#include <libloc/stringpool.h>
struct loc_database_objects {
- void* p;
- off_t offset;
+ char* data;
size_t length;
size_t count;
};
+struct loc_database_signature {
+ const char* data;
+ size_t length;
+};
+
struct loc_database {
struct loc_ctx* ctx;
int refcount;
off_t license;
// Signatures
- char* signature1;
- size_t signature1_length;
- char* signature2;
- size_t signature2_length;
+ struct loc_database_signature signature1;
+ struct loc_database_signature signature2;
+
+ // Data mapped into memory
+ char* data;
+ off_t length;
struct loc_stringpool* pool;
struct in6_addr gap4_start;
};
-#define loc_database_read_object(db, buffer, objects, pos) \
- __loc_database_read_object(db, buffer, sizeof(*buffer), objects, pos)
+/*
+ Checks if it is safe to read the buffer of size length starting at p.
+*/
+#define loc_database_check_boundaries(db, p) \
+ __loc_database_check_boundaries(db, (const char*)p, sizeof(*p))
+
+static inline int __loc_database_check_boundaries(struct loc_database* db,
+ const char* p, const size_t length) {
+ size_t offset = p - db->data;
+
+ // Return if everything is within the boundary
+ if (offset <= db->length - length)
+ return 1;
+
+ DEBUG(db->ctx, "Database read check failed at %p for %zu byte(s)\n", p, length);
+ DEBUG(db->ctx, " p = %p (offset = %jd, length = %zu)\n", p, offset, length);
+ DEBUG(db->ctx, " data = %p (length = %zu)\n", db->data, db->length);
+ DEBUG(db->ctx, " end = %p\n", db->data + db->length);
+ DEBUG(db->ctx, " overflow of %zu byte(s)\n", offset + length - db->length);
+
+ // Otherwise raise EFAULT
+ errno = EFAULT;
+ return 0;
+}
/*
- Reads an object into memory (used when mmap() isn't available)
+ Returns a pointer to the n-th object
*/
-static void* __loc_database_read_object(struct loc_database* db, void* buffer,
- const size_t length, const struct loc_database_objects* objects, const off_t pos) {
+static inline char* loc_database_object(struct loc_database* db,
+ const struct loc_database_objects* objects, const size_t length, const off_t n) {
// Calculate offset
- const off_t offset = pos * length;
+ const off_t offset = n * length;
- // Map the object first if possible
- if (objects->p)
- return (uint8_t*)objects->p + offset;
+ // Return a pointer to where the object lies
+ char* object = objects->data + offset;
- // Otherwise fall back and read the object into the buffer
- const int fd = fileno(db->f);
+ // Check if the object is part of the memory
+ if (!__loc_database_check_boundaries(db, object, length))
+ return NULL;
- // Read object
- ssize_t bytes_read = pread(fd, buffer, length, objects->offset + offset);
+ return object;
+}
- // Check if we could read what we wanted
- if (bytes_read < (ssize_t)length) {
- ERROR(db->ctx, "Error reading object from database: %m\n");
- return NULL;
- }
+static int loc_database_version_supported(struct loc_database* db, uint8_t version) {
+ switch (version) {
+ // Supported versions
+ case LOC_DATABASE_VERSION_1:
+ return 1;
- // Success!
- return buffer;
+ default:
+ ERROR(db->ctx, "Database version %d is not supported\n", version);
+ errno = ENOTSUP;
+ return 0;
+ }
}
static int loc_database_check_magic(struct loc_database* db) {
if (memcmp(magic.magic, LOC_DATABASE_MAGIC, sizeof(magic.magic)) == 0) {
DEBUG(db->ctx, "Magic value matches\n");
+ // Do we support this version?
+ if (!loc_database_version_supported(db, magic.version))
+ return 1;
+
// Parse version
db->version = magic.version;
}
/*
- Maps arbitrary objects from the database into memory.
