static inline int
data_eq(krb5_data d1, krb5_data d2)
{
- return (d1.length == d2.length && !memcmp(d1.data, d2.data, d1.length));
+ return (d1.length == d2.length && (d1.length == 0 ||
+ !memcmp(d1.data, d2.data, d1.length)));
}
static inline int
data_eq_string (krb5_data d, const char *s)
{
- return (d.length == strlen(s) && !memcmp(d.data, s, d.length));
+ return (d.length == strlen(s) && (d.length == 0 ||
+ !memcmp(d.data, s, d.length)));
}
static inline krb5_data
static inline int
authdata_eq(krb5_authdata a1, krb5_authdata a2)
{
- return (a1.ad_type == a2.ad_type
- && a1.length == a2.length
- && !memcmp(a1.contents, a2.contents, a1.length));
+ return (a1.ad_type == a2.ad_type && a1.length == a2.length &&
+ (a1.length == 0 || !memcmp(a1.contents, a2.contents, a1.length)));
}
/* Allocate zeroed memory; set *code to 0 on success or ENOMEM on failure. */
{
void *ptr = k5alloc(len, code);
- if (ptr != NULL)
+ if (ptr != NULL && len > 0)
memcpy(ptr, in, len);
return ptr;
}
{
void *ptr = k5alloc(len + 1, code);
- if (ptr != NULL)
+ if (ptr != NULL && len > 0)
memcpy(ptr, in, len);
return ptr;
}
char *s;
s = malloc(d->length + 1);
if (s) {
- memcpy(s, d->data, d->length);
+ if (d->length > 0)
+ memcpy(s, d->data, d->length);
s[d->length] = 0;
}
return s;
p += 4;
for (i = 0; i < krb5_princ_size(context, req->user); i++) {
- memcpy(p, krb5_princ_component(context, req->user, i)->data,
- krb5_princ_component(context, req->user, i)->length);
+ if (krb5_princ_component(context, req->user, i)->length > 0) {
+ memcpy(p, krb5_princ_component(context, req->user, i)->data,
+ krb5_princ_component(context, req->user, i)->length);
+ }
p += krb5_princ_component(context, req->user, i)->length;
}
- memcpy(p, krb5_princ_realm(context, req->user)->data,
- krb5_princ_realm(context, req->user)->length);
+ if (krb5_princ_realm(context, req->user)->length > 0) {
+ memcpy(p, krb5_princ_realm(context, req->user)->data,
+ krb5_princ_realm(context, req->user)->length);
+ }
p += krb5_princ_realm(context, req->user)->length;
- memcpy(p, req->auth_package.data, req->auth_package.length);
+ if (req->auth_package.length > 0)
+ memcpy(p, req->auth_package.data, req->auth_package.length);
p += req->auth_package.length;
code = krb5_c_verify_checksum(context,
iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
iov[1].data = make_data(output->ciphertext.data + header_len,
input->length);
- memcpy(iov[1].data.data, input->data, input->length);
+ if (input->length > 0)
+ memcpy(iov[1].data.data, input->data, input->length);
iov[2].flags = KRB5_CRYPTO_TYPE_PADDING;
iov[2].data = make_data(iov[1].data.data + input->length, padding_len);
*/
memset(password, 0, sizeof(password));
- memcpy(password, salt->data, min(salt->length, 8));
+ if (salt->length > 0)
+ memcpy(password, salt->data, min(salt->length, 8));
for (i = 0; i < 8; i++) {
if (isupper(password[i]))
password[i] = tolower(password[i]);
if (!password)
return ENOMEM;
- memcpy(password, data->data, data->length);
+ if (data->length > 0)
+ memcpy(password, data->data, data->length);
for (i = data->length, j = 0; j < salt->length; i++, j++) {
password[i] = salt->data[j];
if (isupper(password[i]))
copy = malloc(copylen);
if (copy == NULL)
return ENOMEM;
- memcpy(copy, pw->data, pw->length);
- if (salt)
+ if (pw->length > 0)
