LCOV - code coverage report
Current view: top level - src - conversion.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 100 193 51.8 %
Date: 2016-11-29 15:07:43 Functions: 8 11 72.7 %

          Line data    Source code
       1             : /* conversion.c - String conversion helper functions.
       2             :    Copyright (C) 2000 Werner Koch (dd9jn)
       3             :    Copyright (C) 2001, 2002, 2003, 2004, 2007 g10 Code GmbH
       4             : 
       5             :    This file is part of GPGME.
       6             : 
       7             :    GPGME is free software; you can redistribute it and/or modify it
       8             :    under the terms of the GNU Lesser General Public License as
       9             :    published by the Free Software Foundation; either version 2.1 of
      10             :    the License, or (at your option) any later version.
      11             : 
      12             :    GPGME is distributed in the hope that it will be useful, but
      13             :    WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      15             :    Lesser General Public License for more details.
      16             : 
      17             :    You should have received a copy of the GNU Lesser General Public
      18             :    License along with this program; if not, write to the Free Software
      19             :    Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
      20             :    02111-1307, USA.  */
      21             : 
      22             : #if HAVE_CONFIG_H
      23             : #include <config.h>
      24             : #endif
      25             : 
      26             : #include <stdlib.h>
      27             : #include <string.h>
      28             : #ifdef HAVE_SYS_TYPES_H
      29             :   /* Solaris 8 needs sys/types.h before time.h.  */
      30             : # include <sys/types.h>
      31             : #endif
      32             : #include <time.h>
      33             : #include <errno.h>
      34             : #include <stdarg.h>
      35             : 
      36             : #include "gpgme.h"
      37             : #include "util.h"
      38             : #include "debug.h"
      39             : 
      40             : #define atoi_1(p)   (*(p) - '0' )
      41             : #define atoi_2(p)   ((atoi_1(p) * 10) + atoi_1((p)+1))
      42             : #define atoi_4(p)   ((atoi_2(p) * 100) + atoi_2((p)+2))
      43             : 
      44             : 
      45             : 
      46             : static char *
      47           0 : do_strconcat (const char *s1, va_list arg_ptr)
      48             : {
      49             :   const char *argv[16];
      50             :   size_t argc;
      51             :   size_t needed;
      52             :   char *buffer, *p;
      53             : 
      54           0 :   argc = 0;
      55           0 :   argv[argc++] = s1;
      56           0 :   needed = strlen (s1);
      57           0 :   while (((argv[argc] = va_arg (arg_ptr, const char *))))
      58             :     {
      59           0 :       needed += strlen (argv[argc]);
      60           0 :       if (argc >= DIM (argv)-1)
      61             :         {
      62           0 :           gpg_err_set_errno (EINVAL);
      63           0 :           return NULL;
      64             :         }
      65           0 :       argc++;
      66             :     }
      67           0 :   needed++;
      68           0 :   buffer = malloc (needed);
      69           0 :   if (buffer)
      70             :     {
      71           0 :       for (p = buffer, argc=0; argv[argc]; argc++)
      72           0 :         p = stpcpy (p, argv[argc]);
      73             :     }
      74           0 :   return buffer;
      75             : }
      76             : 
      77             : 
      78             : /* Concatenate the string S1 with all the following strings up to a
      79             :  * NULL.  Returns a malloced buffer with the new string or NULL on a
      80             :    malloc error or if too many arguments are given.  */
      81             : char *
      82           0 : _gpgme_strconcat (const char *s1, ...)
