diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-07-15 13:11:38 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-07-15 23:21:18 +1000 |
commit | e18a27eedccb024acb3cd9820b650a5dff323f01 (patch) | |
tree | 8b7c4d8e03e092fc296cf3c899e4ce907dc31556 /sshbuf.h | |
parent | bc551dfebb55845537b1095cf3ccd01640a147b7 (diff) | |
download | openssh-git-e18a27eedccb024acb3cd9820b650a5dff323f01.tar.gz |
upstream: two more bounds-checking sshbuf counterparts to common
string operations: sshbuf_cmp() (bcmp-like) and sshbuf_find() (memmem like)
feedback and ok markus@
OpenBSD-Commit-ID: fd071ec2485c7198074a168ff363a0d6052a706a
Diffstat (limited to 'sshbuf.h')
-rw-r--r-- | sshbuf.h | 29 |
1 files changed, 28 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.14 2019/07/14 23:32:27 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.15 2019/07/15 13:11:38 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -257,6 +257,33 @@ char *sshbuf_dtob64(struct sshbuf *buf); int sshbuf_b64tod(struct sshbuf *buf, const char *b64); /* + * Tests whether the buffer contains the specified byte sequence at the + * specified offset. Returns 0 on successful match, or a ssherr.h code + * otherwise. SSH_ERR_INVALID_FORMAT indicates sufficient bytes were + * present but the buffer contents did not match those supplied. Zero- + * length comparisons are not allowed. + * + * If sufficient data is present to make a comparison, then it is + * performed with timing independent of the value of the data. If + * insufficient data is present then the comparison is not attempted at + * all. + */ +int sshbuf_cmp(const struct sshbuf *b, size_t offset, + const u_char *s, size_t len); + +/* + * Searches the buffer for the specified string. Returns 0 on success + * and updates *offsetp with the offset of the first match, relative to + * the start of the buffer. Otherwise sshbuf_find will return a ssherr.h + * error code. SSH_ERR_INVALID_FORMAT indicates sufficient bytes were + * present in the buffer for a match to be possible but none was found. + * Searches for zero-length data are not allowed. + */ +int +sshbuf_find(const struct sshbuf *b, size_t start_offset, + const u_char *s, size_t len, size_t *offsetp); + +/* * Duplicate the contents of a buffer to a string (caller to free). * Returns NULL on buffer error, or if the buffer contains a premature * nul character. |