From beef8b001431b39738266f96879215d92caaf184 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Fri, 16 Jun 2023 10:29:52 +1000 Subject: [PATCH] outputBuffer - use idx field dtls13.c: Change end of outputBuffer data calculations to use function GetOutputBuffer(). Use idx when calculating unused byte count of outputBuffer. internal.c: Change end of outputBuffer data calculations to use function GetOutputBuffer(). Use GetOutputBuffer() to calculate end of data in outputBuffer. GrowOutputBuffer(): Calculate new size to allocate to include already written data in case of static buffer. Copy all data including already written count (idx). CheckAvailableSize(): Don't subtract idx from length when checking MTU size. Do subtract idx from bufferSize to determine count of unused bytes in outputBuffer. --- src/dtls13.c | 18 +++++++----------- src/internal.c | 41 +++++++++++++++++------------------------ 2 files changed, 24 insertions(+), 35 deletions(-) diff --git a/src/dtls13.c b/src/dtls13.c index 2e0f68ad6..b5fecafd7 100644 --- a/src/dtls13.c +++ b/src/dtls13.c @@ -419,7 +419,7 @@ static int Dtls13SendFragFromBuffer(WOLFSSL* ssl, byte* output, word16 length) if (ret != 0) return ret; - buf = ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; + buf = GetOutputBuffer(ssl); XMEMCPY(buf, output, length); @@ -924,8 +924,7 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl) if (ret != 0) return ret; - output = - ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); ret = Dtls13HandshakeAddHeaderFrag(ssl, output + rlHeaderLength, (enum HandShakeType)ssl->dtls13FragHandshakeType, @@ -1509,8 +1508,7 @@ static int Dtls13RtxSendBuffered(WOLFSSL* ssl) if (ret != 0) return ret; - output = - ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); XMEMCPY(output + headerLength, r->data, r->length); @@ -2342,8 +2340,7 @@ static int Dtls13WriteAckMessage(WOLFSSL* ssl, if (ret != 0) return ret; - output = - ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); ackMessage = output + headerLength; @@ -2617,8 +2614,7 @@ int SendDtls13Ack(WOLFSSL* ssl) if (ret != 0) return ret; - output = - ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, (word16)length); if (ret != 0) @@ -2632,10 +2628,10 @@ int SendDtls13Ack(WOLFSSL* ssl) if (ret != 0) return ret; - output = - ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); outputSize = ssl->buffers.outputBuffer.bufferSize - + ssl->buffers.outputBuffer.idx - ssl->buffers.outputBuffer.length; headerSize = Dtls13GetRlHeaderLength(ssl, 1); diff --git a/src/internal.c b/src/internal.c index 5f9629c8a..ca166e8d9 100644 --- a/src/internal.c +++ b/src/internal.c @@ -8967,10 +8967,7 @@ int DtlsMsgPoolSend(WOLFSSL* ssl, int sendOnlyFirstPacket) return ret; } - XMEMCPY(ssl->buffers.outputBuffer.buffer + - ssl->buffers.outputBuffer.idx + - ssl->buffers.outputBuffer.length, - pool->raw, pool->sz); + XMEMCPY(GetOutputBuffer(ssl), pool->raw, pool->sz); ssl->buffers.outputBuffer.length += pool->sz; } else { @@ -9950,6 +9947,7 @@ void ShrinkOutputBuffer(WOLFSSL* ssl) ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN; ssl->buffers.outputBuffer.dynamicFlag = 0; ssl->buffers.outputBuffer.offset = 0; + /* idx and length are assumed to be 0. */ } @@ -10091,6 +10089,8 @@ static WC_INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size) #else const byte align = WOLFSSL_GENERAL_ALIGNMENT; #endif + int newSz = size + ssl->buffers.outputBuffer.idx + + ssl->buffers.outputBuffer.length; #if WOLFSSL_GENERAL_ALIGNMENT > 0 /* the encrypted data