, krb5_keytab keytab) { int p, t, on = 1; char c; char abuf[INET6_ADDRSTRLEN]; struct sockaddr_in *sin; struct sockaddr_in6 *sin6; int fromplen; in_port_t port; struct termios tp; boolean_t bad_port; boolean_t no_name; char rhost_addra[INET6_ADDRSTRLEN]; if (!(rlbuf = malloc(BUFSIZ))) { syslog(LOG_ERR, "rlbuf malloc failed\n"); exit(EXIT_FAILURE); } (void) alarm(60); if (read(f, &c, 1) != 1 || c != 0) { syslog(LOG_ERR, "failed to receive protocol zero byte\n"); exit(EXIT_FAILURE); } (void) alarm(0); if (fromp->ss_family == AF_INET) { sin = (struct sockaddr_in *)fromp; port = sin->sin_port = ntohs((ushort_t)sin->sin_port); fromplen = sizeof (struct sockaddr_in); if (!inet_ntop(AF_INET, &sin->sin_addr, rhost_addra, sizeof (rhost_addra))) goto badconversion; } else if (fromp->ss_family == AF_INET6) { sin6 = (struct sockaddr_in6 *)fromp; port = sin6->sin6_port = ntohs((ushort_t)sin6->sin6_port); fromplen = sizeof (struct sockaddr_in6); if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { struct in_addr ipv4_addr; IN6_V4MAPPED_TO_INADDR(&sin6->sin6_addr, &ipv4_addr); if (!inet_ntop(AF_INET, &ipv4_addr, rhost_addra, sizeof (rhost_addra))) goto badconversion; } else { if (!inet_ntop(AF_INET6, &sin6->sin6_addr, rhost_addra, sizeof (rhost_addra))) goto badconversion; } } else { syslog(LOG_ERR, "unknown address family %d\n", fromp->ss_family); fatal(f, "Permission denied"); } /* * Allow connections only from the "ephemeral" reserved * ports(ports 512 - 1023) by checking the remote port * because other utilities(e.g. in.ftpd) can be used to * allow a unprivileged user to originate a connection * from a privileged port and provide untrustworthy * authentication. */ bad_port = (use_auth != KRB5_RECVAUTH_V5 && (port >= (in_port_t)IPPORT_RESERVED) || (port < (in_port_t)(IPPORT_RESERVED/2))); no_name = getnameinfo((const struct sockaddr *) fromp, fromplen, hostname, sizeof (hostname), NULL, 0, 0) != 0; if (no_name || bad_port) { (void) strlcpy(abuf, rhost_addra, sizeof (abuf)); /* If no host name, use IP address for name later on. */ if (no_name) (void) strlcpy(hostname, abuf, sizeof (hostname)); } if (!no_name) { /* * Even if getnameinfo() succeeded, we still have to check * for spoofing. */ check_address("rlogind", fromp, sin, sin6, rhost_addra, hostname, sizeof (hostname)); } if (bad_port) { if (no_name) syslog(LOG_NOTICE, "connection from %s - bad port\n", abuf); else syslog(LOG_NOTICE, "connection from %s(%s) - bad port\n", hostname, abuf); fatal(f, "Permission denied"); } if (use_auth == KRB5_RECVAUTH_V5) { do_krb_login(f, rhost_addra, hostname, krb_context, encr_flag, keytab); if (krusername != NULL && strlen(krusername)) { /* * Kerberos Authentication succeeded, * so set the proper program name to use * with pam (important during 'cleanup' * routine later). */ pam_prog_name = KRB5_PROG_NAME; } } if (write(f, "", 1) != 1) { syslog(LOG_NOTICE, "send of the zero byte(to %s) failed:" " cannot start data transfer mode\n", (no_name ? abuf : hostname)); exit(EXIT_FAILURE); } if ((p = open("/dev/ptmx", O_RDWR)) == -1) fatalperror(f, "cannot open /dev/ptmx"); if (grantpt(p) == -1) fatal(f, "could not grant slave pty"); if (unlockpt(p) == -1) fatal(f, "could not unlock slave pty"); if ((line = ptsname(p)) == NULL) fatal(f, "could not enable slave pty"); if ((t = open(line, O_RDWR)) == -1) fatal(f, "could not open slave pty"); if (ioctl(t, I_PUSH, "ptem") == -1) fatalperror(f, "ioctl I_PUSH ptem"); if (ioctl(t, I_PUSH, "ldterm") == -1) fatalperror(f, "ioctl I_PUSH ldterm"); if (ioctl(t, I_PUSH, "ttcompat") == -1) fatalperror(f, "ioctl I_PUSH ttcompat"); /* * POP the sockmod and push the rlmod module. * * Note that sockmod has to be removed since readstream assumes * a "raw" TPI endpoint(e.g. it uses getmsg). */ if (removemod(f, "sockmod") < 0) fatalperror(f, "couldn't remove sockmod"); if (encr_flag) { if (ioctl(f, I_PUSH, "cryptmod") < 0) fatalperror(f, "ioctl I_PUSH rlmod"); } if (ioctl(f, I_PUSH, "rlmod") < 0) fatalperror(f, "ioctl I_PUSH rlmod"); if (encr_flag) { /* * Make sure rlmod will pass unrecognized IOCTLs to cryptmod */ uchar_t passthru = 1; struct strioctl rlmodctl; rlmodctl.ic_cmd = CRYPTPASSTHRU; rlmodctl.ic_timout = -1; rlmodctl.ic_len = sizeof (uchar_t); rlmodctl.ic_dp = (char *)&passthru; if (ioctl(f, I_STR, &rlmodctl) < 0) fatal(f, "ioctl CRYPTPASSTHRU failed\n"); } /* * readstream will do a getmsg till it receives * M_PROTO type T_DATA_REQ from rloginmodopen() * indicating all data on the stream prior to pushing rlmod has * been drained at the stream head. */ if ((nsize = readstream(f, rlbuf, BUFSIZ)) < 0) fatalperror(f, "readstream failed"); /* * Make sure the pty doesn't modify the strings passed * to login as part of the "rlogin protocol." The login * program should set these flags to apropriate values * after it has read the strings. */ if (ioctl(t, TCGETS, &tp) == -1) fatalperror(f, "ioctl TCGETS"); tp.c_lflag &= ~(ECHO|ICANON); tp.c_oflag &= ~(XTABS|OCRNL); tp.c_iflag &= ~(IGNPAR|ICRNL); if (ioctl(t, TCSETS, &tp) == -1) fatalperror(f, "ioctl TCSETS"); /* * System V ptys allow the TIOC{SG}WINSZ ioctl to be * issued on the master side of the pty. Luckily, that's * the only tty ioctl we need to do do, so we can close the * slave side in the parent process after the fork. */ (void) ioctl(p, TIOCSWINSZ, &win); pid = fork(); if (pid < 0) fatalperror(f, "fork"); if (pid == 0) { int tt; struct utmpx ut; /* System V login expects a utmp entry to already be there */ (void) memset(&ut, 0, sizeof (ut)); (void) strncpy(ut.ut_user, ".rlogin", sizeof (ut.ut_user)); (void) strncpy(ut.ut_line, line, sizeof (ut.ut_line)); ut.ut_pid = getpid(); ut.ut_id[0] = 'r'; ut.ut_id[1] = (char)SC_WILDC; ut.ut_id[2] = (char)SC_WILDC; ut.ut_id[3] = (char)SC_WILDC; ut.ut_type = LOGIN_PROCESS; ut.ut_exit.e_termination = 0; ut.ut_exit.e_exit = 0; (void) time(&ut.ut_tv.tv_sec); if (makeutx(&ut) == NULL) syslog(LOG_INFO, "in.rlogind:\tmakeutx failed"); /* controlling tty */ if (setsid() == -1) fatalperror(f, "setsid"); if ((tt = open(line, O_RDWR)) == -1) fatalperror(f, "could not re-open slave pty"); if (close(p) == -1) fatalperror(f, "error closing pty master"); if (close(t) == -1) fatalperror(f, "error closing pty slave" " opened before session established"); /* * If this fails we may or may not be able to output an * error message. */ if (close(f) == -1) fatalperror(f, "error closing deamon stdout"); if (dup2(tt, STDIN_FILENO) == -1 || dup2(tt, STDOUT_FILENO) == -1 || dup2(tt, STDERR_FILENO) == -1) exit(EXIT_FAILURE); /* Disaster! No stderr! */ (void) close(tt); if (use_auth == KRB5_RECVAUTH_V5 && krusername != NULL && strlen(krusername)) { (void) execl(LOGIN_PROGRAM, "login", "-d", line, "-r", hostname, "-u", krusername, /* KRB5 principal name */ "-s", pam_prog_name, "-t", term, /* Remote