From: Alan T. DeKok Date: Sun, 12 Dec 2021 14:21:06 +0000 (-0500) Subject: add 16-bit "safe" field X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7a8e8b2c70daab39f7429bab572ccfea85124be1;p=thirdparty%2Ffreeradius-server.git add 16-bit "safe" field which marks up value boxes as being safe for particular uses --- diff --git a/src/lib/util/value.c b/src/lib/util/value.c index 3be71cd54c..0ae483f2fb 100644 --- a/src/lib/util/value.c +++ b/src/lib/util/value.c @@ -659,6 +659,7 @@ static inline void fr_value_box_copy_meta(fr_value_box_t *dst, fr_value_box_t co dst->enumv = src->enumv; dst->type = src->type; dst->tainted = src->tainted; + dst->safe = src->safe; fr_dlist_entry_init(&dst->entry); } @@ -5846,3 +5847,36 @@ void value_box_list_verify(char const *file, int line, fr_value_box_list_t const while ((vb = fr_dlist_next(list, vb))) value_box_verify(file, line, vb, talloced); } + + +/** Mark a value-box as "safe", of a particular type. + * + * Tainted data cannot be marked "safe". And once data is marked + * safe, it cannot be marked as a different type of "safe" + */ +int fr_value_box_mark_safe(fr_value_box_t *box, uint16_t safe) +{ + if (box->tainted) { + fr_strerror_const("Cannot mark data as 'safe' - it is 'tainted'"); + return -1; + } + + if (box->safe == safe) return 0; + + if (box->safe != 0) { + fr_strerror_const("Data was already marked 'safe', of a different type"); + return -1; + } + + box->safe = safe; + return 0; +} + +/** Mark a value-box as "unsafe" + * + * This always succeeds, and there are no side effects. + */ +void fr_value_box_mark_unsafe(fr_value_box_t *box) +{ + box->safe = 0; +} diff --git a/src/lib/util/value.h b/src/lib/util/value.h index 873f63dc85..9204a3e50f 100644 --- a/src/lib/util/value.h +++ b/src/lib/util/value.h @@ -154,6 +154,7 @@ struct value_box_s { fr_type_t _CONST type; //!< Type of this value-box. bool tainted; //!< i.e. did it come from an untrusted source + uint16_t _CONST safe; //!< more detailed safety fr_dict_attr_t const *enumv; //!< Enumeration values. @@ -709,6 +710,17 @@ int fr_value_box_ipaddr(fr_value_box_t *dst, fr_dict_attr_t const *enumv, int fr_value_unbox_ipaddr(fr_ipaddr_t *dst, fr_value_box_t *src); +static inline CC_HINT(nonnull,always_inline) bool fr_value_box_is_safe(fr_value_box_t const *box, uint16_t safe) +{ + if (!safe) return false; + + return (box->safe == safe); +} + +int fr_value_box_mark_safe(fr_value_box_t *box, uint16_t safe) CC_HINT(nonnull); + +void fr_value_box_mark_unsafe(fr_value_box_t *box) CC_HINT(nonnull); + /** @name Box to box copying * * @{