will be offset from the front of the buffer by @@ -10101,8 +10101,7 @@ static WC_INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size) align *= 2; #endif - tmp = (byte*)XMALLOC(size + ssl->buffers.outputBuffer.length + align, - ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); + tmp = (byte*)XMALLOC(newSz + align, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); WOLFSSL_MSG("growing output buffer"); if (tmp == NULL) @@ -10117,14 +10116,14 @@ static WC_INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size) /* can be from IO memory pool which does not need copy if same buffer */ if (ssl->buffers.outputBuffer.length && tmp == ssl->buffers.outputBuffer.buffer) { - ssl->buffers.outputBuffer.bufferSize = - size + ssl->buffers.outputBuffer.length; + ssl->buffers.outputBuffer.bufferSize = newSz; return 0; } #endif if (ssl->buffers.outputBuffer.length) XMEMCPY(tmp, ssl->buffers.outputBuffer.buffer, + ssl->buffers.outputBuffer.idx + ssl->buffers.outputBuffer.length); if (ssl->buffers.outputBuffer.dynamicFlag) { @@ -10142,8 +10141,7 @@ static WC_INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size) ssl->buffers.outputBuffer.offset = 0; ssl->buffers.outputBuffer.buffer = tmp; - ssl->buffers.outputBuffer.bufferSize = size + - ssl->buffers.outputBuffer.length; + ssl->buffers.outputBuffer.bufferSize = newSz; return 0; } @@ -10241,8 +10239,7 @@ int CheckAvailableSize(WOLFSSL *ssl, int size) #ifdef WOLFSSL_DTLS if (ssl->options.dtls) { - if (size + ssl->buffers.outputBuffer.length - - ssl->buffers.outputBuffer.idx > + if (size + ssl->buffers.outputBuffer.length > #if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU) ssl->dtlsMtuSz #else @@ -10274,8 +10271,9 @@ int CheckAvailableSize(WOLFSSL *ssl, int size) } #endif - if (ssl->buffers.outputBuffer.bufferSize - ssl->buffers.outputBuffer.length - < (word32)size) { + if ((ssl->buffers.outputBuffer.bufferSize - + ssl->buffers.outputBuffer.length - + ssl->buffers.outputBuffer.idx) < (word32)size) { if (GrowOutputBuffer(ssl, size) < 0) return MEMORY_E; } @@ -21890,8 +21888,7 @@ int SendCertificateRequest(WOLFSSL* ssl) return ret; /* get output buffer */ - output = ssl->buffers.outputBuffer.buffer + - ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); AddHeaders(output, reqSz, certificate_request, ssl); @@ -22049,8 +22046,7 @@ static int BuildCertificateStatus(WOLFSSL* ssl, byte type, buffer* status, ssl->options.buildingMsg = 1; if ((ret = CheckAvailableSize(ssl, sendSz)) == 0) { - output = ssl->buffers.outputBuffer.buffer + - ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); AddHeaders(output, length, certificate_status, ssl); @@ -22646,8 +22642,7 @@ int SendData(WOLFSSL* ssl, const void* data, int sz) return ssl->error = ret; /* get output buffer */ - out = ssl->buffers.outputBuffer.buffer + - ssl->buffers.outputBuffer.length; + out = GetOutputBuffer(ssl); #ifdef HAVE_LIBZ if (ssl->options.usingCompression) { @@ -26429,8 +26424,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, return ret; /* get output buffer */ - output = ssl->buffers.outputBuffer.buffer + - ssl->buffers.outputBuffer.length; + output = GetOutputBuffer(ssl); AddHeaders(output, length, client_hello, ssl); @@ -29926,8 +29920,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) goto exit_scke; /* get output buffer */ - args->output = ssl->buffers.outputBuffer.buffer + - ssl->buffers.outputBuffer.length; + args->output = GetOutputBuffer(ssl); AddHeaders(args->output, args->encSz + tlsSz, client_key_exchange, ssl);