From: Alan T. DeKok Date: Sat, 29 Mar 2025 20:50:16 +0000 (-0400) Subject: remove "tainted" argument from fr_value_box_from_str() X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=12af1aac3b97bb049d3be581d97473798a986aea;p=thirdparty%2Ffreeradius-server.git remove "tainted" argument from fr_value_box_from_str() either the value was set to false, OR the output "safe_for" was set to an appropriate value. --- diff --git a/src/bin/radmin.c b/src/bin/radmin.c index 6bfd234d56f..4c31a9f15e4 100644 --- a/src/bin/radmin.c +++ b/src/bin/radmin.c @@ -523,7 +523,7 @@ static int cmd_set_profile_status(UNUSED FILE *fp, FILE *fp_err, UNUSED void *ct if (fr_value_box_from_str(NULL, &box, FR_TYPE_BOOL, NULL, info->argv[0], strlen(info->argv[0]), - NULL, false) <= 0) { + NULL) <= 0) { fprintf(fp_err, "Failed setting profile status '%s' - %s\n", info->argv[0], fr_strerror()); return -1; } diff --git a/src/bin/unit_test_attribute.c b/src/bin/unit_test_attribute.c index 86299ccee33..d261354f46d 100644 --- a/src/bin/unit_test_attribute.c +++ b/src/bin/unit_test_attribute.c @@ -1076,8 +1076,7 @@ static size_t parse_typed_value(command_result_t *result, fr_value_box_t *box, c sbuff = FR_SBUFF_IN(p, strlen(p)); slen = fr_value_box_from_substr(box, box, FR_TYPE_STRING, NULL, &sbuff, - &value_parse_rules_double_quoted, - false); + &value_parse_rules_double_quoted); if (slen < 0) { RETURN_OK_WITH_ERROR(); } @@ -1099,8 +1098,7 @@ static size_t parse_typed_value(command_result_t *result, fr_value_box_t *box, c slen = fr_value_box_from_substr(box, box, type, NULL, &sbuff, - &value_parse_rules_bareword_unquoted, - false); + &value_parse_rules_bareword_unquoted); if (slen < 0) { RETURN_OK_WITH_ERROR(); } @@ -1807,8 +1805,7 @@ size_t command_encode_dns_label(command_result_t *result, command_file_ctx_t *cc if (fr_value_box_from_str(box, box, FR_TYPE_STRING, NULL, p, strlen(p), - &fr_value_unescape_double, - false) < 0) { + &fr_value_unescape_double) < 0) { talloc_free(box); RETURN_OK_WITH_ERROR(); } @@ -2761,7 +2758,7 @@ static size_t command_value_box_normalise(command_result_t *result, command_file box2 = talloc_zero(NULL, fr_value_box_t); if (fr_value_box_from_str(box2, box2, type, NULL, data, slen, - &fr_value_unescape_double, false) < 0) { + &fr_value_unescape_double) < 0) { talloc_free(box2); talloc_free(box); RETURN_OK_WITH_ERROR(); diff --git a/src/lib/ldap/filter.c b/src/lib/ldap/filter.c index f62246f98c3..63e50fbcaa9 100644 --- a/src/lib/ldap/filter.c +++ b/src/lib/ldap/filter.c @@ -242,7 +242,7 @@ static fr_slen_t ldap_filter_parse_filter(ldap_filter_t *node, fr_sbuff_t *sbuff case LDAP_FILTER_OP_BIT_AND: case LDAP_FILTER_OP_BIT_OR: if (fr_value_box_from_str(node, node->value, FR_TYPE_UINT32, NULL, - val_buffer, len, NULL, false) < 0) { + val_buffer, len, NULL) < 0) { fr_strerror_const("Failed parsing value for filter"); FR_SBUFF_ERROR_RETURN(sbuff); } diff --git a/src/lib/server/cf_parse.c b/src/lib/server/cf_parse.c index 1854df4ed55..bb39d52cd29 100644 --- a/src/lib/server/cf_parse.c +++ b/src/lib/server/cf_parse.c @@ -126,7 +126,7 @@ void cf_pair_debug_log(CONF_SECTION const *cs, CONF_PAIR *cp, conf_parser_t cons */ int cf_pair_to_value_box(TALLOC_CTX *ctx, fr_value_box_t *out, CONF_PAIR *cp, conf_parser_t const *rule) { - if (fr_value_box_from_str(ctx, out, rule->type, NULL, cp->value, talloc_array_length(cp->value) - 