From 72cefcfc834706404d7bcb261939903661fff0f9 Mon Sep 17 00:00:00 2001 From: Juan RP Date: Sat, 27 Sep 2014 13:00:34 +0200 Subject: [PATCH] Introduce xbps_mmap_file() and use it in strategic points. Rather than using a random buffer from stack or heap, and decide what size to use, create a private memory mapped object... This simplifies the code in lib/verifysig.c and xbps-create. --- bin/xbps-create/main.c | 29 ++++------------ include/xbps.h.in | 17 ++++++++- lib/util_hash.c | 79 ++++++++++++++++++++++++++++++------------ lib/verifysig.c | 36 +++++-------------- 4 files changed, 86 insertions(+), 75 deletions(-) diff --git a/bin/xbps-create/main.c b/bin/xbps-create/main.c index 427c386a..5ba1411e 100644 --- a/bin/xbps-create/main.c +++ b/bin/xbps-create/main.c @@ -427,11 +427,8 @@ process_destdir(const char *mutable_files) static void write_entry(struct archive *ar, struct archive_entry *entry) { - char buf[16384]; - const char *name; - int fd = -1; - off_t len; - ssize_t buf_len; + char *mmf; + size_t mmflen, filelen; if (archive_entry_pathname(entry) == NULL) return; @@ -449,25 +446,11 @@ write_entry(struct archive *ar, struct archive_entry *entry) return; } - name = archive_entry_sourcepath(entry); - fd = open(name, O_RDONLY); - assert(fd != -1); - - len = archive_entry_size(entry); - while (len > 0) { - buf_len = (len > (off_t)sizeof(buf)) ? - (ssize_t)sizeof(buf) : (ssize_t)len; - - if ((buf_len = read(fd, buf, buf_len)) == 0) - break; - else if (buf_len < 0) - die("cannot read from %s", name); - - archive_write_data(ar, buf, (size_t)buf_len); - len -= buf_len; - } - close(fd); + if (!xbps_mmap_file(archive_entry_sourcepath(entry), (void *)&mmf, &mmflen, &filelen)) + die("cannot read %s file", name); + archive_write_data(ar, mmf, filelen); + (void)munmap(mmf, mmflen); archive_entry_free(entry); } diff --git a/include/xbps.h.in b/include/xbps.h.in index 2e909a0f..d2c3390a 100644 --- a/include/xbps.h.in +++ b/include/xbps.h.in @@ -48,7 +48,7 @@ * * This header documents the full API for the XBPS Library. */ -#define XBPS_API_VERSION "20140923" +#define XBPS_API_VERSION "20140927" #ifndef XBPS_VERSION #define XBPS_VERSION "UNSET" @@ -1635,6 +1635,21 @@ int xbps_mkpath(const char *path, mode_t mode); */ char *xbps_xasprintf(const char *fmt, ...); +/** + * Creates a memory mapped object from file \a file into \a mmf + * with size \a mmflen, and file size to \a filelen; + * + * @param[in] file Path to a file. + * @param[out] mmf Memory mapped object. + * @param[out] mmflen Length of memory mapped object. + * @param[out] filelen File size length. + * + * @return True on success, false otherwise and errno + * is set appropiately. The mmaped object should be munmap()ed when it's + * not longer needed. + */ +bool xbps_mmap_file(const char *file, void **mmf, size_t *mmflen, size_t *filelen); + /** * Returns a string with the sha256 hash for the file specified * by \a file. diff --git a/lib/util_hash.c b/lib/util_hash.c index a374c332..80acd94f 100644 --- a/lib/util_hash.c +++ b/lib/util_hash.c @@ -22,7 +22,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - +#include #include #include #include @@ -57,44 +57,77 @@ digest2string(const uint8_t *digest, char *string, size_t len) *string = '\0'; } -char * -xbps_file_hash(const char *file) +bool +xbps_mmap_file(const char *file, void **mmf, size_t *mmflen, size_t *filelen) { struct stat st; - SHA256_CTX ctx; - char hash[SHA256_DIGEST_LENGTH * 2 + 1]; - unsigned char digest[SHA256_DIGEST_LENGTH]; - ssize_t ret; - unsigned char buf[4096]; + size_t pgsize = (size_t)sysconf(_SC_PAGESIZE); + size_t pgmask = pgsize - 1, mapsize; + unsigned char *mf; + bool need_guard = false; int fd; + assert(file); + if ((fd = open(file, O_RDONLY)) == -1) - return