Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15847)
diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index 9e54db9..2c6cb91 100644
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -50,10 +50,10 @@
unsigned long mask;
char *end;
- if (strncmp(p, "MASK:", 5) == 0) {
- if (p[5] == '\0')
+ if (CHECK_AND_SKIP_PREFIX(p, "MASK:")) {
+ if (*p == '\0')
return 0;
- mask = strtoul(p + 5, &end, 0);
+ mask = strtoul(p, &end, 0);
if (*end)
return 0;
} else if (strcmp(p, "nombstr") == 0)
diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index ecff2be..bb0dcb2 100644
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -325,13 +325,13 @@
ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT);
return -1;
}
- if (strncmp(vstart, "ASCII", 5) == 0)
+ if (HAS_PREFIX(vstart, "ASCII"))
arg->format = ASN1_GEN_FORMAT_ASCII;
- else if (strncmp(vstart, "UTF8", 4) == 0)
+ else if (HAS_PREFIX(vstart, "UTF8"))
arg->format = ASN1_GEN_FORMAT_UTF8;
- else if (strncmp(vstart, "HEX", 3) == 0)
+ else if (HAS_PREFIX(vstart, "HEX"))
arg->format = ASN1_GEN_FORMAT_HEX;
- else if (strncmp(vstart, "BITLIST", 7) == 0)
+ else if (HAS_PREFIX(vstart, "BITLIST"))
arg->format = ASN1_GEN_FORMAT_BITLIST;
else {
ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT);
@@ -765,7 +765,7 @@
int tag;
if (elem == NULL)
return 0;
- if ((len == 3) && (strncmp(elem, "DIR", 3) == 0)) {
+ if (len == 3 && HAS_PREFIX(elem, "DIR")) {
*pmask |= B_ASN1_DIRECTORYSTRING;
return 1;
}
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index 1b8ac34..a05e485 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -972,13 +972,8 @@
if (blen + 2 > linelen)
return 0;
/* Check for part boundary */
- if ((strncmp(line, "--", 2) == 0)
- && strncmp(line + 2, bound, blen) == 0) {
- if (strncmp(line + blen + 2, "--", 2) == 0)
- return 2;
- else
- return 1;
- }
+ if ((CHECK_AND_SKIP_PREFIX(line, "--")) && strncmp(line, bound, blen) == 0)
+ return HAS_PREFIX(line + blen, "--") ? 2 : 1;
return 0;
}
diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c
index ed611d6..b8e4558 100644
--- a/crypto/cmp/cmp_util.c
+++ b/crypto/cmp/cmp_util.c
@@ -53,8 +53,7 @@
if (end_level == NULL)
return -1;
- if (strncmp(level, OSSL_CMP_LOG_PREFIX,
- strlen(OSSL_CMP_LOG_PREFIX)) == 0)
+ if (HAS_PREFIX(level, OSSL_CMP_LOG_PREFIX))
level += strlen(OSSL_CMP_LOG_PREFIX);
len = end_level - level;
if (len > max_level_len)
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index c05c3c6..26764da 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -389,8 +389,8 @@
psection = section;
}
p = eat_ws(conf, end);
- if (strncmp(pname, ".pragma", 7) == 0
- && (p != pname + 7 || *p == '=')) {
+ if (CHECK_AND_SKIP_PREFIX(pname, ".pragma")
+ && (p != pname || *p == '=')) {
char *pval;
if (*p == '=') {
@@ -435,8 +435,8 @@
* We *ignore* any unknown pragma.