      83             : {
      84             :   va_list arg_ptr;
      85             :   char *result;
      86             : 
      87           0 :   if (!s1)
      88           0 :     result = strdup ("");
      89             :   else
      90             :     {
      91           0 :       va_start (arg_ptr, s1);
      92           0 :       result = do_strconcat (s1, arg_ptr);
      93           0 :       va_end (arg_ptr);
      94             :     }
      95           0 :   return result;
      96             : }
      97             : 
      98             : 
      99             : 
     100             : 
     101             : /* Convert two hexadecimal digits from STR to the value they
     102             :    represent.  Returns -1 if one of the characters is not a
     103             :    hexadecimal digit.  */
     104             : int
     105        1679 : _gpgme_hextobyte (const char *str)
     106             : {
     107        1679 :   int val = 0;
     108             :   int i;
     109             : 
     110             : #define NROFHEXDIGITS 2
     111        5037 :   for (i = 0; i < NROFHEXDIGITS; i++)
     112             :     {
     113        3358 :       if (*str >= '0' && *str <= '9')
     114        3320 :         val += *str - '0';
     115          38 :       else if (*str >= 'A' && *str <= 'F')
     116          36 :         val += 10 + *str - 'A';
     117           2 :       else if (*str >= 'a' && *str <= 'f')
     118           2 :         val += 10 + *str - 'a';
     119             :       else
     120           0 :         return -1;
     121        3358 :       if (i < NROFHEXDIGITS - 1)
     122        1679 :         val *= 16;
     123        3358 :       str++;
     124             :     }
     125        1679 :   return val;
     126             : }
     127             : 
     128             : 
     129             : /* Decode the C formatted string SRC and store the result in the
     130             :    buffer *DESTP which is LEN bytes long.  If LEN is zero, then a
     131             :    large enough buffer is allocated with malloc and *DESTP is set to
     132             :    the result.  Currently, LEN is only used to specify if allocation
     133             :    is desired or not, the caller is expected to make sure that *DESTP
     134             :    is large enough if LEN is not zero.  */
     135             : gpgme_error_t
     136        7057 : _gpgme_decode_c_string (const char *src, char **destp, size_t len)
     137             : {
     138             :   char *dest;
     139             : 
     140             :   /* Set up the destination buffer.  */
     141        7057 :   if (len)
     142             :     {
     143        7051 :       if (len < strlen (src) + 1)
     144           0 :         return gpg_error (GPG_ERR_INTERNAL);
     145             : 
     146        7051 :       dest = *destp;
     147             :     }
     148             :   else
     149             :     {
     150             :       /* The converted string will never be larger than the original
     151             :          string.  */
     152           6 :       dest = malloc (strlen (src) + 1);
     153           6 :       if (!dest)
     154           0 :         return gpg_error_from_syserror ();
     155             : 
     156           6 :       *destp = dest;
     157             :     }
     158             : 
     159             :   /* Convert the string.  */
     160      283149 :   while (*src)
     161             :     {
     162      269035 :       if (*src != '\\')
     163             :         {
     164      269033 :           *(dest++) = *(src++);
     165      269033 :           continue;
     166             :         }
     167             : 
     168           2 :       switch (src[1])
     169             :         {
     170             : #define DECODE_ONE(match,result)        \
     171             :         case match:                     \
     172             :           src += 2;                     \
     173             :           *(dest++) = result;           \
     174             :           break;
     175             : 
     176           0 :           DECODE_ONE ('\'', '\'');
     177           0 :           DECODE_ONE ('\"', '\"');
     178           0 :           DECODE_ONE ('\?', '\?');
     179           0 :           DECODE_ONE ('\\', '\\');
     180           0 :           DECODE_ONE ('a', '\a');
     181           0 :           DECODE_ONE ('b', '\b');
     182           0 :           DECODE_ONE ('f', '\f');
     183           0 :           DECODE_ONE ('n', '\n');
     184           0 :           DECODE_ONE ('r', '\r');
     185           0 :           DECODE_ONE ('t', '\t');
     186           0 :           DECODE_ONE ('v', '\v');
     187             : 
     188             :         case 'x':
     189             :           {
     190           2 :             int val = _gpgme_hextobyte (&src[2]);
     191             : 
     192           2 :             if (val == -1)
     193             :               {
     194             :                 /* Should not happen.  */
     195           0 :                 *(dest++) = *(src++);
     196           0 :                 *(dest++) = *(src++);
     197           0 :                 if (*src)
     198           0 :                   *(dest++) = *(src++);
     199           0 :                 if (*src)
     200           0 :                   *(dest++) = *(src++);
     201             :               }
     202             :             else
     203             :               {
     204           2 :                 if (!val)
     205             :                   {
     206             :                     /* A binary zero is not representable in a C
     207             :                        string.  */
     208           0 :                     *(dest++) = '\\';
     209           0 :                     *(dest++) = '0';
     210             :                   }
     211             :                 else
     212           2 :                   *((unsigned char *) dest++) = val;
     213           2 :                 src += 4;
     214             :               }
     215             :           }
     216           2 :           break;
     217             : 
     218             :         default:
     219             :           {
     220             :             /* Should not happen.  */
     221           0 :             *(dest++) = *(src++);
     222           0 :             *(dest++) = *(src++);
     223             :           }
     224             :         }
     225             :     }
     226        7057 :   *(dest++) = 0;
     227             : 
     228        7057 :   return 0;
     229             : }
     230             : 
     231             : 
     232             : /* Decode the percent escaped string SRC and store the result in the
     233             :    buffer *DESTP which is LEN bytes long.  If LEN is zero, then a
     234             :    large enough buffer is allocated with malloc and *DESTP is set to