+ Maps the entire database into memory
*/
-static int loc_database_map_objects(struct loc_database* db,
- struct loc_database_objects* objects, const size_t size,
- off_t offset, size_t length) {
- int r = 0;
-
- // Store parameters
- objects->offset = offset;
- objects->length = length;
- objects->count = objects->length / size;
-
- // End if there is nothing to map
- if (!objects->length)
- return 0;
-
- DEBUG(db->ctx, "Mapping %zu object(s) from %jd (%zu bytes)\n",
- objects->count, (intmax_t)objects->offset, objects->length);
-
- // mmap() objects into memory
- void* p = mmap(NULL, objects->length, PROT_READ, MAP_PRIVATE,
- fileno(db->f), objects->offset);
+static int loc_database_mmap(struct loc_database* db) {
+ int r;
- if (p == MAP_FAILED) {
- // Ignore if the database wasn't page aligned for this architecture
- // and fall back to use pread().
- if (errno == EINVAL) {
- DEBUG(db->ctx, "Falling back to pread()\n");
- return 0;
- }
+ // Get file descriptor
+ int fd = fileno(db->f);
- ERROR(db->ctx, "mmap() failed: %m\n");
+ // Determine the length of the database
+ db->length = lseek(fd, 0, SEEK_END);
+ if (db->length < 0) {
+ ERROR(db->ctx, "Could not determine the length of the database: %m\n");
return 1;
}
- // Store pointer
- objects->p = p;
-
- return r;
-}
+ rewind(db->f);
-static int loc_database_unmap_objects(struct loc_database* db,
- struct loc_database_objects* objects) {
- int r;
+ // Map all data
+ db->data = mmap(NULL, db->length, PROT_READ, MAP_SHARED, fd, 0);
+ if (db->data == MAP_FAILED) {
+ ERROR(db->ctx, "Could not map the database: %m\n");
+ db->data = NULL;
+ return 1;
+ }
- // Nothing to do if nothing was mapped
- if (!objects->p)
- return 0;
+ DEBUG(db->ctx, "Mapped database of %zu byte(s) at %p\n", db->length, db->data);
- // Call munmap() to free everything
- r = munmap(objects->p, objects->length);
+ // Tell the system that we expect to read data randomly
+ r = madvise(db->data, db->length, MADV_RANDOM);
if (r) {
- ERROR(db->ctx, "Could not unmap objects: %m\n");
+ ERROR(db->ctx, "madvise() failed: %m\n");
return r;
}
return 0;
}
+/*
+ Maps arbitrary objects from the database into memory.
+*/
+static int loc_database_map_objects(struct loc_database* db, struct loc_database_objects* objects,
+ const size_t size, const off_t offset, const size_t length) {
+ // Store parameters
+ objects->data = db->data + offset;
+ objects->length = length;
+ objects->count = objects->length / size;
+
+ return 0;
+}
+
static int loc_database_read_signature(struct loc_database* db,
- char** dst, char* src, size_t length) {
+ struct loc_database_signature* signature, const char* data, const size_t length) {
// Check for a plausible signature length
if (length > LOC_SIGNATURE_MAX_LENGTH) {
ERROR(db->ctx, "Signature too long: %zu\n", length);
- return -EINVAL;
+ errno = EINVAL;
+ return 1;
}
- DEBUG(db->ctx, "Reading signature of %zu bytes\n", length);
+ // Store data & length
+ signature->data = data;
+ signature->length = length;
- // Allocate space
- *dst = malloc(length);
- if (!*dst)
- return -ENOMEM;
+ DEBUG(db->ctx, "Read signature of %zu byte(s) at %p\n",
+ signature->length, signature->data);
- // Copy payload
- memcpy(*dst, src, length);
+ hexdump(db->ctx, signature->data, signature->length);
return 0;
}
static int loc_database_read_header_v1(struct loc_database* db) {
- struct loc_database_header_v1 header;
+ const struct loc_database_header_v1* header =
+ (const struct loc_database_header_v1*)(db->data + LOC_DATABASE_MAGIC_SIZE);
int r;
- // Read from file
- size_t size = fread(&header, 1, sizeof(header), db->f);
+ DEBUG(db->ctx, "Reading header at %p\n", header);
- if (size < sizeof(header)) {