1, NULL, false) < 0) { + if (fr_value_box_from_str(ctx, out, rule->type, NULL, cp->value, talloc_array_length(cp->value) - 1, NULL) < 0) { cf_log_perr(cp, "Invalid value \"%s\" for config item %s", cp->value, cp->attr); @@ -151,6 +151,8 @@ int cf_pair_to_value_box(TALLOC_CTX *ctx, fr_value_box_t *out, CONF_PAIR *cp, co if (fr_rule_file_exists(rule) && !cf_file_check(cp, false)) goto error; } + fr_value_box_mark_safe_for(out, FR_VALUE_BOX_SAFE_FOR_ANY); + return 0; } diff --git a/src/lib/server/command.c b/src/lib/server/command.c index 98890f98798..3f1e91a8480 100644 --- a/src/lib/server/command.c +++ b/src/lib/server/command.c @@ -1839,7 +1839,7 @@ redo: if (fr_value_box_from_str(ctx, box, type, NULL, name, strlen(name), - fr_value_unescape_by_char[(uint8_t)quote], true) < 0) { + fr_value_unescape_by_char[(uint8_t)quote]) < 0) { fr_strerror_printf_push("Failed parsing argument '%s'", name); return -1; } @@ -1974,7 +1974,7 @@ static int syntax_str_to_argv(int start_argc, fr_cmd_argv_t *start, fr_cmd_info_ ret = fr_value_box_from_str(info->box[argc], info->box[argc], type, NULL, word + offset, len - (offset << 1), - fr_value_unescape_by_char[(uint8_t)quote], false); + fr_value_unescape_by_char[(uint8_t)quote]); if (ret < 0) return -1; /* @@ -2593,7 +2593,7 @@ static int expand_syntax(fr_cmd_t *cmd, fr_cmd_info_t *info, fr_cmd_argv_t *argv ret = fr_value_box_from_str(info->box[info->argc], info->box[info->argc], type, NULL, word + offset, len - (offset << 1), - fr_value_unescape_by_char[(uint8_t)quote], false); + fr_value_unescape_by_char[(uint8_t)quote]); if (ret < 0) return -1; info->argc++; *word_p = word = p; diff --git a/src/lib/server/main_config.c b/src/lib/server/main_config.c index c981384d93f..2b8e6dd77b0 100644 --- a/src/lib/server/main_config.c +++ b/src/lib/server/main_config.c @@ -1524,7 +1524,7 @@ int main_config_parse_option(char const *value) fr_value_box_init(&box, FR_TYPE_BOOL, NULL, false); if (fr_value_box_from_str(NULL, &box, FR_TYPE_BOOL, NULL, - p, strlen(p), NULL, false) < 0) { + p, strlen(p), NULL) < 0) { fr_perror("Invalid boolean \"%s\"", p); fr_exit(1); } diff --git a/src/lib/server/map.c b/src/lib/server/map.c index 8de89dc579c..e7bd83afc2c 100644 --- a/src/lib/server/map.c +++ b/src/lib/server/map.c @@ -725,7 +725,7 @@ parse_rhs: * It MUST be the given data type, and it MAY be an enum name. */ slen = fr_value_box_from_substr(map, vb, rhs_rules->enumv->type, rhs_rules->enumv, - &our_in, p_rules, false); + &our_in, p_rules); if (slen < 0) goto error; if (tmpl_afrom_value_box(map, &map->rhs, vb, true) < 0) { @@ -2686,7 +2686,7 @@ int map_afrom_fields(TALLOC_CTX *ctx, map_t **out, map_t **parent_p, request_t * * It MUST be the given data type. */ slen = fr_value_box_from_str(map, vb, my_rules.enumv->type, my_rules.enumv, - rhs, strlen(rhs), NULL, false); + rhs, strlen(rhs), NULL); if (slen <= 0) goto error; if (tmpl_afrom_value_box(map, &map->rhs, vb, true) < 0) { diff --git a/src/lib/server/map_async.c b/src/lib/server/map_async.c index 2fb5f2cc568..e40ffd2e362 100644 --- a/src/lib/server/map_async.c +++ b/src/lib/server/map_async.c @@ -451,7 +451,7 @@ int map_to_list_mod(TALLOC_CTX *ctx, vp_list_mod_t **out, tmpl_value(map_list_head(&n->mod)->rhs), type, tmpl_attr_tail_da(mutated->lhs), mutated->rhs->name, mutated->rhs->len, - fr_value_unescape_by_quote[(uint8_t)mutated->rhs->quote], false)) { + fr_value_unescape_by_quote[(uint8_t)mutated->rhs->quote])) { RPEDEBUG("Assigning value to \"%s\" failed", tmpl_attr_tail_da(mutated->lhs)->name); goto error; } diff --git a/src/lib/server/tmpl_eval.c b/src/lib/server/tmpl_eval.c index f35ecce3a28..d19995d9f45 100644 --- a/src/lib/server/tmpl_eval.c +++ b/src/lib/server/tmpl_eval.c @@ -611,7 +611,7 @@ ssize_t _tmpl_to_atype(TALLOC_CTX *ctx, void *out, */ ret = fr_value_box_from_str(tmp_ctx, &tmp, src_type, NULL, result, (size_t)slen, - NULL, false); + NULL); if (ret < 0) goto error; fr_value_box_bstrndup_shallow(&value, NULL, tmp.vb_strvalue, tmp.vb_length, tmp.tainted); @@ -641,7 +641,7 @@ ssize_t _tmpl_to_atype(TALLOC_CTX *ctx, void *out, */ ret = fr_value_box_from_str(tmp_ctx, &tmp, src_type, NULL, result, (size_t)slen, - NULL, false); + NULL); if (ret < 0) goto error; fr_value_box_bstrndup_shallow(&value, NULL, tmp.vb_strvalue, tmp.vb_length, tmp.tainted); diff --git a/src/lib/server/tmpl_tokenize.c b/src/lib/server/tmpl_tokenize.c index 3f4cf44188c..fce1375d312 100644 --- a/src/lib/server/tmpl_tokenize.c +++ b/src/lib/server/tmpl_tokenize.c @@ -2515,7 +2515,7 @@ static fr_slen_t tmpl_afrom_value_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff vpt = tmpl_alloc_null(ctx); if (fr_value_box_from_substr(vpt, &tmp, cast, allow_enum ? t_rules->enumv : NULL, - &our_in, p_rules, false) < 0) { + &our_in, p_rules) < 0) { talloc_free(vpt); FR_SBUFF_ERROR_RETURN(&our_in); } @@ -2690,7 +2690,7 @@ static fr_slen_t tmpl_afrom_ipv4_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff_ MEM(vpt = tmpl_alloc(ctx, TMPL_TYPE_DATA, T_BARE_WORD, fr_sbuff_start(&our_in), fr_sbuff_used(&our_in))); if (fr_value_box_from_substr(vpt, &vpt->data.literal, type, NULL, &FR_SBUFF_REPARSE(&our_in), - NULL, false) < 0) { + NULL) < 0) { talloc_free(vpt); goto error; } @@ -2807,7 +2807,7 @@ static fr_slen_t tmpl_afrom_ipv6_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff_ MEM(vpt = tmpl_alloc(ctx, TMPL_TYPE_DATA, T_BARE_WORD, fr_sbuff_start(&our_in), fr_sbuff_used(&our_in))); if (fr_value_box_from_substr(vpt, &vpt->data.literal, type, NULL, &FR_SBUFF_REPARSE(&our_in), - NULL, false) < 0) { + NULL) < 0) { talloc_free(vpt); goto error; } @@ -3916,7 +3916,7 @@ int tmpl_cast_in_place(tmpl_t *vpt, fr_type_t type, fr_dict_attr_t const *enumv) if (fr_value_box_from_str(vpt, &vpt->data.literal, type, enumv, unescaped, talloc_array_length(unescaped) - 1, - NULL, false) < 0) return -1; + NULL) < 0) return -1; } vpt->type = TMPL_TYPE_DATA; vpt->quote = tmpl_cast_quote(vpt->quote, type, enumv, diff --git a/src/lib/server/virtual_servers.c b/src/lib/server/virtual_servers.c index 578f0203c28..1b7c3405ddd 100644 --- a/src/lib/server/virtual_servers.c +++ b/src/lib/server/virtual_servers.c @@ -1297,7 +1297,7 @@ static int define_server_values(CONF_SECTION *cs, fr_dict_attr_t *parent) /* * @todo - unescape for double quoted strings. Whoops. */ - slen = fr_value_box_from_str(NULL, &box, da->type, da, value, len, NULL, false); + slen = fr_value_box_from_str(NULL, &box, da->type, da, value, len, NULL); if (slen < 0) { cf_log_err(cp, "Failed parsing value - %s", fr_strerror()); return -1; diff --git a/src/lib/unlang/edit.c b/src/lib/unlang/edit.c