Sun, 17 Dec 2023 15:33:50 +0100
fix faulty string to int conversion utilities
Probably it was expected that errno is set to EINVAL when illegal characters are encountered. But this is not standard and does not happen on every system, allowing illegal strings to be parsed as valid integers.
/* * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright 2018 Olaf Wintermann. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #ifndef DAV_CRYPTO_H #define DAV_CRYPTO_H #include "webdav.h" #include <cx/string.h> #ifdef __APPLE__ /* macos */ #define DAV_CRYPTO_COMMON_CRYPTO #define DAV_AES_CTX CCCryptorRef #define DAV_SHA_CTX CC_SHA256_CTX #define DAV_SHA256_DIGEST_LENGTH 32 #include <CommonCrypto/CommonCrypto.h> #include <CommonCrypto/CommonDigest.h> #elif defined(_WIN32) #define DAV_CRYPTO_CNG #include <windows.h> #include <bcrypt.h> typedef struct WinBCryptCTX { BCRYPT_ALG_HANDLE hAlg; BCRYPT_KEY_HANDLE hKey; void *pbKeyObject; unsigned char pbIV[16]; unsigned char buf[16]; ULONG buflen; } WinBCryptCTX; typedef struct WinBCryptSHACTX { BCRYPT_ALG_HANDLE hAlg; BCRYPT_HASH_HANDLE hHash; void *pbHashObject; } WinBCryptSHACTX; #define DAV_AES_CTX WinBCryptCTX #define DAV_SHA_CTX WinBCryptSHACTX #define DAV_SHA256_DIGEST_LENGTH 32 #else /* unix/linux */ #define DAV_USE_OPENSSL #define DAV_AES_CTX EVP_CIPHER_CTX* #define DAV_SHA_CTX SHA256_CTX #define DAV_SHA256_DIGEST_LENGTH 32 #include <openssl/evp.h> #include <openssl/rand.h> #if defined(__sun) && defined(__SunOS_5_10) #include <sha2.h> #define SHA256_Init SHA256Init #define SHA256_Update SHA256Update #define SHA256_Final SHA256Final #else #include <openssl/sha.h> #endif #endif #ifdef __cplusplus extern "C" { #endif #define DAV_PWFUNC_PBKDF2_SHA256 0 #define DAV_PWFUNC_PBKDF2_SHA512 1 #define DAV_CRYPTO_ITERATION_COUNT 4000 typedef struct { DAV_AES_CTX ctx; DAV_SHA_CTX sha256; void *stream; dav_write_func write; DavKey *key; int init; unsigned char ivtmp[16]; size_t ivpos; } AESDecrypter; typedef struct { DAV_AES_CTX ctx; DAV_SHA_CTX sha256; void *iv; size_t ivlen; void *stream; dav_read_func read; dav_seek_func seek; char *tmp; size_t tmplen; size_t tmpoff; int end; } AESEncrypter; typedef struct DavHashContext DavHashContext; int dav_rand_bytes(unsigned char *buf, size_t len); AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func); size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec); void aes_decrypter_shutdown(AESDecrypter *dec); void aes_decrypter_close(AESDecrypter *dec); AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func); size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc); void aes_encrypter_close(AESEncrypter *enc); int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin); char* aes_encrypt(const char *in, size_t len, DavKey *key); char* aes_decrypt(const char *in, size_t *len, DavKey *key); void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf); char* dav_create_hash(const char *data, size_t len); DAV_SHA_CTX* dav_hash_init(void); void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len); void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf); DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc); CxBuffer* aes_encrypt_buffer(CxBuffer *in, DavKey *key); CxBuffer* aes_decrypt_buffer(CxBuffer *in, DavKey *key); #ifdef __cplusplus } #endif #endif /* DAV_CRYPTO_H */