+ // Check if we can read the header
+ if (!loc_database_check_boundaries(db, header)) {
ERROR(db->ctx, "Could not read enough data for header\n");
- errno = ENOMSG;
return 1;
}
- // Copy over data
- db->created_at = be64toh(header.created_at);
- db->vendor = be32toh(header.vendor);
- db->description = be32toh(header.description);
- db->license = be32toh(header.license);
+ // Dump the entire header
+ hexdump(db->ctx, header, sizeof(*header));
- db->signature1_length = be16toh(header.signature1_length);
- db->signature2_length = be16toh(header.signature2_length);
+ // Copy over data
+ db->created_at = be64toh(header->created_at);
+ db->vendor = be32toh(header->vendor);
+ db->description = be32toh(header->description);
+ db->license = be32toh(header->license);
// Read signatures
- if (db->signature1_length) {
- r = loc_database_read_signature(db, &db->signature1,
- header.signature1, db->signature1_length);
- if (r)
- return r;
- }
+ r = loc_database_read_signature(db, &db->signature1,
+ header->signature1, be16toh(header->signature1_length));
+ if (r)
+ return r;
- if (db->signature2_length) {
- r = loc_database_read_signature(db, &db->signature2,
- header.signature2, db->signature2_length);
- if (r)
- return r;
- }
+ r = loc_database_read_signature(db, &db->signature2,
+ header->signature2, be16toh(header->signature2_length));
+ if (r)
+ return r;
+
+ const char* stringpool_start = db->data + be32toh(header->pool_offset);
+ size_t stringpool_length = be32toh(header->pool_length);
+
+ // Check if the stringpool is part of the mapped area
+ if (!__loc_database_check_boundaries(db, stringpool_start, stringpool_length))
+ return 1;
// Open the stringpool
- r = loc_stringpool_open(db->ctx, &db->pool, db->f,
- be32toh(header.pool_length), be32toh(header.pool_offset));
+ r = loc_stringpool_open(db->ctx, &db->pool, stringpool_start, stringpool_length);
if (r)
return r;
// Map AS objects
r = loc_database_map_objects(db, &db->as_objects,
sizeof(struct loc_database_as_v1),
- be32toh(header.as_offset),
- be32toh(header.as_length));
+ be32toh(header->as_offset),
+ be32toh(header->as_length));
if (r)
return r;
// Map Network Nodes
r = loc_database_map_objects(db, &db->network_node_objects,
sizeof(struct loc_database_network_node_v1),
- be32toh(header.network_tree_offset),
- be32toh(header.network_tree_length));
+ be32toh(header->network_tree_offset),
+ be32toh(header->network_tree_length));
if (r)
return r;
// Map Networks
r = loc_database_map_objects(db, &db->network_objects,
sizeof(struct loc_database_network_v1),
- be32toh(header.network_data_offset),
- be32toh(header.network_data_length));
+ be32toh(header->network_data_offset),
+ be32toh(header->network_data_length));
if (r)
return r;
// Map countries
r = loc_database_map_objects(db, &db->country_objects,
sizeof(struct loc_database_country_v1),
- be32toh(header.countries_offset),
- be32toh(header.countries_length));
+ be32toh(header->countries_offset),
+ be32toh(header->countries_length));
if (r)
return r;
if (r)
return r;
+ // Map the database into memory
+ r = loc_database_mmap(db);
+ if (r)
+ return r;
+
// Read the header
r = loc_database_read_header(db);
if (r)
}
static void loc_database_free(struct loc_database* db) {
- DEBUG(db->ctx, "Releasing database %p\n", db);
-
- // Removing all ASes
- loc_database_unmap_objects(db, &db->as_objects);
-
- // Remove mapped network sections
- loc_database_unmap_objects(db, &db->network_objects);
+ int r;
- // Remove mapped network nodes section
- loc_database_unmap_objects(db, &db->network_node_objects);
+ DEBUG(db->ctx, "Releasing database %p\n", db);
- // Remove mapped countries section