     235             :    the result.  Currently, LEN is only used to specify if allocation
     236             :    is desired or not, the caller is expected to make sure that *DESTP
     237             :    is large enough if LEN is not zero.  If BINARY is 1, then '\0'
     238             :    characters are allowed in the output.  */
     239             : gpgme_error_t
     240        2190 : _gpgme_decode_percent_string (const char *src, char **destp, size_t len,
     241             :                               int binary)
     242             : {
     243             :   char *dest;
     244             : 
     245             :   /* Set up the destination buffer.  */
     246        2190 :   if (len)
     247             :     {
     248        1828 :       if (len < strlen (src) + 1)
     249           0 :         return gpg_error (GPG_ERR_INTERNAL);
     250             : 
     251        1828 :       dest = *destp;
     252             :     }
     253             :   else
     254             :     {
     255             :       /* The converted string will never be larger than the original
     256             :          string.  */
     257         362 :       dest = malloc (strlen (src) + 1);
     258         362 :       if (!dest)
     259           0 :         return gpg_error_from_syserror ();
     260             : 
     261         362 :       *destp = dest;
     262             :     }
     263             : 
     264             :   /* Convert the string.  */
     265       71040 :   while (*src)
     266             :     {
     267       66660 :       if (*src != '%')
     268             :         {
     269       65028 :           *(dest++) = *(src++);
     270       65028 :           continue;
     271             :         }
     272             :       else
     273             :         {
     274        1632 :           int val = _gpgme_hextobyte (&src[1]);
     275             : 
     276        1632 :           if (val == -1)
     277             :             {
     278             :               /* Should not happen.  */
     279           0 :               *(dest++) = *(src++);
     280           0 :               if (*src)
     281           0 :                 *(dest++) = *(src++);
     282           0 :               if (*src)
     283           0 :                 *(dest++) = *(src++);
     284             :             }
     285             :           else
     286             :             {
     287        1632 :               if (!val && !binary)
     288             :                 {
     289             :                   /* A binary zero is not representable in a C
     290             :                      string.  */
     291           0 :                   *(dest++) = '\\';
     292           0 :                   *(dest++) = '0';
     293             :                 }
     294             :               else
     295        1632 :                 *((unsigned char *) dest++) = val;
     296        1632 :               src += 3;
     297             :             }
     298             :         }
     299             :     }
     300        2190 :   *(dest++) = 0;
     301             : 
     302        2190 :   return 0;
     303             : }
     304             : 
     305             : 
     306             : /* Encode the string SRC with percent escaping and store the result in
     307             :    the buffer *DESTP which is LEN bytes long.  If LEN is zero, then a
     308             :    large enough buffer is allocated with malloc and *DESTP is set to
     309             :    the result.  Currently, LEN is only used to specify if allocation
     310             :    is desired or not, the caller is expected to make sure that *DESTP
     311             :    is large enough if LEN is not zero.  If BINARY is 1, then '\0'
     312             :    characters are allowed in the output.  */
     313             : gpgme_error_t
     314           0 : _gpgme_encode_percent_string (const char *src, char **destp, size_t len)
     315             : {
     316             :   size_t destlen;
     317             :   char *dest;
     318             :   const char *str;
     319             : 
     320           0 :   destlen = 0;
     321           0 :   str = src;
     322             :   /* We percent-escape the + character because the user might need a
     323             :      "percent plus" escaped string (special gpg format).  But we
     324             :      percent-escape the space character, which works with and without
     325             :      the special plus format.  */
     326           0 :   while (*str)
     327             :     {
     328           0 :       if (*str == '+' || *str == '\"' || *str == '%'
     329           0 :           || *(const unsigned char *)str <= 0x20)
     330           0 :         destlen += 3;
     331             :       else
     332           0 :         destlen++;
     333           0 :       str++;
     334             :     }
     335             :   /* Terminating nul byte.  */
     336           0 :   destlen++;
     337             : 
     338             :   /* Set up the destination buffer.  */
     339           0 :   if (len)
     340             :     {
     341           0 :       if (len < destlen)
     342           0 :         return gpg_error (GPG_ERR_INTERNAL);
     343             : 
     344           0 :       dest = *destp;
     345             :     }
     346             :   else
     347             :     {
     348             :       /* The converted string will never be larger than the original
     349             :          string.  */
     350           0 :       dest = malloc (destlen);
     351           0 :       if (!dest)
     352           0 :         return gpg_error_from_syserror ();
     353             : 
     354           0 :       *destp = dest;
     355             :     }
     356             : 
     357             :   /* Convert the string.  */
     358           0 :   while (*src)
     359             :     {
     360           0 :       if (*src == '+' || *src == '\"' || *src == '%'
     361           0 :           || *(const unsigned char *)src <= 0x20)
     362             :         {
     363           0 :           snprintf (dest, 4, "%%%02X", *(unsigned char *)src);
     364           0 :           dest += 3;
     365             :         }
     366             :       else
     367           0 :         *(dest++) = *src;
     368           0 :       src++;
     369             :     }
     370           0 :   *(dest++) = 0;
     371             : 
     372           0 :   return 0;
     373             : }
     374             : 
     375             : 
     376             : /* Split a string into space delimited fields and remove leading and
     377             :  * trailing spaces from each field.  A pointer to the each field is
     378             :  * stored in ARRAY.  Stop splitting at ARRAYSIZE fields.  The function
     379             :  * modifies STRING.  The number of parsed fields is returned.