*/
continue;
- } else if (strncmp(pname, ".include", 8) == 0
- && (p != pname + 8 || *p == '=')) {
+ } else if (CHECK_AND_SKIP_PREFIX(pname, ".include")
+ && (p != pname || *p == '=')) {
char *include = NULL;
BIO *next;
const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE");
diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c
index bb80836..9d66d7b 100644
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@@ -23,7 +23,6 @@
#include "internal/sockets.h"
#include "internal/cryptlib.h" /* for ossl_assert() */
-#define HAS_PREFIX(str, prefix) (strncmp(str, prefix, sizeof(prefix) - 1) == 0)
#define HTTP_PREFIX "HTTP/"
#define HTTP_VERSION_PATT "1." /* allow 1.x */
#define HTTP_VERSION_STR_LEN sizeof(HTTP_VERSION_PATT) /* == strlen("1.0") */
@@ -377,10 +376,10 @@
int i, retcode;
char *code, *reason, *end;
- if (!HAS_PREFIX(line, HTTP_PREFIX_VERSION))
+ if (!CHECK_AND_SKIP_PREFIX(line, HTTP_PREFIX_VERSION))
goto err;
/* above HTTP 1.0, connection persistence is the default */
- *found_keep_alive = line[strlen(HTTP_PREFIX_VERSION)] > '0';
+ *found_keep_alive = *line > '0';
/* Skip to first whitespace (past protocol info) */
for (code = line; *code != '\0' && !ossl_isspace(*code); code++)
@@ -1297,15 +1296,15 @@
continue;
/* Check for HTTP/1.x */
- if (!HAS_PREFIX(mbuf, HTTP_PREFIX) != 0) {
+ mbufp = mbuf;
+ if (!HAS_PREFIX(mbufp, HTTP_PREFIX)) {
ERR_raise(ERR_LIB_HTTP, HTTP_R_HEADER_PARSE_ERROR);
BIO_printf(bio_err, "%s: HTTP CONNECT failed, non-HTTP response\n",
prog);
/* Wrong protocol, not even HTTP, so stop reading headers */
goto end;
}
- mbufp = mbuf + strlen(HTTP_PREFIX);
- if (!HAS_PREFIX(mbufp, HTTP_VERSION_PATT) != 0) {
+ if (!HAS_PREFIX(mbufp, HTTP_VERSION_PATT)) {
ERR_raise(ERR_LIB_HTTP, HTTP_R_RECEIVED_WRONG_HTTP_VERSION);
BIO_printf(bio_err,
"%s: HTTP CONNECT failed, bad HTTP version %.*s\n",
diff --git a/crypto/params_from_text.c b/crypto/params_from_text.c
index 50f48fd..889b654 100644
--- a/crypto/params_from_text.c
+++ b/crypto/params_from_text.c
@@ -8,7 +8,7 @@
* https://www.openssl.org/source/license.html
*/
-#include <string.h>
+#include "internal/cryptlib.h" /* for HAS_PREFIX */
#include <openssl/ebcdic.h>
#include <openssl/err.h>
#include <openssl/params.h>
@@ -35,10 +35,7 @@
* ishex is used to translate legacy style string controls in hex format
* to octet string parameters.
*/
- *ishex = strncmp(key, "hex", 3) == 0;
-
- if (*ishex)
- key += 3;
+ *ishex = CHECK_AND_SKIP_PREFIX(key, "hex");
p = *paramdef = OSSL_PARAM_locate_const(paramdefs, key);
if (found != NULL)
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 3948021..3d7e2f3 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -484,11 +484,11 @@
* presumably we also parse rfc822-style headers for S/MIME, so a common
* abstraction might well be more generally useful.
