aboutsummaryrefslogtreecommitdiff
path: root/apps/systemlib/bson/tinybson.c
diff options
context:
space:
mode:
Diffstat (limited to 'apps/systemlib/bson/tinybson.c')
-rw-r--r--apps/systemlib/bson/tinybson.c88
1 files changed, 65 insertions, 23 deletions
diff --git a/apps/systemlib/bson/tinybson.c b/apps/systemlib/bson/tinybson.c
index a28217fc4..e1a9324a2 100644
--- a/apps/systemlib/bson/tinybson.c
+++ b/apps/systemlib/bson/tinybson.c
@@ -50,7 +50,7 @@
# define debug(fmt, args...) do { } while(0)
#endif
-#define CODER_CHECK(_c) do { if (_c->dead) return -1; } while(0)
+#define CODER_CHECK(_c) do { if (_c->dead) { debug("coder dead"); return -1; }} while(0)
#define CODER_KILL(_c, _reason) do { debug("killed: %s", _reason); _c->dead = true; return -1; } while(0)
static int
@@ -58,17 +58,20 @@ read_x(bson_decoder_t decoder, void *p, size_t s)
{
CODER_CHECK(decoder);
- if (decoder->fd > 0)
+ if (decoder->fd > -1)
return (read(decoder->fd, p, s) == (int)s) ? 0 : -1;
if (decoder->buf != NULL) {
- unsigned newpos = decoder->bufpos + s;
- if (newpos <= decoder->bufsize) {
- memcpy(p, (decoder->buf + decoder->bufpos), s);
- decoder->bufpos = newpos;
- return 0;
- }
+ /* staged operations to avoid integer overflow for corrupt data */
+ if (s >= decoder->bufsize)
+ CODER_KILL(decoder, "buffer too small for read");
+ if ((decoder->bufsize - s) < decoder->bufpos)
+ CODER_KILL(decoder, "not enough data for read");
+ memcpy(p, (decoder->buf + decoder->bufpos), s);
+ decoder->bufpos += s;
+ return 0;
}
+ debug("no source");
return -1;
}
@@ -85,6 +88,12 @@ read_int32(bson_decoder_t decoder, int32_t *i)
}
static int
+read_int64(bson_decoder_t decoder, int64_t *i)
+{
+ return read_x(decoder, i, sizeof(*i));
+}
+
+static int
read_double(bson_decoder_t decoder, double *d)
{
return read_x(decoder, d, sizeof(*d));
@@ -106,7 +115,7 @@ bson_decoder_init_file(bson_decoder_t decoder, int fd, bson_decoder_callback cal
/* read and discard document size */
if (read_int32(decoder, &junk))
- CODER_KILL(decoder, "failed reading length");
+ CODER_KILL(decoder, "failed discarding length");
/* ready for decoding */
return 0;
@@ -117,6 +126,10 @@ bson_decoder_init_buf(bson_decoder_t decoder, void *buf, unsigned bufsize, bson_
{
int32_t len;
+ /* argument sanity */
+ if ((buf == NULL) || (bufsize < 5) || (callback == NULL))
+ return -1;
+
decoder->fd = -1;
decoder->buf = (uint8_t *)buf;
decoder->dead = false;
@@ -142,6 +155,7 @@ int
bson_decoder_next(bson_decoder_t decoder)
{
int8_t tbyte;
+ int32_t tint;
unsigned nlen;
CODER_CHECK(decoder);
@@ -180,7 +194,9 @@ bson_decoder_next(bson_decoder_t decoder)
debug("got type byte 0x%02x", decoder->node.type);
/* EOO is special; it has no name/data following */
- if (decoder->node.type != BSON_EOO) {
+ if (decoder->node.type == BSON_EOO) {
+ decoder->node.name[0] = '\0';
+ } else {
/* get the node name */
nlen = 0;
@@ -207,8 +223,14 @@ bson_decoder_next(bson_decoder_t decoder)
decoder->node.b = (tbyte != 0);
break;
- case BSON_INT:
- if (read_int32(decoder, &decoder->node.i))
+ case BSON_INT32:
+ if (read_int32(decoder, &tint))
+ CODER_KILL(decoder, "read error on BSON_INT");
+ decoder->node.i = tint;
+ break;
+
+ case BSON_INT64:
+ if (read_int64(decoder, &decoder->node.i))
CODER_KILL(decoder, "read error on BSON_INT");
break;
@@ -222,7 +244,6 @@ bson_decoder_next(bson_decoder_t decoder)
case BSON_STRING:
if (read_int32(decoder, &decoder->pending))
CODER_KILL(decoder, "read error on BSON_STRING length");
-
break;
case BSON_BINDATA:
@@ -282,15 +303,18 @@ write_x(bson_encoder_t encoder, const void *p, size_t s)
if (!encoder->realloc_ok)
CODER_KILL(encoder, "fixed-size buffer overflow");
- int8_t *newbuf = realloc(encoder->buf, encoder->bufsize + BSON_BUF_INCREMENT);
+ uint8_t *newbuf = realloc(encoder->buf, encoder->bufsize + BSON_BUF_INCREMENT);
if (newbuf == NULL)
CODER_KILL(encoder, "could not grow buffer");
+ encoder->buf = newbuf;
encoder->bufsize += BSON_BUF_INCREMENT;
+ debug("allocated %d bytes", BSON_BUF_INCREMENT);
}
memcpy(encoder->buf + encoder->bufpos, p, s);
encoder->bufpos += s;
+ debug("appended %d bytes", s);
return 0;
}
@@ -308,6 +332,12 @@ write_int32(bson_encoder_t encoder, int32_t i)
}
static int
+write_int64(bson_encoder_t encoder, int64_t i)
+{
+ return write_x(encoder, &i, sizeof(i));
+}
+
+static int
write_double(bson_encoder_t encoder, double d)
{
return write_x(encoder, &d, sizeof(d));
@@ -319,7 +349,7 @@ write_name(bson_encoder_t encoder, const char *name)
size_t len = strlen(name);
if (len > BSON_MAXNAME)
- return -1;
+ CODER_KILL(encoder, "node name too long");
return write_x(encoder, name, len + 1);
}
@@ -401,7 +431,7 @@ int bson_encoder_append_bool(bson_encoder_t encoder, const char *name, bool valu
{
CODER_CHECK(encoder);
- if (write_int8(encoder, BSON_INT) ||
+ if (write_int8(encoder, BSON_BOOL) ||
write_name(encoder, name) ||
write_int8(encoder, value ? 1 : 0))
CODER_KILL(encoder, "write error on BSON_BOOL");
@@ -410,13 +440,25 @@ int bson_encoder_append_bool(bson_encoder_t encoder, const char *name, bool valu
}
int
-bson_encoder_append_int(bson_encoder_t encoder, const char *name, int32_t value)
+bson_encoder_append_int(bson_encoder_t encoder, const char *name, int64_t value)
{
+ bool result;
+
CODER_CHECK(encoder);
- if (write_int8(encoder, BSON_INT) ||
- write_name(encoder, name) ||
- write_int32(encoder, value))
+ /* use the smallest encoding that will hold the value */
+ if (value == (int32_t)value) {
+ debug("encoding %lld as int32", value);
+ result = write_int8(encoder, BSON_INT32) ||
+ write_name(encoder, name) ||
+ write_int32(encoder, value);
+ } else {
+ debug("encoding %lld as int64", value);
+ result = write_int8(encoder, BSON_INT64) ||
+ write_name(encoder, name) ||
+ write_int64(encoder, value);
+ }
+ if (result)
CODER_KILL(encoder, "write error on BSON_INT");
return 0;
@@ -443,12 +485,12 @@ bson_encoder_append_string(bson_encoder_t encoder, const char *name, const char
CODER_CHECK(encoder);
- len = strlen(string);
+ len = strlen(string) + 1; /* include trailing nul */
- if (write_int8(encoder, BSON_DOUBLE) ||
+ if (write_int8(encoder, BSON_STRING) ||
write_name(encoder, name) ||
write_int32(encoder, len) ||
- write_x(encoder, name, len + 1))
+ write_x(encoder, string, len))
CODER_KILL(encoder, "write error on BSON_STRING");
return 0;
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-31 23:46:26 +0000