frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Xext: security: use REQUEST_HEAD_STRUCT and REQUEST_FIELD_* macros 

Use the new macros to make request struct parsing / field swapping
much easier.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This commit is contained in:
Enrico Weigelt, metux IT consult 2024-07-04 01:22:50 +02:00
parent 03b8cb506f
commit 35e8a37b17
1 changed files with 30 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
Xext/security.c
View File

@ -32,6 +32,7 @@ in this Software without prior written authorization from The Open Group.
#include "dix/dix_priv.h" #include "dix/dix_priv.h"
#include "dix/registry_priv.h" #include "dix/registry_priv.h"
#include "dix/request_priv.h"
#include "dix/resource_priv.h" #include "dix/resource_priv.h"
#include "include/extinit_priv.h" #include "include/extinit_priv.h"
#include "os/audit.h" #include "os/audit.h"
@ -348,7 +349,10 @@ SecurityStartAuthorizationTimer(SecurityAuthorizationPtr pAuth)
static int static int
ProcSecurityQueryVersion(ClientPtr client) ProcSecurityQueryVersion(ClientPtr client)
{ {
/* REQUEST(xSecurityQueryVersionReq); */ REQUEST_HEAD_STRUCT(xSecurityQueryVersionReq);
REQUEST_FIELD_CARD16(majorVersion);
REQUEST_FIELD_CARD16(minorVersion);
xSecurityQueryVersionReply rep = { xSecurityQueryVersionReply rep = {
.type = X_Reply, .type = X_Reply,
.sequenceNumber = client->sequence, .sequenceNumber = client->sequence,
@ -357,8 +361,6 @@ ProcSecurityQueryVersion(ClientPtr client)
.minorVersion = SERVER_SECURITY_MINOR_VERSION .minorVersion = SERVER_SECURITY_MINOR_VERSION
}; };
REQUEST_SIZE_MATCH(xSecurityQueryVersionReq);
if (client->swapped) { if (client->swapped) {
swaps(&rep.sequenceNumber); swaps(&rep.sequenceNumber);
swaps(&rep.majorVersion); swaps(&rep.majorVersion);
@ -403,7 +405,25 @@ SecurityEventSelectForAuthorization(SecurityAuthorizationPtr pAuth,
static int static int
ProcSecurityGenerateAuthorization(ClientPtr client) ProcSecurityGenerateAuthorization(ClientPtr client)
{ {
REQUEST(xSecurityGenerateAuthorizationReq); REQUEST_HEAD_AT_LEAST(xSecurityGenerateAuthorizationReq);
REQUEST_FIELD_CARD16(nbytesAuthProto);
REQUEST_FIELD_CARD16(nbytesAuthData);
REQUEST_FIELD_CARD32(valueMask);
int values_offset = bytes_to_int32(stuff->nbytesAuthProto) +
bytes_to_int32(stuff->nbytesAuthData);
if (values_offset > stuff->length - bytes_to_int32(sz_xSecurityGenerateAuthorizationReq))
return BadLength;
CARD32 *values = (CARD32 *) (&stuff[1]) + values_offset;
if (client->swapped) {
unsigned long nvalues;
nvalues = (((CARD32 *) stuff) + stuff->length) - values;
SwapLongs(values, nvalues);
}
int len; /* request length in CARD32s */ int len; /* request length in CARD32s */
Bool removeAuth = FALSE; /* if bailout, call RemoveAuthorization? */ Bool removeAuth = FALSE; /* if bailout, call RemoveAuthorization? */
int err; /* error to return from this function */ int err; /* error to return from this function */
@ -412,7 +432,6 @@ ProcSecurityGenerateAuthorization(ClientPtr client)
unsigned int trustLevel; /* trust level of new auth */ unsigned int trustLevel; /* trust level of new auth */
XID group; /* group of new auth */ XID group; /* group of new auth */
CARD32 timeout; /* timeout of new auth */ CARD32 timeout; /* timeout of new auth */
CARD32 *values; /* list of supplied attributes */
char *protoname; /* auth proto name sent in request */ char *protoname; /* auth proto name sent in request */
char *protodata; /* auth proto data sent in request */ char *protodata; /* auth proto data sent in request */
unsigned int authdata_len; /* # bytes of generated auth data */ unsigned int authdata_len; /* # bytes of generated auth data */
@ -421,11 +440,8 @@ ProcSecurityGenerateAuthorization(ClientPtr client)
/* check request length */ /* check request length */