- loc_database_unmap_objects(db, &db->country_objects);
+ // Unmap the entire database
+ if (db->data) {
+ r = munmap(db->data, db->length);
+ if (r)
+ ERROR(db->ctx, "Could not unmap the database: %m\n");
+ }
// Free the stringpool
if (db->pool)
loc_stringpool_unref(db->pool);
- // Free signature
- if (db->signature1)
- free(db->signature1);
- if (db->signature2)
- free(db->signature2);
-
// Close database file
if (db->f)
fclose(db->f);
LOC_EXPORT int loc_database_new(struct loc_ctx* ctx, struct loc_database** database, FILE* f) {
struct loc_database* db = NULL;
- int r;
+ int r = 1;
// Fail on invalid file handle
if (!f) {
size_t bytes_read = 0;
// Cannot do this when no signature is available
- if (!db->signature1 && !db->signature2) {
+ if (!db->signature1.data && !db->signature2.data) {
DEBUG(db->ctx, "No signature available to verify\n");
return 1;
}
}
}
+ int sig1_valid = 0;
+ int sig2_valid = 0;
+
// Check first signature
- if (db->signature1) {
- hexdump(db->ctx, db->signature1, db->signature1_length);
+ if (db->signature1.length) {
+ hexdump(db->ctx, db->signature1.data, db->signature1.length);
r = EVP_DigestVerifyFinal(mdctx,
- (unsigned char*)db->signature1, db->signature1_length);
+ (unsigned char*)db->signature1.data, db->signature1.length);
if (r == 0) {
DEBUG(db->ctx, "The first signature is invalid\n");
- r = 1;
} else if (r == 1) {
DEBUG(db->ctx, "The first signature is valid\n");
- r = 0;
+ sig1_valid = 1;
} else {
ERROR(db->ctx, "Error verifying the first signature: %s\n",
ERR_error_string(ERR_get_error(), NULL));
r = -1;
+ goto CLEANUP;
}
}
// Check second signature only when the first one was invalid
- if (r && db->signature2) {
- hexdump(db->ctx, db->signature2, db->signature2_length);
+ if (db->signature2.length) {
+ hexdump(db->ctx, db->signature2.data, db->signature2.length);
r = EVP_DigestVerifyFinal(mdctx,
- (unsigned char*)db->signature2, db->signature2_length);
+ (unsigned char*)db->signature2.data, db->signature2.length);
if (r == 0) {
DEBUG(db->ctx, "The second signature is invalid\n");
- r = 1;
} else if (r == 1) {
DEBUG(db->ctx, "The second signature is valid\n");
- r = 0;
+ sig2_valid = 1;
} else {
ERROR(db->ctx, "Error verifying the second signature: %s\n",
ERR_error_string(ERR_get_error(), NULL));
r = -1;
+ goto CLEANUP;
}
}
INFO(db->ctx, "Signature checked in %.4fms\n",
(double)(end - start) / CLOCKS_PER_SEC * 1000);
+ // Check if at least one signature as okay
+ if (sig1_valid || sig2_valid)
+ r = 0;
+ else
+ r = 1;
+
CLEANUP:
// Cleanup
EVP_MD_CTX_free(mdctx);
// Returns the AS at position pos
static int loc_database_fetch_as(struct loc_database* db, struct loc_as** as, off_t pos) {
- struct loc_database_as_v1 as_v1;
- struct loc_database_as_v1* p_v1;
+ struct loc_database_as_v1* as_v1 = NULL;
int r;
if ((size_t)pos >= db->as_objects.count) {
switch (db->version) {
case LOC_DATABASE_VERSION_1:
- // Read the object
- p_v1 = loc_database_read_object(db, &as_v1, &db->as_objects, pos);
- if (!p_v1)
+ // Find the object
+ as_v1 = (struct loc_database_as_v1*)loc_database_object(db,
+ &db->as_objects, sizeof(*as_v1), pos);
+ if (!as_v1)
return 1;
- r = loc_as_new_from_database_v1(db->ctx, db->pool, as, p_v1);
+ r = loc_as_new_from_database_v1(db->ctx, db->pool, as, as_v1);
break;
default:
// Returns the network at position pos
static int loc_database_fetch_network(struct loc_database* db, struct loc_network** network,
struct in6_addr* address, unsigned int prefix, off_t pos) {
- struct loc_database_network_v1 network_v1;
- struct loc_database_network_v1* p_v1;
+ struct loc_database_network_v1* network_v1 = NULL;
int r;
if ((size_t)pos >= db->network_objects.count) {
switch (db->version) {