index bedb91b96e6..7f436736fbd 100644 --- a/src/lib/unlang/edit.c +++ b/src/lib/unlang/edit.c @@ -1276,10 +1276,11 @@ static int expanded_lhs_value(request_t *request, unlang_frame_state_edit_t *sta erules = fr_value_unescape_by_quote[current->map->lhs->quote]; - if (fr_value_box_from_str(dst, dst, da->type, da, box->vb_strvalue, box->vb_length, erules, box->tainted) < 0) { + if (fr_value_box_from_str(dst, dst, da->type, da, box->vb_strvalue, box->vb_length, erules) < 0) { RWDEBUG("Failed converting result to '%s' - %s", fr_type_to_str(type), fr_strerror()); return -1; } + fr_value_box_safety_copy_changed(dst, box); fr_value_box_list_talloc_free(¤t->lhs.result); fr_value_box_list_insert_tail(¤t->parent->rhs.result, dst); diff --git a/src/lib/unlang/tmpl.c b/src/lib/unlang/tmpl.c index 9d772f1c78d..acc15bb97d8 100644 --- a/src/lib/unlang/tmpl.c +++ b/src/lib/unlang/tmpl.c @@ -143,7 +143,7 @@ static unlang_action_t unlang_tmpl_exec_wait_final(rlm_rcode_t *p_result, reques if (fr_value_box_from_str(state->ctx, box, type, NULL, fr_sbuff_start(&state->exec.stdout_buff), fr_sbuff_used(&state->exec.stdout_buff), - NULL, true) < 0) { + NULL) < 0) { talloc_free(box); *p_result = RLM_MODULE_FAIL; return UNLANG_ACTION_CALCULATE_RESULT; diff --git a/src/lib/util/dict_fixup.c b/src/lib/util/dict_fixup.c index 2ed695797a4..f2650137ccd 100644 --- a/src/lib/util/dict_fixup.c +++ b/src/lib/util/dict_fixup.c @@ -325,7 +325,7 @@ static inline CC_HINT(always_inline) int dict_fixup_enumv_apply(UNUSED dict_fixu if (fr_value_box_from_str(fixup, &value, type, NULL, fixup->value, talloc_array_length(fixup->value) - 1, - NULL, false) < 0) { + NULL) < 0) { fr_strerror_printf_push("Invalid VALUE '%pV' for attribute '%s' at %s[%d]", fr_box_strvalue_buffer(fixup->value), da->name, diff --git a/src/lib/util/dict_tokenize.c b/src/lib/util/dict_tokenize.c index 892264e479e..a0207032919 100644 --- a/src/lib/util/dict_tokenize.c +++ b/src/lib/util/dict_tokenize.c @@ -2371,7 +2371,7 @@ static int dict_read_process_struct(dict_tokenize_ctx_t *dctx, char **argv, int /* * Parse the value. */ - if (fr_value_box_from_str(NULL, &value, parent->type, NULL, argv[2], strlen(argv[2]), NULL, false) < 0) { + if (fr_value_box_from_str(NULL, &value, parent->type, NULL, argv[2], strlen(argv[2]), NULL) < 0) { fr_strerror_printf_push("Invalid value for STRUCT \"%s\"", argv[2]); return -1; } @@ -2553,7 +2553,7 @@ static int dict_read_process_value(dict_tokenize_ctx_t *dctx, char **argv, int a if (fr_value_box_from_str(NULL, &value, da->type, NULL, argv[2], strlen(argv[2]), - NULL, false) < 0) { + NULL) < 0) { fr_strerror_printf_push("Invalid VALUE '%s' for attribute '%s' of data type '%s'", argv[2], da->name, diff --git a/src/lib/util/fuzzer.c b/src/lib/util/fuzzer.c index 864f2e54299..ffbd1de143d 100644 --- a/src/lib/util/fuzzer.c +++ b/src/lib/util/fuzzer.c @@ -56,7 +56,7 @@ static ssize_t util_decode_proto(TALLOC_CTX *ctx, UNUSED fr_pair_list_t *out, ui box = fr_value_box_alloc(ctx, type, NULL); if (!box) return -1; - rcode = fr_value_box_from_str(box, box, type, NULL, (char const *)data + 1, data_len - 1, NULL, true); + rcode = fr_value_box_from_str(box, box, type, NULL, (char const *)data + 1, data_len - 1, NULL); talloc_free(box); return rcode; } diff --git a/src/lib/util/pair.c b/src/lib/util/pair.c