REQUEST_AT_LEAST_SIZE(xSecurityGenerateAuthorizationReq); len = bytes_to_int32(sizeof(xSecurityGenerateAuthorizationReq))
len = bytes_to_int32(SIZEOF(xSecurityGenerateAuthorizationReq)); + values_offset;
len += bytes_to_int32(stuff->nbytesAuthProto);
len += bytes_to_int32(stuff->nbytesAuthData);
values = ((CARD32 *) stuff) + len;
len += Ones(stuff->valueMask); len += Ones(stuff->valueMask);
if (client->req_len != len) if (client->req_len != len)
return BadLength; return BadLength;
@ -576,12 +592,12 @@ ProcSecurityGenerateAuthorization(ClientPtr client)
static int static int
ProcSecurityRevokeAuthorization(ClientPtr client) ProcSecurityRevokeAuthorization(ClientPtr client)
{ {
REQUEST(xSecurityRevokeAuthorizationReq); REQUEST_HEAD_STRUCT(xSecurityRevokeAuthorizationReq);
REQUEST_FIELD_CARD32(authId);
SecurityAuthorizationPtr pAuth; SecurityAuthorizationPtr pAuth;
int rc; int rc;
REQUEST_SIZE_MATCH(xSecurityRevokeAuthorizationReq);
rc = dixLookupResourceByType((void **) &pAuth, stuff->authId, rc = dixLookupResourceByType((void **) &pAuth, stuff->authId,
SecurityAuthorizationResType, client, SecurityAuthorizationResType, client,
DixDestroyAccess); DixDestroyAccess);
@ -609,64 +625,6 @@ ProcSecurityDispatch(ClientPtr client)
} }
} /* ProcSecurityDispatch */ } /* ProcSecurityDispatch */
static int _X_COLD
SProcSecurityQueryVersion(ClientPtr client)
{
REQUEST(xSecurityQueryVersionReq);
REQUEST_SIZE_MATCH(xSecurityQueryVersionReq);
swaps(&stuff->majorVersion);
swaps(&stuff->minorVersion);
return ProcSecurityQueryVersion(client);
} /* SProcSecurityQueryVersion */
static int _X_COLD
SProcSecurityGenerateAuthorization(ClientPtr client)
{
REQUEST(xSecurityGenerateAuthorizationReq);
CARD32 *values;
unsigned long nvalues;
int values_offset;
REQUEST_AT_LEAST_SIZE(xSecurityGenerateAuthorizationReq);
swaps(&stuff->nbytesAuthProto);
swaps(&stuff->nbytesAuthData);
swapl(&stuff->valueMask);
values_offset = bytes_to_int32(stuff->nbytesAuthProto) +
bytes_to_int32(stuff->nbytesAuthData);
if (values_offset >
client->req_len - bytes_to_int32(sz_xSecurityGenerateAuthorizationReq))
return BadLength;
values = (CARD32 *) (&stuff[1]) + values_offset;
nvalues = (((CARD32 *) stuff) + client->req_len) - values;
SwapLongs(values, nvalues);
return ProcSecurityGenerateAuthorization(client);
} /* SProcSecurityGenerateAuthorization */
static int _X_COLD
SProcSecurityRevokeAuthorization(ClientPtr client)
{
REQUEST(xSecurityRevokeAuthorizationReq);
REQUEST_SIZE_MATCH(xSecurityRevokeAuthorizationReq);
swapl(&stuff->authId);
return ProcSecurityRevokeAuthorization(client);
} /* SProcSecurityRevokeAuthorization */
static int _X_COLD
SProcSecurityDispatch(ClientPtr client)
{
REQUEST(xReq);
switch (stuff->data) {
case X_SecurityQueryVersion:
return SProcSecurityQueryVersion(client);
case X_SecurityGenerateAuthorization:
return SProcSecurityGenerateAuthorization(client);
case X_SecurityRevokeAuthorization:
return SProcSecurityRevokeAuthorization(client);
default:
return BadRequest;
}
} /* SProcSecurityDispatch */
static void _X_COLD static void _X_COLD
SwapSecurityAuthorizationRevokedEvent(xSecurityAuthorizationRevokedEvent * from, SwapSecurityAuthorizationRevokedEvent(xSecurityAuthorizationRevokedEvent * from,
xSecurityAuthorizationRevokedEvent * to) xSecurityAuthorizationRevokedEvent * to)
@ -1078,7 +1036,7 @@ SecurityExtensionInit(void)
/* Add extension to server */ /* Add extension to server */
extEntry = AddExtension(SECURITY_EXTENSION_NAME, extEntry = AddExtension(SECURITY_EXTENSION_NAME,
XSecurityNumberEvents, XSecurityNumberErrors, XSecurityNumberEvents, XSecurityNumberErrors,
ProcSecurityDispatch, SProcSecurityDispatch, ProcSecurityDispatch, ProcSecurityDispatch,
SecurityResetProc, StandardMinorOpcode); SecurityResetProc, StandardMinorOpcode);
SecurityErrorBase = extEntry->errorBase; SecurityErrorBase = extEntry->errorBase;