From: Alan T. DeKok Date: Thu, 20 Jul 2023 12:13:03 +0000 (-0400) Subject: fr_value_box_alloc() does not need to take a "tainted" flag X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=defe35b1967d00cf394ff2999bb9c27bf1404021;p=thirdparty%2Ffreeradius-server.git fr_value_box_alloc() does not need to take a "tainted" flag a bare box is not tainted. In the few cases where the data is tainted, it is copied from a tainted source via fr_value_box_copy(), which also copies the tainted flag --- diff --git a/src/lib/eap_aka_sim/xlat.c b/src/lib/eap_aka_sim/xlat.c index 8807a46d2f7..9c04c222d6e 100644 --- a/src/lib/eap_aka_sim/xlat.c +++ b/src/lib/eap_aka_sim/xlat.c @@ -83,7 +83,7 @@ static xlat_action_t aka_sim_xlat_id_method_xlat(TALLOC_CTX *ctx, fr_dcursor_t * break; } - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL)); fr_value_box_bstrndup(vb, vb, NULL, method, strlen(method), false); fr_dcursor_append(out, vb); @@ -139,7 +139,7 @@ static xlat_action_t aka_sim_xlat_id_type_xlat(TALLOC_CTX *ctx, fr_dcursor_t *ou break; } - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL)); fr_value_box_bstrndup(ctx, vb, NULL, type, strlen(type), false); fr_dcursor_append(out, vb); @@ -172,7 +172,7 @@ static xlat_action_t aka_sim_id_3gpp_temporary_id_key_index_xlat(TALLOC_CTX *ctx return XLAT_ACTION_FAIL; } - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL)); vb->vb_uint8 = fr_aka_sim_id_3gpp_pseudonym_tag(id->vb_strvalue); fr_dcursor_append(out, vb); @@ -489,7 +489,7 @@ static xlat_action_t aka_sim_3gpp_temporary_id_encrypt_xlat(TALLOC_CTX *ctx, fr_ return XLAT_ACTION_FAIL; } - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL)); fr_value_box_bstrndup(ctx, vb, NULL, encrypted, strlen(encrypted), false); fr_dcursor_append(out, vb); diff --git a/src/lib/redis/redis.c b/src/lib/redis/redis.c index 1fd400db624..a562a58a510 100644 --- a/src/lib/redis/redis.c +++ b/src/lib/redis/redis.c @@ -292,7 +292,7 @@ int fr_redis_reply_to_value_box(TALLOC_CTX *ctx, fr_value_box_t *out, redisReply fr_value_box_init(out, FR_TYPE_GROUP, NULL, true); - verb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL, true); + verb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL); if (unlikely(!verb)) { fr_strerror_const("Out of memory"); return -1; @@ -300,7 +300,7 @@ int fr_redis_reply_to_value_box(TALLOC_CTX *ctx, fr_value_box_t *out, redisReply if (fr_value_box_bstrndup(ctx, verb, NULL, reply->str, reply->len, true) < 0) return -1; fr_value_box_list_insert_head(&out->vb_group, verb); - vtype = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL, true); + vtype = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL); if (unlikely(!vtype)) { fr_strerror_const("Out of memory"); talloc_free(verb); diff --git a/src/lib/server/cond_eval.c b/src/lib/server/cond_eval.c index d58c54c2d0c..e6464e5f809 100644 --- a/src/lib/server/cond_eval.c +++ b/src/lib/server/cond_eval.c @@ -434,7 +434,7 @@ static int cond_realize_tmpl(request_t *request, if (ret < 0) { if (cast_type != FR_TYPE_STRING) return -1; - box = fr_value_box_alloc(request, FR_TYPE_STRING, NULL, false); + box = fr_value_box_alloc(request, FR_TYPE_STRING, NULL); if (!box) return -1; } diff --git a/src/lib/server/tmpl_eval.c b/src/lib/server/tmpl_eval.c index 85231c84c36..af469c5f0fb 100644 --- a/src/lib/server/tmpl_eval.c +++ b/src/lib/server/tmpl_eval.c @@ -1098,7 +1098,7 @@ static int tmpl_eval_pair_virtual(TALLOC_CTX *ctx, fr_value_box_list_t *out, * Virtual attributes always have a count of 1 */ if (tmpl_attr_tail_num(vpt) == NUM_COUNT) { - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL)); value->datum.uint32 = 1; goto done; } @@ -1137,7 +1137,7 @@ static int tmpl_eval_pair_virtual(TALLOC_CTX *ctx, fr_value_box_list_t *out, } if (tmpl_attr_tail_da(vpt) == attr_module_return_code) { - MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, tmpl_attr_tail_da(vpt), false)); + MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, tmpl_attr_tail_da(vpt))); value->datum.int32 = request->rcode; goto done; } @@ -1153,7 +1153,7 @@ static int tmpl_eval_pair_virtual(TALLOC_CTX *ctx, fr_value_box_list_t *out, if (tmpl_attr_tail_da(vpt) == attr_packet_type) { if (!packet || !packet->code) return 0; - MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, NULL)); value->enumv = tmpl_attr_tail_da(vpt); value->datum.int32 = packet->code; @@ -1208,13 +1208,13 @@ static int tmpl_eval_pair_virtual(TALLOC_CTX *ctx, fr_value_box_list_t *out, } else if (tmpl_attr_tail_da(vpt) == attr_packet_src_port) { if (!fr_socket_is_inet(packet->socket.proto)) return 0; - MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, NULL, true)); + MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, NULL)); value->datum.uint16 = packet->socket.inet.src_port; } else if (tmpl_attr_tail_da(vpt) == attr_packet_dst_port) { if (!fr_socket_is_inet(packet->socket.proto)) return 0; - MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, NULL, true)); + MEM(value = fr_value_box_alloc(ctx, tmpl_attr_tail_da(vpt)->type, NULL)); value->datum.uint16 = packet->socket.inet.dst_port; } else { @@ -1285,7 +1285,7 @@ int tmpl_eval_pair(TALLOC_CTX *ctx, fr_value_box_list_t *out, request_t *request * Zero count. */ if (tmpl_attr_tail_num(vpt) == NUM_COUNT) { - value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL, false); + value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL); if (!value) { oom: fr_strerror_const("Out of memory"); @@ -1312,7 +1312,7 @@ int tmpl_eval_pair(TALLOC_CTX *ctx, fr_value_box_list_t *out, request_t *request vp = fr_dcursor_next(&cursor); } - value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL, false); + value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL); if (!value) goto oom; value->datum.uint32 = count; fr_value_box_list_insert_tail(&list, value); @@ -1329,7 +1329,7 @@ int tmpl_eval_pair(TALLOC_CTX *ctx, fr_value_box_list_t *out, request_t *request */ while (vp != NULL) { if (fr_type_is_structural(vp->vp_type)) { - value = fr_value_box_alloc(ctx, FR_TYPE_GROUP, NULL, false); + value = fr_value_box_alloc(ctx, FR_TYPE_GROUP, NULL); if (!value) goto oom; if (fr_pair_list_copy_to_box(value, &vp->vp_group) < 0) { @@ -1338,7 +1338,7 @@ int tmpl_eval_pair(TALLOC_CTX *ctx, fr_value_box_list_t *out, request_t *request } } else { - value = fr_value_box_alloc(ctx, vp->data.type, vp->da, vp->data.tainted); + value = fr_value_box_alloc(ctx, vp->data.type, vp->da); if (!value) goto oom; fr_value_box_copy(value, value, &vp->data); } @@ -1351,7 +1351,7 @@ int tmpl_eval_pair(TALLOC_CTX *ctx, fr_value_box_list_t *out, request_t *request default: fr_assert(fr_type_is_leaf(vp->vp_type)); - value = fr_value_box_alloc(ctx, vp->data.type, vp->da, vp->data.tainted); + value = fr_value_box_alloc(ctx, vp->data.type, vp->da); if (!value) goto oom; fr_value_box_copy(value, value, &vp->data); /* Also dups taint */ @@ -1417,8 +1417,7 @@ int tmpl_eval(TALLOC_CTX *ctx, fr_value_box_list_t *out, request_t *request, tmp } if (tmpl_is_data(vpt)) { - MEM(value = fr_value_box_alloc(ctx, tmpl_value_type(vpt), NULL, - tmpl_value(vpt)->tainted)); + MEM(value = fr_value_box_alloc(ctx, tmpl_value_type(vpt), NULL)); fr_value_box_copy(value, value, tmpl_value(vpt)); /* Also dups taint */ goto done; diff --git a/src/lib/unlang/edit.c b/src/lib/unlang/edit.c index 6a636a03584..35e693c5930 100644 --- a/src/lib/unlang/edit.c +++ b/src/lib/unlang/edit.c @@ -539,7 +539,7 @@ static int apply_edits_to_leaf(request_t *request, unlang_frame_state_edit_t *st box = fr_value_box_list_head(¤t->rhs.result); if (!box) { - MEM(box = fr_value_box_alloc(state, FR_TYPE_STRING, NULL, false)); + MEM(box = fr_value_box_alloc(state, FR_TYPE_STRING, NULL)); fr_value_box_list_insert_tail(¤t->rhs.result, box); } else if (fr_value_box_list_concat_in_place(box, box, ¤t->rhs.result, FR_TYPE_STRING, @@ -1174,7 +1174,7 @@ static int expanded_lhs_value(request_t *request, unlang_frame_state_edit_t *sta /* * Try to re-parse the box as the destination data type. */ - MEM(dst = fr_value_box_alloc(state, type, da, box->tainted)); + MEM(dst = fr_value_box_alloc(state, type, da)); erules = fr_value_unescape_by_quote[current->map->lhs->quote]; diff --git a/src/lib/unlang/interpret.c b/src/lib/unlang/interpret.c index ca9d9e34775..18a9cb57464 100644 --- a/src/lib/unlang/interpret.c +++ b/src/lib/unlang/interpret.c @@ -1410,7 +1410,7 @@ static xlat_action_t unlang_cancel_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, if (!timeout) return unlang_xlat_yield(request, unlang_cancel_never_run, NULL, 0, NULL); if (ev_p_og) { - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL)); /* * Return how long before the previous diff --git a/src/lib/unlang/tmpl.c b/src/lib/unlang/tmpl.c index b38a4cd0dd7..b5b2b7c92fe 100644 --- a/src/lib/unlang/tmpl.c +++ b/src/lib/unlang/tmpl.c @@ -139,7 +139,7 @@ static unlang_action_t unlang_tmpl_exec_wait_final(rlm_rcode_t *p_result, reques fr_sbuff_trim(&state->exec.stdout_buff, sbuff_char_line_endings); fr_value_box_list_init(&state->list); - MEM(box = fr_value_box_alloc(state->ctx, FR_TYPE_STRING, NULL, true)); + MEM(box = fr_value_box_alloc(state->ctx, FR_TYPE_STRING, NULL)); if (fr_value_box_from_str(state->ctx, box, type, NULL, fr_sbuff_start(&state->exec.stdout_buff), fr_sbuff_used(&state->exec.stdout_buff), diff --git a/src/lib/unlang/xlat_builtin.c b/src/lib/unlang/xlat_builtin.c index a8b3e73bb94..92625e7119c 100644 --- a/src/lib/unlang/xlat_builtin.c +++ b/src/lib/unlang/xlat_builtin.c @@ -115,7 +115,7 @@ static xlat_action_t xlat_func_debug(TALLOC_CTX *ctx, fr_dcursor_t *out, /* * Expand to previous (or current) level */ - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT8, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT8, NULL)); vb->vb_int8 = request->log.lvl; fr_dcursor_append(out, vb); @@ -704,7 +704,7 @@ static xlat_action_t xlat_func_map(TALLOC_CTX *ctx, fr_dcursor_t *out, return XLAT_ACTION_FAIL; } - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT8, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT8, NULL)); vb->vb_int8 = 0; /* Default fail value - changed to 1 on success */ fr_dcursor_append(out, vb); @@ -1434,7 +1434,7 @@ static xlat_action_t xlat_func_cast(TALLOC_CTX *ctx, fr_dcursor_t *out, if ((type == FR_TYPE_STRING) || (type == FR_TYPE_OCTETS)) { fr_value_box_t *dst; - MEM(dst = fr_value_box_alloc(ctx, type, NULL, false)); + MEM(dst = fr_value_box_alloc(ctx, type, NULL)); fr_dcursor_append(out, dst); return XLAT_ACTION_DONE; @@ -1529,7 +1529,7 @@ static xlat_action_t xlat_func_concat(TALLOC_CTX *ctx, fr_dcursor_t *out, sep = (separator) ? separator->vb_strvalue : ""; to_concat = &list->vb_group; - result = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL, false); + result = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL); if (!result) { error: RPEDEBUG("Failed concatenating input"); @@ -1745,7 +1745,7 @@ static xlat_action_t xlat_func_length(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_value_box_list_foreach(in, vb) { fr_value_box_t *my; - MEM(my = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL, false)); + MEM(my = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL)); if (!fr_type_is_null(vb->type)) my->vb_size = fr_value_box_network_length(vb); fr_dcursor_append(out, my); } @@ -2006,7 +2006,7 @@ static xlat_action_t xlat_func_rand(TALLOC_CTX *ctx, fr_dcursor_t *out, result *= fr_rand(); /* 0..2^32-1 */ result >>= 32; - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); vb->vb_uint64 = result; fr_dcursor_append(out, vb); @@ -2486,7 +2486,7 @@ static xlat_action_t xlat_func_strlen(TALLOC_CTX *ctx, fr_dcursor_t *out, XLAT_ARGS(args, &in_head); - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL)); if (!in_head) { vb->vb_size = 0; @@ -2730,12 +2730,12 @@ static xlat_action_t xlat_func_time(TALLOC_CTX *ctx, fr_dcursor_t *out, value = fr_time_to_unix_time(request->packet->timestamp); } else if (strcmp(arg->vb_strvalue, "offset") == 0) { - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL)); vb->vb_time_delta = fr_time_gmtoff(); goto append; } else if (strcmp(arg->vb_strvalue, "dst") == 0) { - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL)); vb->vb_bool = fr_time_is_dst(); goto append; @@ -2752,7 +2752,7 @@ static xlat_action_t xlat_func_time(TALLOC_CTX *ctx, fr_dcursor_t *out, nsec *= NSEC; nsec += fr_unix_time_unwrap(unix_time) % NSEC; - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL)); vb->vb_time_delta = fr_time_delta_wrap(nsec); goto append; @@ -2769,10 +2769,10 @@ static xlat_action_t xlat_func_time(TALLOC_CTX *ctx, fr_dcursor_t *out, nsec *= NSEC; nsec += fr_unix_time_unwrap(unix_time) % NSEC; - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL)); vb->vb_time_delta = fr_time_delta_wrap(nsec); - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL)); vb->vb_time_delta = fr_time_delta_wrap(nsec); goto append; @@ -2781,7 +2781,7 @@ static xlat_action_t xlat_func_time(TALLOC_CTX *ctx, fr_dcursor_t *out, return XLAT_ACTION_FAIL; } - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL)); vb->vb_date = value; append: @@ -3061,7 +3061,7 @@ static xlat_action_t protocol_decode_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, * Create a value box to hold the decoded count, and add * it to the output list. */ - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL)); vb->vb_uint32 = decoded; fr_dcursor_append(out, vb); diff --git a/src/lib/unlang/xlat_eval.c b/src/lib/unlang/xlat_eval.c index e59b2c91096..cff75c5a632 100644 --- a/src/lib/unlang/xlat_eval.c +++ b/src/lib/unlang/xlat_eval.c @@ -596,17 +596,17 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, */ case 'I': /* Request ID */ - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL)); value->datum.uint32 = request->packet->id; break; case 'n': /* Request number */ - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); value->datum.uint64 = request->number; break; case 's': /* First request in this sequence */ - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); value->datum.uint64 = request->seq_start; break; @@ -619,7 +619,7 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, * @todo - leave this as FR_TYPE_DATE, but add an enumv which changes the scale to * seconds? */ - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); value->datum.uint64 = (uint64_t)fr_time_to_sec(fr_time()); break; @@ -627,7 +627,7 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, /* * @todo - we probably should remove this now that we have FR_TYPE_DATE with scaling. */ - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); value->datum.uint64 = (uint64_t)fr_time_to_usec(fr_time()) % 1000000; break; @@ -642,7 +642,7 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, return XLAT_ACTION_FAIL; } - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL)); value->datum.uint8 = ts.tm_mday; break; @@ -658,21 +658,21 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, case 'e': /* Request second */ if (!localtime_r(&now, &ts)) goto error; - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL)); value->datum.uint8 = ts.tm_sec; break; case 'G': /* Request minute */ if (!localtime_r(&now, &ts)) goto error; - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL)); value->datum.uint8 = ts.tm_min; break; case 'H': /* Request hour */ if (!localtime_r(&now, &ts)) goto error; - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL)); value->datum.uint8 = ts.tm_hour; break; @@ -681,14 +681,14 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, * @todo - leave this as FR_TYPE_DATE, but add an enumv which changes the scale to * seconds? */ - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); value->datum.uint64 = (uint64_t ) now; break; case 'm': /* Request month */ if (!localtime_r(&now, &ts)) goto error; - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT8, NULL)); value->datum.uint8 = ts.tm_mon + 1; break; @@ -696,7 +696,7 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, /* * @todo - we probably should remove this now that we have FR_TYPE_DATE with scaling. */ - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL)); value->datum.uint32 = fr_time_to_msec(request->packet->timestamp) % 1000; break; @@ -745,7 +745,7 @@ xlat_action_t xlat_eval_one_letter(TALLOC_CTX *ctx, fr_value_box_list_t *out, case 'Y': /* Request year */ if (!localtime_r(&now, &ts)) goto error; - MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT16, NULL, false)); + MEM(value = fr_value_box_alloc(ctx, FR_TYPE_UINT16, NULL)); value->datum.int16 = ts.tm_year + 1900; break; @@ -1032,7 +1032,7 @@ xlat_action_t xlat_frame_eval_repeat(TALLOC_CTX *ctx, fr_dcursor_t *out, XLAT_DEBUG("** [%i] %s(child) - continuing %%{%s ...}", unlang_interpret_stack_depth(request), __FUNCTION__, node->fmt); - MEM(arg = fr_value_box_alloc(ctx, FR_TYPE_GROUP, NULL, false)); + MEM(arg = fr_value_box_alloc(ctx, FR_TYPE_GROUP, NULL)); if (!fr_value_box_list_empty(result)) { VALUE_BOX_TALLOC_LIST_VERIFY(result); @@ -1167,8 +1167,7 @@ xlat_action_t xlat_frame_eval(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_exp_head_ XLAT_DEBUG("** [%i] %s(value) - %s", unlang_interpret_stack_depth(request), __FUNCTION__, node->vpt->name); - MEM(value = fr_value_box_alloc(ctx, tmpl_value_type(node->vpt), NULL, - tmpl_value(node->vpt)->tainted)); + MEM(value = fr_value_box_alloc(ctx, tmpl_value_type(node->vpt), NULL)); fr_value_box_copy(value, value, tmpl_value(node->vpt)); /* Also dups taint */ fr_value_box_list_insert_tail(&result, value); diff --git a/src/lib/unlang/xlat_expr.c b/src/lib/unlang/xlat_expr.c index 3661c7804d9..4f225c55e75 100644 --- a/src/lib/unlang/xlat_expr.c +++ b/src/lib/unlang/xlat_expr.c @@ -452,7 +452,7 @@ static xlat_action_t xlat_paircmp_func(TALLOC_CTX *ctx, fr_dcursor_t *out, /* * These callbacks only implement equality. Nothing else works. */ - MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum, false)); + MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum)); dst->vb_bool = (paircmp_virtual(request, da, T_OP_CMP_EQ, vb) == 0); fr_dcursor_append(out, dst); @@ -726,7 +726,7 @@ static xlat_action_t xlat_regex_match(TALLOC_CTX *ctx, request_t *request, fr_va done: talloc_free(regmatch); /* free if not consumed */ - MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum, false)); + MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum)); dst->vb_bool = (ret == (op == T_OP_REG_EQ)); fr_dcursor_append(out, dst); @@ -1264,7 +1264,7 @@ static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out, MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_logical_rctx_t)); rctx->current = 0; - MEM(rctx->box = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum, false)); + MEM(rctx->box = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum)); fr_value_box_list_init(&rctx->list); (UNCONST(xlat_ctx_t *, xctx))->rctx = rctx; /* ensure it's there before a resume! */ @@ -1334,7 +1334,7 @@ static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out, /* * Don't call calc_unary_op(), because we want the enum names. */ - MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum, false)); + MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum)); /* * !NULL = true @@ -1436,14 +1436,14 @@ static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, * matches the current rcode. */ if (!src) { - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT32, attr_module_return_code, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT32, attr_module_return_code)); vb->datum.int32 = request->rcode; } else { rlm_rcode_t rcode; rcode = fr_table_value_by_str(rcode_table, src->vb_strvalue, RLM_MODULE_NOT_SET); - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum)); vb->vb_bool = (request->rcode == rcode); } @@ -1515,7 +1515,7 @@ static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_dcursor_t cursor; tmpl_dcursor_ctx_t cc; - MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum, false)); + MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum)); vp = tmpl_dcursor_init(NULL, NULL, &cc, &cursor, request, vpt); if (!vp) { diff --git a/src/lib/util/dict_util.c b/src/lib/util/dict_util.c index bc089514613..dda40b6aad4 100644 --- a/src/lib/util/dict_util.c +++ b/src/lib/util/dict_util.c @@ -1429,7 +1429,7 @@ int dict_attr_enum_add_name(fr_dict_attr_t *da, char const *name, enumv->name_len = len; if (child_struct) enumv->child_struct[0] = child_struct; - enum_value = fr_value_box_alloc(enumv, da->type, NULL, false); + enum_value = fr_value_box_alloc(enumv, da->type, NULL); if (!enum_value) goto oom; if (da->type != value->type) { diff --git a/src/lib/util/fuzzer.c b/src/lib/util/fuzzer.c index ed41162b532..b167686ed70 100644 --- a/src/lib/util/fuzzer.c +++ b/src/lib/util/fuzzer.c @@ -53,7 +53,7 @@ static ssize_t util_decode_proto(TALLOC_CTX *ctx, UNUSED fr_pair_list_t *out, ui return data_len; } - box = fr_value_box_alloc(ctx, type, NULL, true); + box = fr_value_box_alloc(ctx, type, NULL); if (!box) return -1; rcode = fr_value_box_from_str(box, box, type, NULL, (char const *)data + 1, data_len - 1, NULL, true); diff --git a/src/lib/util/pair.c b/src/lib/util/pair.c index f47a5e209e6..2c52255ecc1 100644 --- a/src/lib/util/pair.c +++ b/src/lib/util/pair.c @@ -2147,7 +2147,7 @@ int fr_pair_list_copy_to_box(fr_value_box_t *dst, fr_pair_list_t *from) PAIR_VERIFY_WITH_LIST(from, vp); if (fr_type_is_structural(vp->vp_type)) { - value = fr_value_box_alloc(dst, FR_TYPE_GROUP, NULL, false); + value = fr_value_box_alloc(dst, FR_TYPE_GROUP, NULL); if (!value) goto fail; if (fr_pair_list_copy_to_box(value, &vp->vp_group) < 0) { @@ -2156,7 +2156,7 @@ int fr_pair_list_copy_to_box(fr_value_box_t *dst, fr_pair_list_t *from) } } else { - value = fr_value_box_alloc(dst, vp->vp_type, vp->da, vp->data.tainted); + value = fr_value_box_alloc(dst, vp->vp_type, vp->da); if (!value) { fail: fr_value_box_list_talloc_free_to_tail(&dst->vb_group, first_added); diff --git a/src/lib/util/value.h b/src/lib/util/value.h index 0745d405e0b..9d101130135 100644 --- a/src/lib/util/value.h +++ b/src/lib/util/value.h @@ -485,20 +485,19 @@ void fr_value_box_init_null(fr_value_box_t *vb) * @param[in] ctx to allocate the value_box in. * @param[in] type of value. * @param[in] enumv Enumeration values. - * @param[in] tainted Whether data will come from an untrusted source. * @return * - A new fr_value_box_t. * - NULL on error. */ static inline CC_HINT(always_inline) -fr_value_box_t *fr_value_box_alloc(TALLOC_CTX *ctx, fr_type_t type, fr_dict_attr_t const *enumv, bool tainted) +fr_value_box_t *fr_value_box_alloc(TALLOC_CTX *ctx, fr_type_t type, fr_dict_attr_t const *enumv) { fr_value_box_t *vb; vb = talloc(ctx, fr_value_box_t); if (unlikely(!vb)) return