Index: net/http/ntlm_buffer_reader.cc |
diff --git a/net/http/ntlm_buffer_reader.cc b/net/http/ntlm_buffer_reader.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..b37664e5ea0e4b87c58215e68387eda630fca613 |
--- /dev/null |
+++ b/net/http/ntlm_buffer_reader.cc |
@@ -0,0 +1,285 @@ |
+// Copyright (c) 2017 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "net/http/ntlm_buffer_reader.h" |
+ |
+#include <string.h> |
+ |
+#include "base/logging.h" |
+ |
+namespace net { |
+ |
+#if defined(ARCH_CPU_LITTLE_ENDIAN) |
+#define IS_LITTLE_ENDIAN 1 |
+#undef IS_BIG_ENDIAN |
+#elif defined(ARCH_CPU_BIG_ENDIAN) |
+#define IS_BIG_ENDIAN 1 |
+#undef IS_LITTLE_ENDIAN |
+#else |
+#error "Unknown endianness" |
+#endif |
+ |
+NtlmBufferReader::NtlmBufferReader(const base::StringPiece buffer) |
+ : buffer_(buffer), cursor_(0) { |
+ DCHECK(buffer.data() != nullptr); |
+} |
+ |
+NtlmBufferReader::NtlmBufferReader(const uint8_t* ptr, size_t len) |
+ : NtlmBufferReader( |
+ base::StringPiece(reinterpret_cast<const char*>(ptr), len)) {} |
+ |
+NtlmBufferReader::~NtlmBufferReader() {} |
+ |
+bool NtlmBufferReader::CanRead(size_t len) const { |
+ return CanReadFrom(cursor_, len); |
+} |
+ |
+bool NtlmBufferReader::CanReadFrom(size_t offset, size_t len) const { |
+ if (len == 0) |
+ return true; |
+ |
+ return (offset + len > offset) && (offset + len <= GetLength()); |
+} |
+ |
+bool NtlmBufferReader::SetCursor(size_t cursor) { |
+ if (cursor > GetLength()) |
+ return false; |
+ |
+ cursor_ = cursor; |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadUInt16(uint16_t* value) { |
+ return ReadUInt<uint16_t>(value); |
+} |
+ |
+bool NtlmBufferReader::ReadUInt32(uint32_t* value) { |
+ return ReadUInt<uint32_t>(value); |
+} |
+ |
+bool NtlmBufferReader::ReadUInt64(uint64_t* value) { |
+ return ReadUInt<uint64_t>(value); |
+} |
+ |
+template <typename T> |
+bool NtlmBufferReader::ReadUInt(T* value) { |
+ size_t int_size = sizeof(T); |
+ if (!CanRead(int_size)) |
+ return false; |
+ |
+ *value = 0; |
+ for (size_t i = 0; i < int_size; i++) { |
+ *value += static_cast<T>(GetByteAtCursor()) << (i * 8); |
+ cursor_++; |
+ } |
+ |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadBytes(uint8_t* buffer, size_t len) { |
+ if (!CanRead(len)) |
+ return false; |
+ |
+ memcpy(reinterpret_cast<void*>(buffer), |
+ reinterpret_cast<const void*>(GetBufferAtCursor()), len); |
+ |
+ cursor_ += len; |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadSecurityBuffer(uint16_t* length, uint32_t* offset) { |
+ if (!CanRead(NtlmMessage::SECURITY_BUFFER_LEN)) |
+ return false; |
+ |
+ uint16_t ignored; |
+ |
+ if (ReadUInt16(length) && ReadUInt16(&ignored) && ReadUInt32(offset)) |
+ return true; |
+ |
+ NOTREACHED(); |
+ return false; |
+} |
+ |
+bool NtlmBufferReader::ReadAsciiString(std::string* value, size_t num_bytes) { |
+ if (!CanRead(num_bytes)) |
+ return false; |
+ |
+ value->assign(reinterpret_cast<const char*>(GetBufferAtCursor()), num_bytes); |
+ cursor_ += num_bytes; |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadUnicodeString(base::string16* value, |
+ size_t num_bytes) { |
+ if (!CanRead(num_bytes) || (num_bytes % 2 != 0)) |
+ return false; |
+ |
+ value->assign(reinterpret_cast<const base::char16*>(GetBufferAtCursor()), |
+ num_bytes / 2); |
+#if IS_BIG_ENDIAN |
Ryan Sleevi
2017/05/30 19:02:22
Is this right? That you swap the string based on t
zentaro
2017/06/05 17:28:44
I think so. I added a comment. Do we ever run unit
|
+ uint8_t* ptr = reinterpret_cast<uint8_t*>(value->c_str()); |
+ for (int i = 0; i < num_bytes; i += 2) { |
+ std::swap(ptr[i], ptr[i + 1]); |
+ } |
+#endif |
+ cursor_ += num_bytes; |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadUnicodePayload(base::string16* value) { |
+ uint16_t length; |
+ uint32_t offset; |
+ // First read the security buffer. |
+ if (!ReadSecurityBuffer(&length, &offset)) |
+ return false; |
+ |
+ if (!CanReadFrom(offset, length)) { |
+ cursor_ -= NtlmMessage::SECURITY_BUFFER_LEN; |
+ return false; |
+ } |
+ |
+ size_t old_cursor = GetCursor(); |
+ DCHECK(SetCursor(offset)); |
+ DCHECK(ReadUnicodeString(value, length)); |
+ DCHECK(SetCursor(old_cursor)); |
Ryan Sleevi
2017/05/30 19:02:22
Anything inside a DCHECK() can be optimized out -
zentaro
2017/06/05 17:28:44
Oops. Done.