     380             :  */
     381             : int
     382         237 : _gpgme_split_fields (char *string, char **array, int arraysize)
     383             : {
     384         237 :   int n = 0;
     385             :   char *p, *pend;
     386             : 
     387         237 :   for (p = string; *p == ' '; p++)
     388             :     ;
     389             :   do
     390             :     {
     391         564 :       if (n == arraysize)
     392           0 :         break;
     393         564 :       array[n++] = p;
     394         564 :       pend = strchr (p, ' ');
     395         564 :       if (!pend)
     396         237 :         break;
     397         327 :       *pend++ = 0;
     398         327 :       for (p = pend; *p == ' '; p++)
     399             :         ;
     400             :     }
     401         327 :   while (*p);
     402             : 
     403         237 :   return n;
     404             : }
     405             : 
     406             : /* Convert the field STRING into an unsigned long value.  Check for
     407             :  * trailing garbage.  */
     408             : gpgme_error_t
     409         196 : _gpgme_strtoul_field (const char *string, unsigned long *result)
     410             : {
     411             :   char *endp;
     412             : 
     413         196 :   gpg_err_set_errno (0);
     414         196 :   *result = strtoul (string, &endp, 0);
     415         196 :   if (errno)
     416           0 :     return gpg_error_from_syserror ();
     417         196 :   if (endp == string || *endp)
     418           0 :     return gpg_error (GPG_ERR_INV_VALUE);
     419         196 :   return 0;
     420             : }
     421             : 
     422             : 
     423             : /* Convert STRING into an offset value.  Note that this functions only
     424             :  * allows for a base-10 length.  This function is similar to atoi()
     425             :  * and thus there is no error checking.  */
     426             : gpgme_off_t
     427          67 : _gpgme_string_to_off (const char *string)
     428             : {
     429          67 :   gpgme_off_t value = 0;
     430             : 
     431         134 :   while (*string == ' ' || *string == '\t')
     432           0 :     string++;
     433         166 :   for (; *string >= '0' && *string <= '9'; string++)
     434             :     {
     435          99 :       value *= 10;
     436          99 :       value += atoi_1 (string);
     437             :     }
     438          67 :   return value;
     439             : }
     440             : 
     441             : 
     442             : #ifdef HAVE_W32_SYSTEM
     443             : static time_t
     444             : _gpgme_timegm (struct tm *tm)
     445             : {
     446             :   /* This one is thread safe.  */
     447             :   SYSTEMTIME st;
     448             :   FILETIME ft;
     449             :   unsigned long long cnsecs;
     450             : 
     451             :   st.wYear   = tm->tm_year + 1900;
     452             :   st.wMonth  = tm->tm_mon  + 1;
     453             :   st.wDay    = tm->tm_mday;
     454             :   st.wHour   = tm->tm_hour;
     455             :   st.wMinute = tm->tm_min;
     456             :   st.wSecond = tm->tm_sec;
     457             :   st.wMilliseconds = 0; /* Not available.  */
     458             :   st.wDayOfWeek = 0;    /* Ignored.  */
     459             : 
     460             :   /* System time is UTC thus the conversion is pretty easy.  */
     461             :   if (!SystemTimeToFileTime (&st, &ft))
     462             :     {
     463             :       gpg_err_set_errno (EINVAL);
     464             :       return (time_t)(-1);
     465             :     }
     466             : 
     467             :   cnsecs = (((unsigned long long)ft.dwHighDateTime << 32)
     468             :             | ft.dwLowDateTime);
     469             :   cnsecs -= 116444736000000000ULL; /* The filetime epoch is 1601-01-01.  */
     470             :   return (time_t)(cnsecs / 10000000ULL);
     471             : }
     472             : #endif
     473             : 
     474             : 
     475             : /* Parse the string TIMESTAMP into a time_t.  The string may either be