NULL; - fr_value_box_init(vb, type, enumv, tainted); + fr_value_box_init(vb, type, enumv, false); return vb; } @@ -515,7 +514,7 @@ fr_value_box_t *fr_value_box_alloc(TALLOC_CTX *ctx, fr_type_t type, fr_dict_attr static inline CC_HINT(always_inline) fr_value_box_t *fr_value_box_alloc_null(TALLOC_CTX *ctx) { - return fr_value_box_alloc(ctx, FR_TYPE_NULL, NULL, false); + return fr_value_box_alloc(ctx, FR_TYPE_NULL, NULL); } /** @} */ diff --git a/src/modules/rlm_cipher/rlm_cipher.c b/src/modules/rlm_cipher/rlm_cipher.c index 6abfe0b480c..1c455e03774 100644 --- a/src/modules/rlm_cipher/rlm_cipher.c +++ b/src/modules/rlm_cipher/rlm_cipher.c @@ -860,13 +860,13 @@ static xlat_action_t cipher_rsa_verify_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, */ switch (EVP_PKEY_verify(t->evp_verify_ctx, sig, sig_len, t->digest_buff, (size_t)digest_len)) { case 1: /* success (signature valid) */ - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL)); vb->vb_bool = true; fr_dcursor_append(out, vb); break; case 0: /* failure (signature not valid) */ - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL)); vb->vb_bool = false; fr_dcursor_append(out, vb); break; @@ -986,14 +986,16 @@ static xlat_action_t cipher_certificate_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, return cipher_serial_xlat(ctx, out, xctx, request, in); case CIPHER_CERT_ATTR_NOT_BEFORE: - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL, true)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL)); vb->vb_date = inst->rsa->not_before; + vb->tainted = true; fr_dcursor_append(out, vb); return XLAT_ACTION_DONE; case CIPHER_CERT_ATTR_NOT_AFTER: - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL, true)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL)); vb->vb_date = inst->rsa->not_after; + vb->tainted = true; fr_dcursor_append(out, vb); return XLAT_ACTION_DONE; } diff --git a/src/modules/rlm_date/rlm_date.c b/src/modules/rlm_date/rlm_date.c index d04333ed603..2c0c325a0eb 100644 --- a/src/modules/rlm_date/rlm_date.c +++ b/src/modules/rlm_date/rlm_date.c @@ -101,7 +101,7 @@ static xlat_action_t date_convert_string(TALLOC_CTX *ctx, fr_dcursor_t *out, req return XLAT_ACTION_FAIL; } - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL)); vb->vb_date = fr_unix_time_from_sec(date); fr_dcursor_append(out, vb); return XLAT_ACTION_DONE; diff --git a/src/modules/rlm_delay/rlm_delay.c b/src/modules/rlm_delay/rlm_delay.c index 3b52204e712..5c34cb62bd6 100644 --- a/src/modules/rlm_delay/rlm_delay.c +++ b/src/modules/rlm_delay/rlm_delay.c @@ -187,7 +187,7 @@ static xlat_action_t xlat_delay_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, delayed = fr_time_sub(fr_time(), *yielded_at); talloc_free(yielded_at); - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL)); vb->vb_time_delta = delayed; RDEBUG3("Request delayed by %pVs", vb); diff --git a/src/modules/rlm_files/rlm_files.c b/src/modules/rlm_files/rlm_files.c index 718565a36f7..2e269848a02 100644 --- a/src/modules/rlm_files/rlm_files.c +++ b/src/modules/rlm_files/rlm_files.c @@ -244,7 +244,7 @@ static int getusersfile(TALLOC_CTX *ctx, char const *filename, fr_htrie_t **ptre } default_list = NULL; - box = fr_value_box_alloc(ctx, data_type, NULL, false); + box = fr_value_box_alloc(ctx, data_type, NULL); /* * We've read the entries in linearly, but putting them @@ -318,7 +318,7 @@ static int getusersfile(TALLOC_CTX *ctx, char const *filename, fr_htrie_t **ptre user_list = talloc_zero(ctx, PAIR_LIST_LIST); pairlist_list_init(user_list); user_list->name = entry->name; - user_list->box = fr_value_box_alloc(user_list, data_type, NULL, false); + user_list->box = fr_value_box_alloc(user_list, data_type, NULL); (void) fr_value_box_copy(user_list, user_list->box, box); diff --git a/src/modules/rlm_icmp/rlm_icmp.c