|
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadBytesPayload(uint8_t* buffer, size_t buffer_len) { |
+ uint16_t length; |
+ uint32_t offset; |
+ // First read the security buffer. |
+ if (!ReadSecurityBuffer(&length, &offset)) |
+ return false; |
+ |
+ if (!CanReadFrom(offset, length) || length > buffer_len) { |
+ cursor_ -= NtlmMessage::SECURITY_BUFFER_LEN; |
+ return false; |
+ } |
+ |
+ size_t old_cursor = GetCursor(); |
+ DCHECK(SetCursor(offset)); |
+ DCHECK(ReadBytes(buffer, length)); |
+ DCHECK(SetCursor(old_cursor)); |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadAsciiPayload(std::string* value) { |
+ uint16_t length; |
+ uint32_t offset; |
+ // First read the security buffer. |
+ if (!ReadSecurityBuffer(&length, &offset)) |
+ return false; |
+ |
+ if (!CanReadFrom(offset, length)) { |
+ cursor_ -= NtlmMessage::SECURITY_BUFFER_LEN; |
+ return false; |
+ } |
+ |
+ size_t old_cursor = GetCursor(); |
+ DCHECK(SetCursor(offset)); |
+ DCHECK(ReadAsciiString(value, length)); |
+ DCHECK(SetCursor(old_cursor)); |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::ReadMessageType(NtlmMessage::MessageType* message_type) { |
+ uint32_t temp; |
+ if (!ReadUInt32(&temp)) |
+ return false; |
+ |
+ if (temp != NtlmMessage::MESSAGE_NEGOTIATE && |
+ temp != NtlmMessage::MESSAGE_CHALLENGE && |
+ temp != NtlmMessage::MESSAGE_AUTHENTICATE) { |
+ cursor_ -= sizeof(uint32_t); |
+ return false; |
+ } |
+ |
+ *message_type = static_cast<NtlmMessage::MessageType>(temp); |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::SkipSecurityBuffer() { |
+ return SkipBytes(NtlmMessage::SECURITY_BUFFER_LEN); |
+} |
+ |
+bool NtlmBufferReader::SkipSecurityBufferWithValidation() { |
+ uint16_t length; |
+ uint32_t offset; |
+ if (!ReadSecurityBuffer(&length, &offset)) { |
+ return false; |
+ } |
+ |
+ // If the security buffer indicates to read outside |
+ // the message buffer then fail. |
+ if (!CanReadFrom(offset, length)) { |
+ cursor_ -= NtlmMessage::SECURITY_BUFFER_LEN; |
+ return false; |
+ } |
+ |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::SkipBytes(size_t count) { |
+ if (!CanRead(count)) |
+ return false; |
+ |
+ cursor_ += count; |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::MatchSignature() { |
+ if (!CanRead(NtlmMessage::SIGNATURE_LEN)) |
+ return false; |
+ |
+ if (memcmp(NtlmMessage::SIGNATURE, GetBufferAtCursor(), |
+ NtlmMessage::SIGNATURE_LEN) != 0) |
+ return false; |
+ |
+ cursor_ += NtlmMessage::SIGNATURE_LEN; |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::MatchMessageType(NtlmMessage::MessageType message_type) { |
+ size_t old_cursor = cursor_; |
+ NtlmMessage::MessageType actual_message_type; |
+ if (!ReadMessageType(&actual_message_type)) |
+ return false; |
+ |
+ if (actual_message_type != message_type) { |
+ cursor_ = old_cursor; |
+ return false; |
+ } |
+ |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::MatchMessageHeader( |
+ NtlmMessage::MessageType message_type) { |
+ size_t old_cursor = cursor_; |
+ if (MatchSignature() && MatchMessageType(message_type)) |
+ return true; |
+ |
+ cursor_ = old_cursor; |
+ return false; |
+} |
+ |
+bool NtlmBufferReader::MatchZeros(size_t count) { |
+ if (!CanRead(count)) |
+ return false; |
+ |
+ for (size_t i = 0; i < count; i++) { |
+ if (GetBufferAtCursor()[i] != 0) |
+ return false; |
+ } |
+ |
+ cursor_ += count; |
+ return true; |
+} |
+ |
+bool NtlmBufferReader::MatchEmptySecurityBuffer() { |
+ return MatchZeros(NtlmMessage::SECURITY_BUFFER_LEN); |
+} |
+ |
+} // namespace net |