case LOC_DATABASE_VERSION_1:
// Read the object
- p_v1 = loc_database_read_object(db, &network_v1, &db->network_objects, pos);
- if (!p_v1)
+ network_v1 = (struct loc_database_network_v1*)loc_database_object(db,
+ &db->network_objects, sizeof(*network_v1), pos);
+ if (!network_v1)
return 1;
- r = loc_network_new_from_database_v1(db->ctx, network, address, prefix, p_v1);
+ r = loc_network_new_from_database_v1(db->ctx, network, address, prefix, network_v1);
break;
default:
static int __loc_database_lookup(struct loc_database* db, const struct in6_addr* address,
struct loc_network** network, struct in6_addr* network_address,
off_t node_index, unsigned int level) {
- struct loc_database_network_node_v1 node_v1;
- struct loc_database_network_node_v1* p_v1;
+ struct loc_database_network_node_v1* node_v1 = NULL;
int r;
// Fetch the next node
- p_v1 = loc_database_read_object(db, &node_v1, &db->network_node_objects, node_index);
- if (!p_v1)
+ node_v1 = (struct loc_database_network_node_v1*)loc_database_object(db,
+ &db->network_node_objects, sizeof(*node_v1), node_index);
+ if (!node_v1)
return 1;
// Follow the path
loc_address_set_bit(network_address, level, bit);
if (bit == 0)
- node_index = be32toh(p_v1->zero);
+ node_index = be32toh(node_v1->zero);
else
- node_index = be32toh(p_v1->one);
+ node_index = be32toh(node_v1->one);
// If the node index is zero, the tree ends here
// and we cannot descend any further
}
// If this node has a leaf, we will check if it matches
- if (__loc_database_node_is_leaf(p_v1)) {
- r = __loc_database_lookup_handle_leaf(db, address, network, network_address, level, p_v1);
+ if (__loc_database_node_is_leaf(node_v1)) {
+ r = __loc_database_lookup_handle_leaf(db, address, network, network_address, level, node_v1);
if (r <= 0)
return r;
}
// Returns the country at position pos
static int loc_database_fetch_country(struct loc_database* db,
struct loc_country** country, off_t pos) {
- struct loc_database_country_v1 country_v1;
- struct loc_database_country_v1* p_v1;
+ struct loc_database_country_v1* country_v1 = NULL;
int r;
// Check if the country is within range
switch (db->version) {
case LOC_DATABASE_VERSION_1:
// Read the object
- p_v1 = loc_database_read_object(db, &country_v1, &db->country_objects, pos);
- if (!p_v1)
+ country_v1 = (struct loc_database_country_v1*)loc_database_object(db,
+ &db->country_objects, sizeof(*country_v1), pos);
+ if (!country_v1)
return 1;
- r = loc_country_new_from_database_v1(db->ctx, db->pool, country, p_v1);
+ r = loc_country_new_from_database_v1(db->ctx, db->pool, country, country_v1);
break;
default:
// Initialise graph search
e->network_stack_depth = 1;
e->networks_visited = calloc(db->network_node_objects.count, sizeof(*e->networks_visited));
- printf("COUNT = %zu, P = %p\n", db->network_node_objects.count, e->networks_visited);
if (!e->networks_visited) {
ERROR(db->ctx, "Could not allocated visited networks: %m\n");
r = 1;
static int __loc_database_enumerator_next_network(
struct loc_database_enumerator* enumerator, struct loc_network** network, int filter) {
- struct loc_database_network_node_v1 node_v1;
-
// Return top element from the stack
while (1) {
*network = loc_network_list_pop_first(enumerator->stack);
enumerator->networks_visited[node->offset]++;
// Pop node from top of the stack
- struct loc_database_network_node_v1* n = loc_database_read_object(enumerator->db,
- &node_v1, &enumerator->db->network_node_objects, node->offset);
+ struct loc_database_network_node_v1* n =
+ (struct loc_database_network_node_v1*)loc_database_object(enumerator->db,
+ &enumerator->db->network_node_objects, sizeof(*n), node->offset);
if (!n)
return 1;