• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <keymaster/serializable.h>
18 
19 #include <assert.h>
20 
21 #include <keymaster/android_keymaster_utils.h>
22 
23 namespace keymaster {
24 
25 namespace {
26 
27 /* Performs an overflow-checked bounds check */
buffer_bound_check(const uint8_t * buf,const uint8_t * end,size_t len)28 bool buffer_bound_check(const uint8_t* buf, const uint8_t* end, size_t len) {
29     uintptr_t buf_next;
30     bool overflow_occurred = __builtin_add_overflow(__pval(buf), len, &buf_next);
31     return (!overflow_occurred) && (buf_next <= __pval(end));
32 }
33 
34 }  // namespace
35 
append_to_buf(uint8_t * buf,const uint8_t * end,const void * data,size_t data_len)36 uint8_t* append_to_buf(uint8_t* buf, const uint8_t* end, const void* data, size_t data_len) {
37     if (buffer_bound_check(buf, end, data_len)) {
38         memcpy(buf, data, data_len);
39         return buf + data_len;
40     } else {
41         return buf;
42     }
43 }
44 
copy_from_buf(const uint8_t ** buf_ptr,const uint8_t * end,void * dest,size_t size)45 bool copy_from_buf(const uint8_t** buf_ptr, const uint8_t* end, void* dest, size_t size) {
46     if (buffer_bound_check(*buf_ptr, end, size)) {
47         memcpy(dest, *buf_ptr, size);
48         *buf_ptr += size;
49         return true;
50     } else {
51         return false;
52     }
53 }
54 
copy_size_and_data_from_buf(const uint8_t ** buf_ptr,const uint8_t * end,size_t * size,UniquePtr<uint8_t[]> * dest)55 bool copy_size_and_data_from_buf(const uint8_t** buf_ptr, const uint8_t* end, size_t* size,
56                                  UniquePtr<uint8_t[]>* dest) {
57     if (!copy_uint32_from_buf(buf_ptr, end, size)) return false;
58 
59     if (*size == 0) {
60         dest->reset();
61         return true;
62     }
63 
64     if (buffer_bound_check(*buf_ptr, end, *size)) {
65         dest->reset(new (std::nothrow) uint8_t[*size]);
66         if (!dest->get()) {
67             return false;
68         }
69         return copy_from_buf(buf_ptr, end, dest->get(), *size);
70     } else {
71         return false;
72     }
73 }
74 
reserve(size_t size)75 bool Buffer::reserve(size_t size) {
76     if (available_write() < size) {
77         size_t new_size = buffer_size_ + size - available_write();
78         uint8_t* new_buffer = new (std::nothrow) uint8_t[new_size];
79         if (!new_buffer) return false;
80         memcpy(new_buffer, buffer_.get() + read_position_, available_read());
81         memset_s(buffer_.get(), 0, buffer_size_);
82         buffer_.reset(new_buffer);
83         buffer_size_ = new_size;
84         write_position_ -= read_position_;
85         read_position_ = 0;
86     }
87     return true;
88 }
89 
Reinitialize(size_t size)90 bool Buffer::Reinitialize(size_t size) {
91     Clear();
92     buffer_.reset(new (std::nothrow) uint8_t[size]);
93     if (!buffer_.get()) return false;
94     buffer_size_ = size;
95     read_position_ = 0;
96     write_position_ = 0;
97     return true;
98 }
99 
Reinitialize(const void * data,size_t data_len)100 bool Buffer::Reinitialize(const void* data, size_t data_len) {
101     Clear();
102     if (__pval(data) + data_len < __pval(data))  // Pointer wrap check
103         return false;
104     buffer_.reset(new (std::nothrow) uint8_t[data_len]);
105     if (!buffer_.get()) return false;
106     buffer_size_ = data_len;
107     memcpy(buffer_.get(), data, data_len);
108     read_position_ = 0;
109     write_position_ = buffer_size_;
110     return true;
111 }
112 
available_write() const113 size_t Buffer::available_write() const {
114     assert(buffer_size_ >= write_position_);
115     return buffer_size_ - write_position_;
116 }
117 
available_read() const118 size_t Buffer::available_read() const {
119     assert(buffer_size_ >= write_position_);
120     assert(write_position_ >= read_position_);
121     return write_position_ - read_position_;
122 }
123 
write(const uint8_t * src,size_t write_length)124 bool Buffer::write(const uint8_t* src, size_t write_length) {
125     if (available_write() < write_length) return false;
126     memcpy(buffer_.get() + write_position_, src, write_length);
127     write_position_ += write_length;
128     return true;
129 }
130 
read(uint8_t * dest,size_t read_length)131 bool Buffer::read(uint8_t* dest, size_t read_length) {
132     if (available_read() < read_length) return false;
133     memcpy(dest, buffer_.get() + read_position_, read_length);
134     read_position_ += read_length;
135     return true;
136 }
137 
SerializedSize() const138 size_t Buffer::SerializedSize() const {
139     return sizeof(uint32_t) + available_read();
140 }
141 
Serialize(uint8_t * buf,const uint8_t * end) const142 uint8_t* Buffer::Serialize(uint8_t* buf, const uint8_t* end) const {
143     return append_size_and_data_to_buf(buf, end, peek_read(), available_read());
144 }
145 
Deserialize(const uint8_t ** buf_ptr,const uint8_t * end)146 bool Buffer::Deserialize(const uint8_t** buf_ptr, const uint8_t* end) {
147     Clear();
148     if (!copy_size_and_data_from_buf(buf_ptr, end, &buffer_size_, &buffer_)) {
149         buffer_.reset();
150         buffer_size_ = 0;
151         return false;
152     }
153     write_position_ = buffer_size_;
154     return true;
155 }
156 
Clear()157 void Buffer::Clear() {
158     memset_s(buffer_.get(), 0, buffer_size_);
159     buffer_.reset();
160     read_position_ = 0;
161     write_position_ = 0;
162     buffer_size_ = 0;
163 }
164 
165 }  // namespace keymaster
166