+ memcpy(copy, pw->data, pw->length);
+ if (salt != NULL && salt->length > 0)
memcpy(copy + pw->length, salt->data, salt->length);
memset(&temp, 0, sizeof(temp));
/* construct input string ( = string + salt), fold it, make_key it */
- memcpy(concat, string->data, string->length);
- if (salt)
+ if (string->length > 0)
+ memcpy(concat, string->data, string->length);
+ if (salt != NULL && salt->length > 0)
memcpy(concat + string->length, salt->data, salt->length);
krb5int_nfold(concatlen*8, concat, keybytes*8, foldstring);
if (err)
return err;
- memcpy(sandp.data, pepper->data, pepper->length);
+ if (pepper->length > 0)
+ memcpy(sandp.data, pepper->data, pepper->length);
sandp.data[pepper->length] = '\0';
- memcpy(&sandp.data[pepper->length + 1], salt->data, salt->length);
+ if (salt->length > 0)
+ memcpy(&sandp.data[pepper->length + 1], salt->data, salt->length);
salt = &sandp;
}
}
data->data = p;
- memcpy(data->data + data->length, request->data, request->length);
+ if (request->length > 0)
+ memcpy(data->data + data->length, request->data, request->length);
data->length += request->length;
if (initialContextToken)
if (data == NULL) {
ret = krb5_cc_remove_cred(context, id, 0, &cred);
} else {
- cred.ticket.data = malloc(data->length);
- if (cred.ticket.data == NULL) {
- ret = ENOMEM;
- krb5_set_error_message(context, ret, "malloc: out of memory");
+ ret = krb5int_copy_data_contents(context, data, &cred.ticket);
+ if (ret)
goto out;
- }
- cred.ticket.length = data->length;
- memcpy(cred.ticket.data, data->data, data->length);
-
ret = krb5_cc_store_cred(context, id, &cred);
}
out:
if (ret)
goto out;
- data->data = malloc(cred.ticket.length);
- if (data->data == NULL) {
- ret = ENOMEM;
- krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
+ ret = krb5int_copy_data_contents(context, &cred.ticket, data);
+ if (ret)
goto out;
- }
- data->length = cred.ticket.length;
- memcpy(data->data, cred.ticket.data, data->length);
TRACE_CC_GET_CONFIG(context, id, principal, key, data);
static krb5_boolean
fnmatch_data(const char *pattern, krb5_data *data, krb5_boolean fold_case)
{
+ krb5_error_code ret;
char *str, *p;
int res;
- str = malloc(data->length + 1);
+ str = k5memdup0(data->data, data->length, &ret);
if (str == NULL)
return FALSE;
- memcpy(str, data->data, data->length);
- str[data->length] = '\0';
if (fold_case) {
for (p = str; *p != '\0'; p++) {
continue;
/* check for name match */
- if (strlen(module->name) != name->length ||
- memcmp(module->name, name->data, name->length) != 0)
+ if (!data_eq_string(*name, module->name))
continue;
ret = module;
if (p == transit->data) {
if (crealm->length >= MAXLEN)
return KRB5KRB_AP_ERR_ILL_CR_TKT;
- memcpy (last, crealm->data, crealm->length);
+ if (crealm->length > 0)
+ memcpy (last, crealm->data, crealm->length);
last[crealm->length] = '\0';
last_component.length = crealm->length;
}
compo = &princ->data[1];
if (compo->length >= INST_SZ - 1)
return KRB5_INVALID_PRINCIPAL;
- memcpy(inst, compo->data, compo->length);
+ if (compo->length > 0)
+ memcpy(inst, compo->data, compo->length);
inst[compo->length] = '\0';
}
/* fall through */
compo = &princ->data[0];
if (compo->length >= ANAME_SZ)
return KRB5_INVALID_PRINCIPAL;
- memcpy(name, compo->data, compo->length);
+ if (compo->length > 0)
+ memcpy(name, compo->data, compo->length);