*/
+#define PROC_TYPE "Proc-Type:"
+#define ENCRYPTED "ENCRYPTED"
+#define DEK_INFO "DEK-Info:"
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
{
- static const char ProcType[] = "Proc-Type:";
- static const char ENCRYPTED[] = "ENCRYPTED";
- static const char DEKInfo[] = "DEK-Info:";
const EVP_CIPHER *enc = NULL;
int ivlen;
char *dekinfostart, c;
@@ -498,11 +498,10 @@
if ((header == NULL) || (*header == '\0') || (*header == '\n'))
return 1;
- if (strncmp(header, ProcType, sizeof(ProcType)-1) != 0) {
+ if (!CHECK_AND_SKIP_PREFIX(header, PROC_TYPE)) {
ERR_raise(ERR_LIB_PEM, PEM_R_NOT_PROC_TYPE);
return 0;
}
- header += sizeof(ProcType)-1;
header += strspn(header, " \t");
if (*header++ != '4' || *header++ != ',')
@@ -510,12 +509,11 @@
header += strspn(header, " \t");
/* We expect "ENCRYPTED" followed by optional white-space + line break */
- if (strncmp(header, ENCRYPTED, sizeof(ENCRYPTED)-1) != 0 ||
- strspn(header+sizeof(ENCRYPTED)-1, " \t\r\n") == 0) {
+ if (!CHECK_AND_SKIP_PREFIX(header, ENCRYPTED) ||
+ strspn(header, " \t\r\n") == 0) {
ERR_raise(ERR_LIB_PEM, PEM_R_NOT_ENCRYPTED);
return 0;
}
- header += sizeof(ENCRYPTED)-1;
header += strspn(header, " \t\r");
if (*header++ != '\n') {
ERR_raise(ERR_LIB_PEM, PEM_R_SHORT_HEADER);
@@ -526,11 +524,10 @@
* https://tools.ietf.org/html/rfc1421#section-4.6.1.3
* We expect "DEK-Info: algo[,hex-parameters]"
*/
- if (strncmp(header, DEKInfo, sizeof(DEKInfo)-1) != 0) {
+ if (!CHECK_AND_SKIP_PREFIX(header, DEK_INFO)) {
ERR_raise(ERR_LIB_PEM, PEM_R_NOT_DEK_INFO);
return 0;
}
- header += sizeof(DEKInfo)-1;
header += strspn(header, " \t");
/*
@@ -733,12 +730,12 @@
#define LINESIZE 255
/* Note trailing spaces for begin and end. */
-static const char beginstr[] = "-----BEGIN ";
-static const char endstr[] = "-----END ";
-static const char tailstr[] = "-----\n";
-#define BEGINLEN ((int)(sizeof(beginstr) - 1))
-#define ENDLEN ((int)(sizeof(endstr) - 1))
-#define TAILLEN ((int)(sizeof(tailstr) - 1))
+#define BEGINSTR "-----BEGIN "
+#define ENDSTR "-----END "
+#define TAILSTR "-----\n"
+#define BEGINLEN ((int)(sizeof(BEGINSTR) - 1))
+#define ENDLEN ((int)(sizeof(ENDSTR) - 1))
+#define TAILLEN ((int)(sizeof(TAILSTR) - 1))
static int get_name(BIO *bp, char **name, unsigned int flags)
{
char *linebuf;
@@ -769,9 +766,9 @@
first_call = 0;
/* Allow leading empty or non-matching lines. */
- } while (strncmp(linebuf, beginstr, BEGINLEN) != 0
+ } while (!HAS_PREFIX(linebuf, BEGINSTR)
|| len < TAILLEN
- || strncmp(linebuf + len - TAILLEN, tailstr, TAILLEN) != 0);
+ || !HAS_PREFIX(linebuf + len - TAILLEN, TAILSTR));
linebuf[len - TAILLEN] = '\0';
len = len - BEGINLEN - TAILLEN + 1;
*name = pem_malloc(len, flags);
@@ -844,7 +841,7 @@
if (memchr(linebuf, ':', len) != NULL)
got_header = IN_HEADER;
}
- if (!strncmp(linebuf, endstr, ENDLEN) || got_header == IN_HEADER)
+ if (HAS_PREFIX(linebuf, ENDSTR) || got_header == IN_HEADER)
flags_mask &= ~PEM_FLAG_ONLY_B64;
