Rationalize snprintf() usage in X.509 modules
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 4f43018..cb5a697 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -72,7 +72,7 @@
* Name ID Nr of Errors
* PEM 1 9
* PKCS#12 1 4 (Started from top)
- * X509 2 18
+ * X509 2 19
* PKCS5 2 4 (Started from top)
* DHM 3 9
* PK 3 14 (Started from top)
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 2afe4fa..59986d8 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -76,6 +76,7 @@
#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */
#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
+#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */
/* \} name */
/**
@@ -306,6 +307,15 @@
const char *oid, size_t oid_len,
unsigned char *sig, size_t size );
+#define MBEDTLS_X509_SAFE_SNPRINTF \
+ do { \
+ if( ret < 0 || (size_t) ret >= n ) \
+ return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \
+ \
+ n -= (size_t) ret; \
+ p += (size_t) ret; \
+ } while( 0 )
+
#ifdef __cplusplus
}
#endif
diff --git a/library/x509.c b/library/x509.c
index 0ca4b4a..d5f93d0 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -662,58 +662,6 @@
return( 0 );
}
-#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
- !defined(EFI32)
-#include <stdarg.h>
-
-#if !defined vsnprintf
-#define vsnprintf _vsnprintf
-#endif // vsnprintf
-
-/*
- * Windows _snprintf and _vsnprintf are not compatible to linux versions.
- * Result value is not size of buffer needed, but -1 if no fit is possible.
- *
- * This fuction tries to 'fix' this by at least suggesting enlarging the
- * size by 20.
- */
-static int compat_snprintf( char *str, size_t size, const char *format, ... )
-{
- va_list ap;
- int res = -1;
-
- va_start( ap, format );
-
- res = vsnprintf( str, size, format, ap );
-
- va_end( ap );
-
- // No quick fix possible
- if( res < 0 )
- return( (int) size + 20 );
-
- return( res );
-}
-
-#define snprintf compat_snprintf
-#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
-
-#define ERR_BUF_TOO_SMALL -2
-
-#define SAFE_SNPRINTF() \
-{ \
- if( ret == -1 ) \
- return( -1 ); \
- \
- if( (unsigned int) ret > n ) { \
- p[n - 1] = '\0'; \
- return( ERR_BUF_TOO_SMALL ); \
- } \
- \
- n -= (unsigned int) ret; \
- p += (unsigned int) ret; \
-}
-
/*
* Store the name in printable form into buf; no more
* than size characters will be written
@@ -744,7 +692,7 @@
if( name != dn )
{
ret = mbedtls_snprintf( p, n, merge ? " + " : ", " );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
}
ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name );
@@ -753,7 +701,7 @@
ret = mbedtls_snprintf( p, n, "%s=", short_name );
else
ret = mbedtls_snprintf( p, n, "\?\?=" );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
for( i = 0; i < name->val.len; i++ )
{
@@ -767,7 +715,7 @@
}
s[i] = '\0';
ret = mbedtls_snprintf( p, n, "%s", s );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
merge = name->next_merged;
name = name->next;
@@ -799,13 +747,13 @@
ret = mbedtls_snprintf( p, n, "%02X%s",
serial->p[i], ( i < nr - 1 ) ? ":" : "" );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
}
if( nr != serial->len )
{
ret = mbedtls_snprintf( p, n, "...." );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
}
return( (int) ( size - n ) );
@@ -828,7 +776,7 @@
ret = mbedtls_snprintf( p, n, "???" );
else
ret = mbedtls_snprintf( p, n, "%s", desc );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
@@ -845,7 +793,7 @@
md_info ? mbedtls_md_get_name( md_info ) : "???",
mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???",
pss_opts->expected_salt_len );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
}
#else
((void) pk_alg);
@@ -865,11 +813,8 @@
size_t n = buf_size;
int ret;
- if( strlen( name ) + sizeof( " key size" ) > buf_size )
- return( ERR_BUF_TOO_SMALL );
-
ret = mbedtls_snprintf( p, n, "%s key size", name );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
return( 0 );
}
diff --git a/library/x509_crl.c b/library/x509_crl.c
index 61b1bec..85de930 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -569,58 +569,6 @@
}
#endif /* MBEDTLS_FS_IO */
-#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
- !defined(EFI32)
-#include <stdarg.h>
-
-#if !defined vsnprintf
-#define vsnprintf _vsnprintf
-#endif // vsnprintf
-
-/*
- * Windows _snprintf and _vsnprintf are not compatible to linux versions.
- * Result value is not size of buffer needed, but -1 if no fit is possible.