index c338f8f96f6..8f44f4e02a1 100644 --- a/src/lib/util/pair.c +++ b/src/lib/util/pair.c @@ -2589,7 +2589,7 @@ int fr_pair_value_copy(fr_pair_t *dst, fr_pair_t *src) * - -1 on failure. */ int fr_pair_value_from_str(fr_pair_t *vp, char const *value, size_t inlen, - fr_sbuff_unescape_rules_t const *uerules, bool tainted) + fr_sbuff_unescape_rules_t const *uerules, UNUSED bool tainted) { /* * This is not yet supported because the rest of the APIs @@ -2614,8 +2614,7 @@ int fr_pair_value_from_str(fr_pair_t *vp, char const *value, size_t inlen, */ if (fr_value_box_from_str(vp, &vp->data, vp->vp_type, vp->da, value, inlen, - uerules, - tainted) < 0) return -1; + uerules) < 0) return -1; fr_assert(vp->data.safe_for == FR_VALUE_BOX_SAFE_FOR_NONE); diff --git a/src/lib/util/pair_legacy.c b/src/lib/util/pair_legacy.c index 01d0a1babbb..1bfd0dc6734 100644 --- a/src/lib/util/pair_legacy.c +++ b/src/lib/util/pair_legacy.c @@ -99,7 +99,7 @@ static fr_sbuff_parse_rules_t const bareword_unquoted = { }; -static ssize_t fr_pair_value_from_substr(fr_pair_t *vp, fr_sbuff_t *in, bool tainted) +static ssize_t fr_pair_value_from_substr(fr_pair_t *vp, fr_sbuff_t *in, UNUSED bool tainted) { char quote; ssize_t slen; @@ -125,7 +125,7 @@ static ssize_t fr_pair_value_from_substr(fr_pair_t *vp, fr_sbuff_t *in, bool tai quote = '\0'; } - slen = fr_value_box_from_substr(vp, &vp->data, vp->da->type, vp->da, in, rules, tainted); + slen = fr_value_box_from_substr(vp, &vp->data, vp->da->type, vp->da, in, rules); if (slen < 0) { fr_assert(slen >= -((ssize_t) 1 << 20)); return slen - (quote != 0); diff --git a/src/lib/util/value.c b/src/lib/util/value.c index 94180e48aeb..7e05edfdd9e 100644 --- a/src/lib/util/value.c +++ b/src/lib/util/value.c @@ -2393,7 +2393,7 @@ static inline int fr_value_box_cast_to_ipv4addr(TALLOC_CTX *ctx, fr_value_box_t case FR_TYPE_STRING: return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); CAST_IP_FIX_COMBO; @@ -2510,7 +2510,7 @@ static inline int fr_value_box_cast_to_ipv4prefix(TALLOC_CTX *ctx, fr_value_box_ case FR_TYPE_STRING: return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); CAST_IP_FIX_COMBO; @@ -2631,7 +2631,7 @@ static inline int fr_value_box_cast_to_ipv6addr(TALLOC_CTX *ctx, fr_value_box_t case FR_TYPE_STRING: return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); CAST_IP_FIX_COMBO; @@ -2745,7 +2745,7 @@ static inline int fr_value_box_cast_to_ipv6prefix(TALLOC_CTX *ctx, fr_value_box_ case FR_TYPE_STRING: return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); CAST_IP_FIX_COMBO; @@ -2844,7 +2844,7 @@ static inline int fr_value_box_cast_to_ethernet(TALLOC_CTX *ctx, fr_value_box_t case FR_TYPE_STRING: return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); case FR_TYPE_OCTETS: return fr_value_box_fixed_size_from_octets(dst, dst_type, dst_enumv, src); @@ -2905,7 +2905,7 @@ static inline int fr_value_box_cast_to_bool(TALLOC_CTX *ctx, fr_value_box_t *dst case FR_TYPE_STRING: return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); case FR_TYPE_OCTETS: /* @@ -3149,7 +3149,7 @@ static inline int fr_value_box_cast_to_integer(TALLOC_CTX *ctx, fr_value_box_t * case FR_TYPE_STRING: return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); case FR_TYPE_OCTETS: return fr_value_box_fixed_size_from_octets(dst, dst_type, dst_enumv, src); @@ -3524,7 +3524,7 @@ int fr_value_box_cast(TALLOC_CTX *ctx, fr_value_box_t *dst, */ if (src->type == FR_TYPE_STRING) return fr_value_box_from_str(ctx, dst, dst_type, dst_enumv, src->vb_strvalue, src->vb_length, - NULL, src->tainted); + NULL); if (src->type == FR_TYPE_OCTETS) { fr_value_box_t tmp; @@ -4824,14 +4824,13 @@ fr_slen_t fr_value_box_from_numeric_substr(fr_value_box_t *dst, fr_type_t dst_ty * @param[in] dst_enumv fr_dict_attr_t with string names for uint32 values. * @param[in] in sbuff to read data from. * @param[in] rules unescape and termination rules. - * @param[in] tainted Whether the value came from a trusted source. * @return * - >0 on success. * - <= 0 on parse error. */ ssize_t fr_value_box_from_substr(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv, - fr_sbuff_t *in, fr_sbuff_parse_rules_t const *rules, bool tainted) + fr_sbuff_t *in, fr_sbuff_parse_rules_t const *rules) { static fr_sbuff_parse_rules_t default_rules; fr_sbuff_t *unescaped = NULL; @@ -4947,13 +4946,13 @@ parse: rules->terminals, rules->escapes) < 0)) { return -1; } - fr_value_box_bstrdup_buffer_shallow(NULL, dst, dst_enumv, buff, tainted); + fr_value_box_bstrdup_buffer_shallow(NULL, dst, dst_enumv, buff, false); /* * We already have an unescaped version, just use that */ } else { fr_value_box_bstrndup(ctx, dst, dst_enumv, - fr_sbuff_start(unescaped), fr_sbuff_used(unescaped), tainted); + fr_sbuff_start(unescaped), fr_sbuff_used(unescaped), false); } FR_SBUFF_SET_RETURN(in, &our_in); @@ -5003,14 +5002,14 @@ parse: bin = talloc_zero_array(ctx, uint8_t, 0); } - fr_value_box_memdup_buffer_shallow(NULL, dst, dst_enumv, bin, tainted); + fr_value_box_memdup_buffer_shallow(NULL, dst, dst_enumv, bin, false); /* * We already have an unescaped version, just use that */ } else { fr_value_box_memdup(ctx, dst, dst_enumv, (uint8_t *)fr_sbuff_start(unescaped), - fr_sbuff_used(unescaped), tainted); + fr_sbuff_used(unescaped), false); } FR_SBUFF_SET_RETURN(in, &our_in); } @@ -5028,7 +5027,7 @@ parse: */ hex_len = fr_sbuff_adv_past_allowed(&our_in, SIZE_MAX, sbuff_char_class_hex, rules->terminals); if (hex_len == 0) { - if (fr_value_box_memdup(ctx, dst, dst_enumv, (uint8_t[]){ 0x00 }, 0, tainted) < 0) return -1; + if (fr_value_box_memdup(ctx, dst, dst_enumv, (uint8_t[]){ 0x00 }, 0, false) < 0) return -1; FR_SBUFF_SET_RETURN(in, &our_in); } @@ -5040,7 +5039,7 @@ parse: /* * Pre-allocate the bin buff and initialise the box */ - if (fr_value_box_mem_alloc(ctx, &bin_buff, dst, dst_enumv, (hex_len >> 1), tainted) < 0) return -1; + if (fr_value_box_mem_alloc(ctx, &bin_buff, dst, dst_enumv, (hex_len >> 1), false) < 0) return -1; /* * Reset to the start of the hex string @@ -5175,14 +5174,14 @@ parse: case FR_TYPE_INT64: case FR_TYPE_FLOAT32: case FR_TYPE_FLOAT64: - return fr_value_box_from_numeric_substr(dst, dst_type, dst_enumv, in, rules, tainted); + return fr_value_box_from_numeric_substr(dst, dst_type, dst_enumv, in, rules, false); case FR_TYPE_SIZE: if (fr_size_from_str(&dst->datum.size, &our_in) < 0) return -1; goto finish; case FR_TYPE_BOOL: - fr_value_box_init(dst, dst_type, dst_enumv, tainted); + fr_value_box_init(dst, dst_type, dst_enumv, false); /* * Quoted boolean values are "yes", "no", "true", "false" @@ -5247,7 +5246,7 @@ parse: num = htonll(num); FR_DBUFF_IN_MEMCPY_RETURN(&dbuff, ((uint8_t *) &num) + 2, sizeof(dst->vb_ether)); - fr_value_box_ethernet_addr(dst, dst_enumv, ðer, tainted); + fr_value_box_ethernet_addr(dst, dst_enumv, ðer, false); FR_SBUFF_SET_RETURN(in, &our_in); } @@ -5290,13 +5289,13 @@ parse: fr_base16_decode(&err, &dbuff, &our_in, true); if (err != FR_SBUFF_PARSE_OK) goto ether_error; - fr_value_box_ethernet_addr(dst, dst_enumv, (fr_ethernet_t * const)fr_dbuff_start(&dbuff), tainted); + fr_value_box_ethernet_addr(dst, dst_enumv, (fr_ethernet_t * const)fr_dbuff_start(&dbuff), false); FR_SBUFF_SET_RETURN(in, &our_in); } case FR_TYPE_TIME_DELTA: - fr_value_box_init(dst, FR_TYPE_TIME_DELTA, dst_enumv, tainted); + fr_value_box_init(dst, FR_TYPE_TIME_DELTA, dst_enumv, false); slen = fr_time_delta_from_substr(&dst->datum.time_delta, &our_in, dst_enumv ? dst_enumv->flags.flag_time_res : FR_TIME_RES_SEC, @@ -5306,7 +5305,7 @@ parse: case FR_TYPE_NULL: if (!rules->escapes && fr_sbuff_adv_past_str_literal(&our_in, "NULL")) { - fr_value_box_init(dst, dst_type, dst_enumv, tainted); + fr_value_box_init(dst, dst_type, dst_enumv, false); FR_SBUFF_SET_RETURN(in, &our_in); } @@ -5377,7 +5376,8 @@ parse: finish: dst->type = dst_type; - dst->tainted = tainted; + dst->tainted = false; + fr_value_box_mark_unsafe(dst); /* * Fixup enumvs @@ -5391,12 +5391,12 @@ finish: ssize_t fr_value_box_from_str(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv, char const *in, size_t inlen, - fr_sbuff_unescape_rules_t const *erules, bool tainted) + fr_sbuff_unescape_rules_t const *erules) { ssize_t slen; fr_sbuff_parse_rules_t prules = { .escapes = erules }; - slen = fr_value_box_from_substr(ctx, dst, dst_type, dst_enumv, &FR_SBUFF_IN(in, inlen), &prules, tainted); + slen = fr_value_box_from_substr(ctx, dst, dst_type, dst_enumv, &FR_SBUFF_IN(in, inlen), &prules); if (slen <= 0) return slen; if (slen != (ssize_t)inlen) { diff --git a/src/lib/util/value.h b/src/lib/util/value.h index 96c87b1c3f8..cf5b5d0119e 100644 --- a/src/lib/util/value.h +++ b/src/lib/util/value.h @@ -1210,13 +1210,13 @@ void fr_value_box_increment(fr_value_box_t *vb) */ ssize_t fr_value_box_from_substr(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv, - fr_sbuff_t *in, fr_sbuff_parse_rules_t const *rules, bool tainted) + fr_sbuff_t *in, fr_sbuff_parse_rules_t const *rules) CC_HINT(nonnull(2,5)); ssize_t fr_value_box_from_str(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv, char const *in, size_t inlen, - fr_sbuff_unescape_rules_t const *erules, bool tainted) + fr_sbuff_unescape_rules_t const *erules) CC_HINT(nonnull(2,5)); /** @} */ diff --git a/src/listen/ldap_sync/proto_ldap_sync_ldap.c b/src/listen/ldap_sync/proto_ldap_sync_ldap.c index 100c8e9ab64..45383185be1 100644 --- a/src/listen/ldap_sync/proto_ldap_sync_ldap.c +++ b/src/listen/ldap_sync/proto_ldap_sync_ldap.c @@ -493,7 +493,7 @@ int ldap_sync_entry_send(sync_state_t *sync, uint8_t const uuid[SYNC_UUID_LENGTH if (pair_append_by_tmpl_parent(sync_packet_ctx, &vp, pairs, map->lhs, true) < 0) break; if (fr_value_box_from_str(vp, &vp->data, vp->vp_type, NULL, values[i]->bv_val, - values[i]->bv_len, NULL, true) < 0) { + values[i]->bv_len, NULL) < 0) { fr_pair_remove(pairs, vp); talloc_free(vp); } diff --git a/src/modules/rlm_csv/rlm_csv.c b/src/modules/rlm_csv/rlm_csv.c index 96a6c280f7d..4f2cdd73db5 100644 --- a/src/modules/rlm_csv/rlm_csv.c +++ b/src/modules/rlm_csv/rlm_csv.c @@ -232,7 +232,7 @@ static bool duplicate_entry(CONF_SECTION *conf, rlm_csv_t *inst, rlm_csv_entry_t e->key = fr_value_box_alloc_null(e); if (!e->key) goto fail; - if (fr_value_box_from_str(e->key, e->key, type, NULL, p, strlen(p), NULL, false) < 0) { + if (fr_value_box_from_str(e->key, e->key, type, NULL, p, strlen(p), NULL) < 0) { cf_log_err(conf, "Failed parsing key field in file %s line %d - %s", inst->filename, lineno, fr_strerror()); fail: @@ -319,7 +319,7 @@ static bool file2csv(CONF_SECTION *conf, rlm_csv_t *inst, int lineno, char *buff if (!e->key) goto fail; if (fr_value_box_from_str(e->key, e->key, type, NULL, - p, strlen(p), NULL, false) < 0) { + p, strlen(p), NULL) < 0) { cf_log_err(conf, "Failed parsing key field in file %s line %d - %s", inst->filename, lineno, fr_strerror()); fail: @@ -342,7 +342,7 @@ static bool file2csv(CONF_SECTION *conf, rlm_csv_t *inst, int lineno, char *buff fr_type_t type = inst->field_types[i]; if (fr_value_box_from_str(e, &box, type, NULL, - p, strlen(p), NULL, false) < 0) { + p, strlen(p), NULL) < 0) { cf_log_err(conf, "Failed parsing field '%s' in file %s line %d - %s", inst->field_names[i], inst->filename, lineno, fr_strerror()); goto fail; diff --git a/src/modules/rlm_files/rlm_files.c b/src/modules/rlm_files/rlm_files.c index b13424ecece..dede2b04a68 100644 --- a/src/modules/rlm_files/rlm_files.c +++ b/src/modules/rlm_files/rlm_files.c @@ -350,7 +350,7 @@ static int getrecv_filename(TALLOC_CTX *ctx, char const *filename, fr_htrie_t ** * Has to be of the correct data type. */ if (fr_value_box_from_str(box, box, data_type, key_enum, - entry->name, strlen(entry->name), NULL, false) < 0) { + entry->name, strlen(entry->name), NULL) < 0) { ERROR("%s[%d] Failed parsing key %s - %s", entry->filename, entry->lineno, entry->name, fr_strerror()); goto error; diff --git a/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c b/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c index d1cedaf327f..8d0ab69643b 100644 --- a/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c +++ b/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c @@ -694,7 +694,7 @@ redo_multi: info->argv[info->argc] = talloc_zero(info, fr_value_box_t); ret = fr_value_box_from_str(info, info->argv[info->argc], type, NULL, - state->token, state->token_len, NULL, false); + state->token, state->token_len, NULL); if (ret < 0) return ret; info->argc++; @@ -884,7 +884,7 @@ static int parse_option_definition(rlm_isc_dhcp_info_t *parent, rlm_isc_dhcp_tok type = FR_TYPE_UINT32; ret = fr_value_box_from_str(NULL, &box, type, NULL, - state->token, state->token_len, NULL, false); + state->token, state->token_len, NULL); if (ret < 0) goto error; /* diff --git a/src/protocols/der/base.c b/src/protocols/der/base.c index 194de4115f2..3c811157243 100644 --- a/src/protocols/der/base.c +++ b/src/protocols/der/base.c @@ -269,7 +269,7 @@ static int dict_flag_default_value(fr_dict_attr_t **da_p, char const *value, UNU if (!flags->default_value) return -1; if (fr_value_box_from_str(flags->default_value, flags->default_value, (*da_p)->type, NULL, - value, strlen(value), NULL, false) < 0) { + value, strlen(value), NULL) < 0) { fr_strerror_printf("Failed parsing 'value=...' - %s", fr_strerror()); return -1; }