len = sanitize_line(linebuf, len, flags & flags_mask, 0);
@@ -867,11 +864,11 @@
}
/* Check for end of stream (which means there is no header). */
- if (strncmp(linebuf, endstr, ENDLEN) == 0) {
- p = linebuf + ENDLEN;
+ p = linebuf;
+ if (CHECK_AND_SKIP_PREFIX(p, ENDSTR)) {
namelen = strlen(name);
if (strncmp(p, name, namelen) != 0 ||
- strncmp(p + namelen, tailstr, TAILLEN) != 0) {
+ !HAS_PREFIX(p + namelen, TAILSTR)) {
ERR_raise(ERR_LIB_PEM, PEM_R_BAD_END_LINE);
goto err;
}
diff --git a/crypto/punycode.c b/crypto/punycode.c
index 385b4b1..4c534db 100644
--- a/crypto/punycode.c
+++ b/crypto/punycode.c
@@ -8,10 +8,10 @@
*/
#include <stddef.h>
-#include <string.h>
#include <stdio.h>
#include <openssl/e_os2.h>
#include "crypto/punycode.h"
+#include "internal/cryptlib.h" /* for HAS_PREFIX */
static const unsigned int base = 36;
static const unsigned int tmin = 1;
@@ -266,7 +266,7 @@
char *tmpptr = strchr(inptr, '.');
size_t delta = (tmpptr) ? (size_t)(tmpptr - inptr) : strlen(inptr);
- if (strncmp(inptr, "xn--", 4) != 0) {
+ if (!HAS_PREFIX(inptr, "xn--")) {
size += delta + 1;
if (size >= *outlen - 1)
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index 833ec8f..42722a2 100644
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -94,7 +94,7 @@
if ((p = strchr(scheme_copy, ':')) != NULL) {
*p++ = '\0';
if (strcasecmp(scheme_copy, "file") != 0) {
- if (strncmp(p, "//", 2) == 0)
+ if (HAS_PREFIX(p, "//"))
schemes_n--; /* Invalidate the file scheme */
schemes[schemes_n++] = scheme_copy;
}
diff --git a/crypto/x509/v3_conf.c b/crypto/x509/v3_conf.c
index b95c652..8201ba0 100644
--- a/crypto/x509/v3_conf.c
+++ b/crypto/x509/v3_conf.c
@@ -200,9 +200,8 @@
{
const char *p = *value;
- if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
+ if (!CHECK_AND_SKIP_PREFIX(p, "critical,"))
return 0;
- p += 9;
while (ossl_isspace(*p))
p++;
*value = p;
@@ -215,11 +214,9 @@
int gen_type = 0;
const char *p = *value;
- if ((strlen(p) >= 4) && strncmp(p, "DER:", 4) == 0) {
- p += 4;
+ if (CHECK_AND_SKIP_PREFIX(p, "DER:")) {
gen_type = 1;
- } else if ((strlen(p) >= 5) && strncmp(p, "ASN1:", 5) == 0) {
- p += 5;
+ } else if (CHECK_AND_SKIP_PREFIX(p, "ASN1:")) {
gen_type = 2;
} else
return 0;
diff --git a/crypto/x509/v3_cpols.c b/crypto/x509/v3_cpols.c
index 5353a69..65fab71 100644
--- a/crypto/x509/v3_cpols.c
+++ b/crypto/x509/v3_cpols.c
@@ -261,17 +261,17 @@
if (len == -1)
return V_ASN1_VISIBLESTRING;
*tag_len = len;
- if (len == sizeof("UTF8") - 1 && strncmp(tagstr, "UTF8", len) == 0)
+ if (len == sizeof("UTF8") - 1 && HAS_PREFIX(tagstr, "UTF8"))
return V_ASN1_UTF8STRING;
- if (len == sizeof("UTF8String") - 1 && strncmp(tagstr, "UTF8String", len) == 0)
+ if (len == sizeof("UTF8String") - 1 && HAS_PREFIX(tagstr, "UTF8String"))
return V_ASN1_UTF8STRING;
- if (len == sizeof("BMP") - 1 && strncmp(tagstr, "BMP", len) == 0)
+ if (len == sizeof("BMP") - 1 && HAS_PREFIX(tagstr, "BMP"))
