1 /*
2  * Copyright (C) 2016 The Android Open Source Project
3  *
4  * Permission is hereby granted, free of charge, to any person
5  * obtaining a copy of this software and associated documentation
6  * files (the "Software"), to deal in the Software without
7  * restriction, including without limitation the rights to use, copy,
8  * modify, merge, publish, distribute, sublicense, and/or sell copies
9  * of the Software, and to permit persons to whom the Software is
10  * furnished to do so, subject to the following conditions:
11  *
12  * The above copyright notice and this permission notice shall be
13  * included in all copies or substantial portions of the Software.
14  *
15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22  * SOFTWARE.
23  */
24 
25 #include "avb_property_descriptor.h"
26 #include "avb_util.h"
27 
avb_property_descriptor_validate_and_byteswap(const AvbPropertyDescriptor * src,AvbPropertyDescriptor * dest)28 bool avb_property_descriptor_validate_and_byteswap(
29     const AvbPropertyDescriptor* src, AvbPropertyDescriptor* dest) {
30   uint64_t expected_size;
31 
32   avb_memcpy(dest, src, sizeof(AvbPropertyDescriptor));
33 
34   if (!avb_descriptor_validate_and_byteswap((const AvbDescriptor*)src,
35                                             (AvbDescriptor*)dest))
36     return false;
37 
38   if (dest->parent_descriptor.tag != AVB_DESCRIPTOR_TAG_PROPERTY) {
39     avb_error("Invalid tag for property descriptor.\n");
40     return false;
41   }
42 
43   dest->key_num_bytes = avb_be64toh(dest->key_num_bytes);
44   dest->value_num_bytes = avb_be64toh(dest->value_num_bytes);
45 
46   /* Check that key and value are fully contained. */
47   expected_size = sizeof(AvbPropertyDescriptor) - sizeof(AvbDescriptor) + 2;
48   if (!avb_safe_add_to(&expected_size, dest->key_num_bytes) ||
49       !avb_safe_add_to(&expected_size, dest->value_num_bytes)) {
50     avb_error("Overflow while adding up sizes.\n");
51     return false;
52   }
53   if (expected_size > dest->parent_descriptor.num_bytes_following) {
54     avb_error("Descriptor payload size overflow.\n");
55     return false;
56   }
57 
58   return true;
59 }
60 
61 typedef struct {
62   const char* key;
63   size_t key_size;
64   const char* ret_value;
65   size_t ret_value_size;
66 } PropertyIteratorData;
67 
property_lookup_desc_foreach(const AvbDescriptor * header,void * user_data)68 static bool property_lookup_desc_foreach(const AvbDescriptor* header,
69                                          void* user_data) {
70   PropertyIteratorData* data = (PropertyIteratorData*)user_data;
71   AvbPropertyDescriptor prop_desc;
72   const uint8_t* p;
73   bool ret = true;
74 
75   if (header->tag != AVB_DESCRIPTOR_TAG_PROPERTY) {
76     goto out;
77   }
78 
79   if (!avb_property_descriptor_validate_and_byteswap(
80           (const AvbPropertyDescriptor*)header, &prop_desc)) {
81     goto out;
82   }
83 
84   p = (const uint8_t*)header;
85   if (p[sizeof(AvbPropertyDescriptor) + prop_desc.key_num_bytes] != 0) {
86     avb_error("No terminating NUL byte in key.\n");
87     goto out;
88   }
89 
90   if (data->key_size == prop_desc.key_num_bytes) {
91     if (avb_memcmp(p + sizeof(AvbPropertyDescriptor),
92                    data->key,
93                    data->key_size) == 0) {
94       data->ret_value = (const char*)(p + sizeof(AvbPropertyDescriptor) +
95                                       prop_desc.key_num_bytes + 1);
96       data->ret_value_size = prop_desc.value_num_bytes;
97       /* Stop iterating. */
98       ret = false;
99       goto out;
100     }
101   }
102 
103 out:
104   return ret;
105 }
106 
avb_property_lookup(const uint8_t * image_data,size_t image_size,const char * key,size_t key_size,size_t * out_value_size)107 const char* avb_property_lookup(const uint8_t* image_data,
108                                 size_t image_size,
109                                 const char* key,
110                                 size_t key_size,
111                                 size_t* out_value_size) {
112   PropertyIteratorData data;
113 
114   if (key_size == 0) {
115     key_size = avb_strlen(key);
116   }
117 
118   data.key = key;
119   data.key_size = key_size;
120 
121   if (avb_descriptor_foreach(
122           image_data, image_size, property_lookup_desc_foreach, &data) == 0) {
123     if (out_value_size != NULL) {
124       *out_value_size = data.ret_value_size;
125     }
126     return data.ret_value;
127   }
128 
129   if (out_value_size != NULL) {
130     *out_value_size = 0;
131   }
132   return NULL;
133 }
134 
avb_property_lookup_uint64(const uint8_t * image_data,size_t image_size,const char * key,size_t key_size,uint64_t * out_value)135 bool avb_property_lookup_uint64(const uint8_t* image_data,
136                                 size_t image_size,
137                                 const char* key,
138                                 size_t key_size,
139                                 uint64_t* out_value) {
140   const char* value;
141   bool ret = false;
142   uint64_t parsed_val;
143   int base;
144   int n;
145 
146   value = avb_property_lookup(image_data, image_size, key, key_size, NULL);
147   if (value == NULL) {
148     goto out;
149   }
150 
151   base = 10;
152   if (avb_memcmp(value, "0x", 2) == 0) {
153     base = 16;
154     value += 2;
155   }
156 
157   parsed_val = 0;
158   for (n = 0; value[n] != '\0'; n++) {
159     int c = value[n];
160     int digit;
161 
162     parsed_val *= base;
163 
164     if (c >= '0' && c <= '9') {
165       digit = c - '0';
166     } else if (base == 16 && c >= 'a' && c <= 'f') {
167       digit = c - 'a' + 10;
168     } else if (base == 16 && c >= 'A' && c <= 'F') {
169       digit = c - 'A' + 10;
170     } else {
171       avb_error("Invalid digit.\n");
172       goto out;
173     }
174 
175     parsed_val += digit;
176   }
177 
178   ret = true;
179   if (out_value != NULL) {
180     *out_value = parsed_val;
181   }
182 
183 out:
184   return ret;
185 }
186