Terminal */ "-U", rusername, /* Remote User */ "-R", KRB5_REPOSITORY_NAME, lusername, /* local user */ NULL); } else { (void) execl(LOGIN_PROGRAM, "login", "-d", line, "-r", hostname, NULL); } fatalperror(STDERR_FILENO, "/bin/login"); /*NOTREACHED*/ } (void) close(t); (void) ioctl(f, FIONBIO, &on); (void) ioctl(p, FIONBIO, &on); /* * Must ignore SIGTTOU, otherwise we'll stop * when we try and set slave pty's window shape * (our controlling tty is the master pty). * Likewise, we don't want any of the tty-generated * signals from chars passing through. */ (void) sigset(SIGTSTP, SIG_IGN); (void) sigset(SIGINT, SIG_IGN); (void) sigset(SIGQUIT, SIG_IGN); (void) sigset(SIGTTOU, SIG_IGN); (void) sigset(SIGTTIN, SIG_IGN); (void) sigset(SIGCHLD, cleanup); (void) setpgrp(); if (encr_flag) { krb5_data ivec, *ivptr; uint_t ivec_usage; stop_stream(f, CRYPT_ENCRYPT|CRYPT_DECRYPT); /* * Configure the STREAMS crypto module. For now, * don't use any IV parameter. KCMDV0.2 support * will require the use of Initialization Vectors * for both encrypt and decrypt modes. */ if (kcmd_protocol == KCMD_OLD_PROTOCOL) { if (session_key->enctype == ENCTYPE_DES_CBC_CRC) { /* * This is gross but necessary for MIT compat. */ ivec.length = session_key->length; ivec.data = (char *)session_key->contents; ivec_usage = IVEC_REUSE; ivptr = &ivec; } else { ivptr = NULL; /* defaults to all 0's */ ivec_usage = IVEC_NEVER; } /* * configure both sides of stream together * since they share the same IV. * This is what makes the OLD KCMD protocol * less secure than the newer one - Bad ivecs. */ if (configure_stream(f, session_key, CRYPT_ENCRYPT|CRYPT_DECRYPT, ivptr, ivec_usage) != 0) fatal(f, "Cannot initialize encryption -" " exiting.\n"); } else { size_t blocksize; if (session_key->enctype == ENCTYPE_ARCFOUR_HMAC || session_key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { if (configure_stream(f, session_key, CRYPT_ENCRYPT|CRYPT_DECRYPT, NULL, IVEC_NEVER) != 0) fatal(f, "Cannot initialize encryption -" " exiting.\n"); goto startcrypto; } if (krb5_c_block_size(krb_context, session_key->enctype, &blocksize)) { syslog(LOG_ERR, "Cannot determine blocksize " "for encryption type %d", session_key->enctype); fatal(f, "Cannot determine blocksize " "for encryption - exiting.\n"); } ivec.data = (char *)malloc(blocksize); ivec.length = blocksize; if (ivec.data == NULL) fatal(f, "memory error - exiting\n"); /* * Following MIT convention - * encrypt IV = 0x01 x blocksize * decrypt IV = 0x00 x blocksize * ivec_usage = IVEC_ONETIME * * configure_stream separately for encrypt and * decrypt because there are 2 different IVs. * * AES uses 0's for IV. */ if (session_key->enctype == ENCTYPE_AES128_CTS_HMAC_SHA1_96 || session_key->enctype == ENCTYPE_AES256_CTS_HMAC_SHA1_96) (void) memset(ivec.data, 0x00, blocksize); else (void) memset(ivec.data, 0x01, blocksize); if (configure_stream(f, session_key, CRYPT_ENCRYPT, &ivec, IVEC_ONETIME) != 0) fatal(f, "Cannot initialize encryption -" " exiting.\n"); (void) memset(ivec.data, 0x00, blocksize); if (configure_stream(f, session_key, CRYPT_DECRYPT, &ivec, IVEC_ONETIME) != 0) fatal(f, "Cannot initialize encryption -" " exiting.\n"); (void) free(ivec.data); } startcrypto: start_stream(f, CRYPT_ENCRYPT); start_stream(f, CRYPT_DECRYPT); } protocol(f, p, encr_flag); cleanup(0); /*NOTREACHED*/ badconversion: fatalperror(f, "address conversion"); /*NOTREACHED*/ }