     476             :    seconds since Epoch or in the ISO 8601 format like
     477             :    "20390815T143012".  Returns 0 for an empty string or seconds since
     478             :    Epoch. Leading spaces are skipped. If ENDP is not NULL, it will
     479             :    point to the next non-parsed character in TIMESTRING. */
     480             : time_t
     481       23634 : _gpgme_parse_timestamp (const char *timestamp, char **endp)
     482             : {
     483             :   /* Need to skip leading spaces, because that is what strtoul does
     484             :      but not our ISO 8601 checking code. */
     485       47617 :   while (*timestamp && *timestamp== ' ')
     486         349 :     timestamp++;
     487       23634 :   if (!*timestamp)
     488       11229 :     return 0;
     489             : 
     490       12405 :   if (strlen (timestamp) >= 15 && timestamp[8] == 'T')
     491             :     {
     492             :       struct tm buf;
     493             :       int year;
     494             : 
     495          15 :       year = atoi_4 (timestamp);
     496          15 :       if (year < 1900)
     497           0 :         return (time_t)(-1);
     498             : 
     499          15 :       if (endp)
     500           3 :         *endp = (char*)(timestamp + 15);
     501             : 
     502             :       /* Fixme: We would better use a configure test to see whether
     503             :          mktime can handle dates beyond 2038. */
     504             :       if (sizeof (time_t) <= 4 && year >= 2038)
     505             :         return (time_t)2145914603; /* 2037-12-31 23:23:23 */
     506             : 
     507          15 :       memset (&buf, 0, sizeof buf);
     508          15 :       buf.tm_year = year - 1900;
     509          15 :       buf.tm_mon = atoi_2 (timestamp+4) - 1;
     510          15 :       buf.tm_mday = atoi_2 (timestamp+6);
     511          15 :       buf.tm_hour = atoi_2 (timestamp+9);
     512          15 :       buf.tm_min = atoi_2 (timestamp+11);
     513          15 :       buf.tm_sec = atoi_2 (timestamp+13);
     514             : 
     515             : #ifdef HAVE_W32_SYSTEM
     516             :       return _gpgme_timegm (&buf);
     517             : #else
     518             : #ifdef HAVE_TIMEGM
     519          15 :       return timegm (&buf);
     520             : #else
     521             :       {
     522             :         time_t tim;
     523             : 
     524             :         putenv ("TZ=UTC");
     525             :         tim = mktime (&buf);
     526             : #ifdef __GNUC__
     527             : #warning fixme: we must somehow reset TZ here.  It is not threadsafe anyway.
     528             : #endif
     529             :         return tim;
     530             :       }
     531             : #endif /* !HAVE_TIMEGM */
     532             : #endif /* !HAVE_W32_SYSTEM */
     533             :     }
     534             :   else
     535       12390 :     return (time_t)strtoul (timestamp, endp, 10);
     536             : }
     537             : 
     538             : 
     539             : /* The GPG backend uses OpenPGP algorithm numbers which we need to map
     540             :    to our algorithm numbers.  This function MUST not change ERRNO. */
     541             : int
     542       11895 : _gpgme_map_pk_algo (int algo, gpgme_protocol_t protocol)
     543             : {
     544       11895 :   if (protocol == GPGME_PROTOCOL_OPENPGP)
     545             :     {
     546       11880 :       switch (algo)
     547             :         {
     548       11880 :         case 1: case 2: case 3: case 16: case 17: break;
     549           0 :         case 18: algo = GPGME_PK_ECDH; break;
     550           0 :         case 19: algo = GPGME_PK_ECDSA; break;
     551           0 :         case 20: break;
     552           0 :         case 22: algo = GPGME_PK_EDDSA; break;
     553           0 :         default: algo = 0; break; /* Unknown.  */
     554             :         }
     555             :     }
     556             : 
     557       11895 :   return algo;
     558             : }

Generated by: LCOV version 1.11