- *
- * This fuction tries to 'fix' this by at least suggesting enlarging the
- * size by 20.
- */
-static int compat_snprintf( char *str, size_t size, const char *format, ... )
-{
- va_list ap;
- int res = -1;
-
- va_start( ap, format );
-
- res = vsnprintf( str, size, format, ap );
-
- va_end( ap );
-
- // No quick fix possible
- if( res < 0 )
- return( (int) size + 20 );
-
- return( res );
-}
-
-#define snprintf compat_snprintf
-#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
-
-#define ERR_BUF_TOO_SMALL -2
-
-#define SAFE_SNPRINTF() \
-{ \
- if( ret == -1 ) \
- return( -1 ); \
- \
- if( (unsigned int) ret > n ) { \
- p[n - 1] = '\0'; \
- return( ERR_BUF_TOO_SMALL ); \
- } \
- \
- n -= (unsigned int) ret; \
- p += (unsigned int) ret; \
-}
-
/*
* Return an informational string about the certificate.
*/
@@ -642,61 +590,61 @@
ret = mbedtls_snprintf( p, n, "%sCRL version : %d",
prefix, crl->version );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_dn_gets( p, n, &crl->issuer );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%sthis update : " \
"%04d-%02d-%02d %02d:%02d:%02d", prefix,
crl->this_update.year, crl->this_update.mon,
crl->this_update.day, crl->this_update.hour,
crl->this_update.min, crl->this_update.sec );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%snext update : " \
"%04d-%02d-%02d %02d:%02d:%02d", prefix,
crl->next_update.year, crl->next_update.mon,
crl->next_update.day, crl->next_update.hour,
crl->next_update.min, crl->next_update.sec );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
entry = &crl->entry;
ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:",
prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
while( entry != NULL && entry->raw.len != 0 )
{
ret = mbedtls_snprintf( p, n, "\n%sserial number: ",
prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_serial_gets( p, n, &entry->serial );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, " revocation date: " \
"%04d-%02d-%02d %02d:%02d:%02d",
entry->revocation_date.year, entry->revocation_date.mon,
entry->revocation_date.day, entry->revocation_date.hour,
entry->revocation_date.min, entry->revocation_date.sec );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
entry = entry->next;
}
ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md,
crl->sig_opts );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n" );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
return( (int) ( size - n ) );
}
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 7cb5b44..0c3450a 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1194,58 +1194,6 @@
}
#endif /* MBEDTLS_FS_IO */
-#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
- !defined(EFI32)
-#include <stdarg.h>
-
-#if !defined vsnprintf
-#define vsnprintf _vsnprintf
-#endif // vsnprintf
-
-/*
- * Windows _snprintf and _vsnprintf are not compatible to linux versions.
- * Result value is not size of buffer needed, but -1 if no fit is possible.
- *
- * This fuction tries to 'fix' this by at least suggesting enlarging the
- * size by 20.
- */
-static int compat_snprintf( char *str, size_t size, const char *format, ... )
-{
- va_list ap;
- int res = -1;
-
- va_start( ap, format );
-
- res = vsnprintf( str, size, format, ap );
-
- va_end( ap );
-
- // No quick fix possible
- if( res < 0 )
- return( (int) size + 20 );
-
- return( res );
-}
-
-#define snprintf compat_snprintf
-#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
-
-#define ERR_BUF_TOO_SMALL -2
-
-#define SAFE_SNPRINTF() \
-{ \
- if( ret == -1 ) \
- return( -1 ); \
- \
- if( (unsigned int) ret > n ) { \
- p[n - 1] = '\0'; \
- return( ERR_BUF_TOO_SMALL ); \
- } \
- \
- n -= (unsigned int) ret; \
- p += (unsigned int) ret; \
-}
-
static int x509_info_subject_alt_name( char **buf, size_t *size,
const mbedtls_x509_sequence *subject_alt_name )
{
@@ -1261,7 +1209,7 @@
if( cur->buf.len + sep_len >= n )
{
*p = '\0';
- return( ERR_BUF_TOO_SMALL );
+ return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
}
n -= cur->buf.len + sep_len;
@@ -1287,7 +1235,7 @@
#define PRINT_ITEM(i) \
{ \
ret = mbedtls_snprintf( p, n, "%s" i, sep ); \
- SAFE_SNPRINTF(); \
+ MBEDTLS_X509_SAFE_SNPRINTF; \
sep = ", "; \
}
@@ -1360,7 +1308,7 @@
desc = "???";
ret = mbedtls_snprintf( p, n, "%s%s", sep, desc );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
sep = ", ";
@@ -1391,44 +1339,44 @@
ret = mbedtls_snprintf( p, n, "%scert. version : %d\n",
prefix, crt->version );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "%sserial number : ",
prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_serial_gets( p, n, &crt->serial );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_dn_gets( p, n, &crt->issuer );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_dn_gets( p, n, &crt->subject );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%sissued on : " \
"%04d-%02d-%02d %02d:%02d:%02d", prefix,
crt->valid_from.year, crt->valid_from.mon,
crt->valid_from.day, crt->valid_from.hour,
crt->valid_from.min, crt->valid_from.sec );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%sexpires on : " \
"%04d-%02d-%02d %02d:%02d:%02d", prefix,
crt->valid_to.year, crt->valid_to.mon,
crt->valid_to.day, crt->valid_to.hour,
crt->valid_to.min, crt->valid_to.sec );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk,
crt->sig_md, crt->sig_opts );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
/* Key size */
if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
@@ -1439,7 +1387,7 @@
ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str,
(int) mbedtls_pk_get_bitlen( &crt->pk ) );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
/*
* Optional extensions
@@ -1449,19 +1397,19 @@
{
ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix,
crt->ca_istrue ? "true" : "false" );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
if( crt->max_pathlen > 0 )
{
ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
}
}
if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
{
ret = mbedtls_snprintf( p, n, "\n%ssubject alt name : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
if( ( ret = x509_info_subject_alt_name( &p, &n,
&crt->subject_alt_names ) ) != 0 )
@@ -1471,7 +1419,7 @@
if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE )
{
ret = mbedtls_snprintf( p, n, "\n%scert. type : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 )
return( ret );
@@ -1480,7 +1428,7 @@
if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE )
{
ret = mbedtls_snprintf( p, n, "\n%skey usage : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 )
return( ret );
@@ -1489,7 +1437,7 @@
if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE )
{
ret = mbedtls_snprintf( p, n, "\n%sext key usage : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
if( ( ret = x509_info_ext_key_usage( &p, &n,
&crt->ext_key_usage ) ) != 0 )
@@ -1497,7 +1445,7 @@
}
ret = mbedtls_snprintf( p, n, "\n" );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
return( (int) ( size - n ) );
}
@@ -1545,7 +1493,7 @@
continue;
ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
flags ^= cur->code;
}
@@ -1553,7 +1501,7 @@
{
ret = mbedtls_snprintf( p, n, "%sUnknown reason "
"(this should not happen)\n", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
}
return( (int) ( size - n ) );
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 18ace67..0e727b4 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -327,58 +327,6 @@
}
#endif /* MBEDTLS_FS_IO */
-#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
- !defined(EFI32)
-#include <stdarg.h>
-
-#if !defined vsnprintf
-#define vsnprintf _vsnprintf
-#endif // vsnprintf
-
-/*
- * Windows _snprintf and _vsnprintf are not compatible to linux versions.
- * Result value is not size of buffer needed, but -1 if no fit is possible.
- *
- * This fuction tries to 'fix' this by at least suggesting enlarging the
- * size by 20.
- */
-static int compat_snprintf( char *str, size_t size, const char *format, ... )
-{
- va_list ap;
- int res = -1;
-
- va_start( ap, format );
-
- res = vsnprintf( str, size, format, ap );
-
- va_end( ap );
-
- // No quick fix possible
- if( res < 0 )
- return( (int) size + 20 );
-
- return( res );
-}
-
-#define snprintf compat_snprintf
-#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
-
-#define ERR_BUF_TOO_SMALL -2
-
-#define SAFE_SNPRINTF() \
-{ \
- if( ret == -1 ) \
- return( -1 ); \
- \
- if( (unsigned int) ret > n ) { \
- p[n - 1] = '\0'; \
- return( ERR_BUF_TOO_SMALL ); \
- } \
- \
- n -= (unsigned int) ret; \
- p += (unsigned int) ret; \
-}
-
#define BEFORE_COLON 14
#define BC "14"
/*
@@ -397,19 +345,19 @@
ret = mbedtls_snprintf( p, n, "%sCSR version : %d",
prefix, csr->version );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_dn_gets( p, n, &csr->subject );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
csr->sig_opts );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
mbedtls_pk_get_name( &csr->pk ) ) ) != 0 )
@@ -419,7 +367,7 @@
ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
(int) mbedtls_pk_get_bitlen( &csr->pk ) );
- SAFE_SNPRINTF();
+ MBEDTLS_X509_SAFE_SNPRINTF;
return( (int) ( size - n ) );
}