return V_ASN1_BMPSTRING;
- if (len == sizeof("BMPSTRING") - 1 && strncmp(tagstr, "BMPSTRING", len) == 0)
+ if (len == sizeof("BMPSTRING") - 1 && HAS_PREFIX(tagstr, "BMPSTRING"))
return V_ASN1_BMPSTRING;
- if (len == sizeof("VISIBLE") - 1 && strncmp(tagstr, "VISIBLE", len) == 0)
+ if (len == sizeof("VISIBLE") - 1 && HAS_PREFIX(tagstr, "VISIBLE"))
return V_ASN1_VISIBLESTRING;
- if (len == sizeof("VISIBLESTRING") - 1 && strncmp(tagstr, "VISIBLESTRING", len) == 0)
+ if (len == sizeof("VISIBLESTRING") - 1 && HAS_PREFIX(tagstr, "VISIBLESTRING"))
return V_ASN1_VISIBLESTRING;
*tag_len = 0;
return V_ASN1_VISIBLESTRING;
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index bc755f5..b831f77 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -70,7 +70,7 @@
STACK_OF(GENERAL_NAME) *fnm = NULL;
STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
- if (strncmp(cnf->name, "fullname", 9) == 0) {
+ if (HAS_PREFIX(cnf->name, "fullname")) {
fnm = gnames_from_sectname(ctx, cnf->value);
if (!fnm)
goto err;
diff --git a/crypto/x509/v3_ncons.c b/crypto/x509/v3_ncons.c
index c9e66a0..7ffb88c 100644
--- a/crypto/x509/v3_ncons.c
+++ b/crypto/x509/v3_ncons.c
@@ -138,10 +138,10 @@
goto memerr;
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
val = sk_CONF_VALUE_value(nval, i);
- if (strncmp(val->name, "permitted", 9) == 0 && val->name[9]) {
+ if (HAS_PREFIX(val->name, "permitted") && val->name[9]) {
ptree = &ncons->permittedSubtrees;
tval.name = val->name + 10;
- } else if (strncmp(val->name, "excluded", 8) == 0 && val->name[8]) {
+ } else if (HAS_PREFIX(val->name, "excluded") && val->name[8]) {
ptree = &ncons->excludedSubtrees;
tval.name = val->name + 9;
} else {
diff --git a/crypto/x509/v3_pci.c b/crypto/x509/v3_pci.c
index a931e01..79fe76d 100644
--- a/crypto/x509/v3_pci.c
+++ b/crypto/x509/v3_pci.c
@@ -112,6 +112,7 @@
return 0;
}
} else if (strcmp(val->name, "policy") == 0) {
+ char *valp = val->value;
unsigned char *tmp_data = NULL;
long val_len;
@@ -124,9 +125,9 @@
}
free_policy = 1;
}
- if (strncmp(val->value, "hex:", 4) == 0) {
+ if (CHECK_AND_SKIP_PREFIX(valp, "hex:")) {
unsigned char *tmp_data2 =
- OPENSSL_hexstr2buf(val->value + 4, &val_len);
+ OPENSSL_hexstr2buf(valp, &val_len);
if (!tmp_data2) {
X509V3_conf_err(val);
@@ -155,10 +156,10 @@
goto err;
}
OPENSSL_free(tmp_data2);
- } else if (strncmp(val->value, "file:", 5) == 0) {
+ } else if (CHECK_AND_SKIP_PREFIX(valp, "file:")) {
unsigned char buf[2048];
int n;
- BIO *b = BIO_new_file(val->value + 5, "r");
+ BIO *b = BIO_new_file(valp, "r");
if (!b) {
ERR_raise(ERR_LIB_X509V3, ERR_R_BIO_LIB);
X509V3_conf_err(val);
@@ -194,8 +195,8 @@
X509V3_conf_err(val);
goto err;
}
- } else if (strncmp(val->value, "text:", 5) == 0) {
- val_len = strlen(val->value + 5);
+ } else if (CHECK_AND_SKIP_PREFIX(valp, "text:")) {
+ val_len = strlen(valp);
tmp_data = OPENSSL_realloc((*policy)->data,
(*policy)->length + val_len + 1);
if (tmp_data) {