b/src/modules/rlm_icmp/rlm_icmp.c index 04423cd6e0e..203d02b2836 100644 --- a/src/modules/rlm_icmp/rlm_icmp.c +++ b/src/modules/rlm_icmp/rlm_icmp.c @@ -118,7 +118,7 @@ static xlat_action_t xlat_icmp_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, rlm_icmp_thread_t *t = talloc_get_type_abort(xctx->mctx->thread, rlm_icmp_thread_t); fr_value_box_t *vb; - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL)); vb->vb_bool = echo->replied; (void) fr_rb_delete(t->tree, echo); diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c index 461d578a4c1..3b9812ce65a 100644 --- a/src/modules/rlm_ldap/rlm_ldap.c +++ b/src/modules/rlm_ldap/rlm_ldap.c @@ -740,7 +740,7 @@ static xlat_action_t ldap_memberof_xlat_resume(TALLOC_CTX *ctx, fr_dcursor_t *ou ldap_memberof_xlat_ctx_t *xlat_ctx = talloc_get_type_abort(xctx->rctx, ldap_memberof_xlat_ctx_t); fr_value_box_t *vb; - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL)); vb->vb_bool = xlat_ctx->found; fr_dcursor_append(out, vb); @@ -802,7 +802,7 @@ static xlat_action_t ldap_memberof_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat return XLAT_ACTION_DONE; case RLM_MODULE_OK: - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL)); vb->vb_bool = true; fr_dcursor_append(out, vb); return XLAT_ACTION_DONE; diff --git a/src/modules/rlm_linelog/rlm_linelog.c b/src/modules/rlm_linelog/rlm_linelog.c index a3f8c808da6..6776fd1159a 100644 --- a/src/modules/rlm_linelog/rlm_linelog.c +++ b/src/modules/rlm_linelog/rlm_linelog.c @@ -560,7 +560,7 @@ static xlat_action_t linelog_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, slen = linelog_write(inst, request, vector, i, with_delim); if (slen < 0) return XLAT_ACTION_FAIL; - MEM(wrote = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL, false)); + MEM(wrote = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL)); wrote->vb_size = (size_t)slen; fr_dcursor_insert(out, wrote); diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c index a1f1f8b33b6..07b1ac18b62 100644 --- a/src/modules/rlm_perl/rlm_perl.c +++ b/src/modules/rlm_perl/rlm_perl.c @@ -327,14 +327,14 @@ static int perl_sv_to_vblist(TALLOC_CTX *ctx, fr_value_box_list_t *list, request break; } DEBUG3("Integer returned"); - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT32, NULL, SvTAINTED(sv))); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT32, NULL)); vb->vb_int32 = SvIV(sv); break; case SVt_NV: /* Float */ DEBUG3("Float returned"); - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_FLOAT64, NULL, SvTAINTED(sv))); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_FLOAT64, NULL)); vb->vb_float64 = SvNV(sv); break; @@ -406,7 +406,10 @@ static int perl_sv_to_vblist(TALLOC_CTX *ctx, fr_value_box_list_t *list, request } - if (vb) fr_value_box_list_insert_tail(list, vb); + if (vb) { + vb->tainted = SvTAINTED(sv); + fr_value_box_list_insert_tail(list, vb); + } return 0; } diff --git a/src/modules/rlm_test/rlm_test.c b/src/modules/rlm_test/rlm_test.c index 748c3938f0f..128277d682c 100644 --- a/src/modules/rlm_test/rlm_test.c +++ b/src/modules/rlm_test/rlm_test.c @@ -364,7 +364,7 @@ static xlat_action_t trigger_test_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_value_box_t *in_head = fr_value_box_list_head(in); fr_value_box_t *vb; - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL)); fr_dcursor_append(out, vb); if (trigger_exec(unlang_interpret_get(request), NULL, in_head->vb_strvalue, false, NULL) < 0) { @@ -397,7 +397,7 @@ static xlat_action_t test_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_value_box_t *vb; fr_value_box_list_foreach(in, vb_p) { - MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL, false)); + MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL)); if (fr_value_box_copy(ctx, vb, vb_p) < 0) { talloc_free(vb);