name[compo->length] = '\0';
}
break;
static void
read_allowed_preauth_type(krb5_context context, krb5_init_creds_context ctx)
{
+ krb5_error_code ret;
krb5_data config;
char *tmp, *p;
ctx->request->server,
KRB5_CC_CONF_PA_TYPE, &config) != 0)
return;
- tmp = malloc(config.length + 1);
- if (tmp == NULL) {
- krb5_free_data_contents(context, &config);
+ tmp = k5memdup0(config.data, config.length, &ret);
+ krb5_free_data_contents(context, &config);
+ if (tmp == NULL)
return;
- }
- memcpy(tmp, config.data, config.length);
- tmp[config.length] = '\0';
ctx->allowed_preauth_type = strtol(tmp, &p, 10);
if (p == NULL || *p != '\0')
ctx->allowed_preauth_type = KRB5_PADATA_NONE;
free(tmp);
- krb5_free_data_contents(context, &config);
}
static krb5_error_code
if (use_realm) {
offset = pr->realm.length;
- memcpy(ret->data, pr->realm.data, offset);
+ if (offset > 0)
+ memcpy(ret->data, pr->realm.data, offset);
}
for (i = 0; i < pr->length; i++) {
- memcpy(&ret->data[offset], pr->data[i].data, pr->data[i].length);
+ if (pr->data[i].length > 0)
+ memcpy(&ret->data[offset], pr->data[i].data, pr->data[i].length);
offset += pr->data[i].length;
}
return 0;
if (realm1->length != realm2->length)
return FALSE;
+ if (realm1->length == 0)
+ return TRUE;
return (flags & KRB5_PRINCIPAL_COMPARE_CASEFOLD) ?
(strncasecmp(realm1->data, realm2->data, realm2->length) == 0) :
p += 4;
for (i = 0; i < req->user->length; i++) {
- memcpy(p, req->user->data[i].data, req->user->data[i].length);
+ if (req->user->data[i].length > 0)
+ memcpy(p, req->user->data[i].data, req->user->data[i].length);
p += req->user->data[i].length;
}
- memcpy(p, req->user->realm.data, req->user->realm.length);
+ if (req->user->realm.length > 0)
+ memcpy(p, req->user->realm.data, req->user->realm.length);
p += req->user->realm.length;
- memcpy(p, req->auth_package.data, req->auth_package.length);
+ if (req->auth_package.length > 0)
+ memcpy(p, req->auth_package.data, req->auth_package.length);
/* Per spec, use hmac-md5 checksum regardless of key type. */
code = krb5_c_make_checksum(context, CKSUMTYPE_HMAC_MD5_ARCFOUR, key,
int length = src->length;
if (flags & KRB5_PRINCIPAL_UNPARSE_DISPLAY) {
- memcpy(dest, src->data, src->length);
+ if (src->length > 0)
+ memcpy(dest, src->data, src->length);
return src->length;
}
if (client->data == NULL || server->data == NULL)
return KRB5_NO_TKT_IN_RLM;
- if (client->length == server->length &&
- memcmp(client->data, server->data, server->length) == 0) {
+ if (data_eq(*client, *server))
return KRB5_NO_TKT_IN_RLM;
- }
retval = rtree_capath_vals(context, client, server, &capvals);
if (retval)
return retval;
esre2->sam_sad.length, user);
goto cleanup;
}
- memcpy(passcode, esre2->sam_sad.data, esre2->sam_sad.length);
+ if (esre2->sam_sad.length > 0)
+ memcpy(passcode, esre2->sam_sad.data, esre2->sam_sad.length);
securid_user = strdup(user);
if (!securid_user) {
s = alloc_value(&string_type, len + 1);
if (s == NULL)
return ENOMEM;
- memcpy(s, data, len);
+ if (len > 0)
+ memcpy(s, data, len);
s[len] = '\0';
*val_out = (k5_json_string)s;
return 0;
{
if (!ensure_space(buf, len))
return;
- memcpy(buf->data + buf->len, data, len);
+ if (len > 0)
+ memcpy(buf->data + buf->len, data, len);
buf->len += len;
buf->data[buf->len] = '\0';
}
projects / thirdparty / krb5.git / commitdiff