NULL; + return false; if (fstat(fd, &st) == -1) { (void)close(fd); - return NULL; + return false; } if (st.st_size > SSIZE_MAX - 1) { (void)close(fd); - return NULL; + return false; } - - SHA256_Init(&ctx); - while ((ret = read(fd, buf, sizeof(buf))) > 0) - SHA256_Update(&ctx, buf, ret); - - if (ret == -1) { - /* read error */ + mapsize = ((size_t)st.st_size + pgmask) & ~pgmask; + if (mapsize < (size_t)st.st_size) { (void)close(fd); - return NULL; + return false; + } + /* + * If the file length is an integral number of pages, then we + * need to map a guard page at the end in order to provide the + * necessary NUL-termination of the buffer. + */ + if ((st.st_size & pgmask) == 0) + need_guard = true; + + mf = mmap(NULL, need_guard ? mapsize + pgsize : mapsize, + PROT_READ, MAP_PRIVATE, fd, 0); + (void)close(fd); + if (mf == MAP_FAILED) { + (void)munmap(mf, mapsize); + return false; } - SHA256_Final(digest, &ctx); - (void)close(fd); - digest2string(digest, hash, SHA256_DIGEST_LENGTH); + *mmf = mf; + *mmflen = mapsize; + *filelen = st.st_size; - return strdup(hash); + return true; +} + +char * +xbps_file_hash(const char *file) +{ + char *res, hash[SHA256_DIGEST_LENGTH * 2 + 1]; + unsigned char digest[SHA256_DIGEST_LENGTH]; + unsigned char *mmf = NULL; + size_t mmflen, filelen; + + if (!xbps_mmap_file(file, (void *)&mmf, &mmflen, &filelen)) + return NULL; + + if (SHA256(mmf, filelen, digest) == NULL) { + (void)munmap(mmf, mmflen); + return NULL; + } + digest2string(digest, hash, SHA256_DIGEST_LENGTH); + res = strdup(hash); + (void)munmap(mmf, mmflen); + + return res; } int diff --git a/lib/verifysig.c b/lib/verifysig.c index a697098f..313b8b06 100644 --- a/lib/verifysig.c +++ b/lib/verifysig.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include @@ -81,11 +82,10 @@ xbps_verify_file_signature(struct xbps_repo *repo, const char *fname) { xbps_dictionary_t repokeyd = NULL; xbps_data_t pubkey; - struct stat st, sig_st; const char *hexfp = NULL; unsigned char *buf = NULL, *sig_buf = NULL; + size_t buflen, filelen, sigbuflen, sigfilelen; char *rkeyfile = NULL, *sig = NULL; - int fd = -1, sig_fd = -1; bool val = false; if (!xbps_dictionary_count(repo->idxmeta)) { @@ -116,50 +116,30 @@ xbps_verify_file_signature(struct xbps_repo *repo, const char *fname) /* * Prepare fname and signature data buffers. */ - if ((fd = open(fname, O_RDONLY)) == -1) { + if (!xbps_mmap_file(fname, (void *)&buf, &buflen, &filelen)) { xbps_dbg_printf(repo->xhp, "can't open file %s: %s\n", fname, strerror(errno)); goto out; } sig = xbps_xasprintf("%s.sig", fname); - if ((sig_fd = open(sig, O_RDONLY)) == -1) { + if (!xbps_mmap_file(sig, (void *)&sig_buf, &sigbuflen, &sigfilelen)) { xbps_dbg_printf(repo->xhp, "can't open signature file %s: %s\n", sig, strerror(errno)); goto out; } - fstat(fd, &st); - fstat(sig_fd, &sig_st); - - buf = malloc(st.st_size); - assert(buf); - sig_buf = malloc(sig_st.st_size); - assert(sig_buf); - - if (read(fd, buf, st.st_size) != st.st_size) { - xbps_dbg_printf(repo->xhp, "failed to read file %s: %s\n", fname, strerror(errno)); - goto out; - } - if (read(sig_fd, sig_buf, sig_st.st_size) != sig_st.st_size) { - xbps_dbg_printf(repo->xhp, "failed to read signature file %s: %s\n", sig, strerror(errno)); - goto out; - } /* * Verify fname RSA signature. */ - if (rsa_verify_buf(repo, pubkey, sig_buf, sig_st.st_size, buf, st.st_size)) + if (rsa_verify_buf(repo, pubkey, sig_buf, sigfilelen, buf, filelen)) val = true; out: if (rkeyfile) free(rkeyfile); - if (fd != -1) - close(fd); - if (sig_fd != -1) - close(sig_fd); if (buf) - free(buf); + (void)munmap(buf, buflen); + if (sig_buf) + (void)munmap(sig_buf, sigbuflen); if (sig) free(sig); - if (sig_buf) - free(sig_buf); if (repokeyd) xbps_object_release(repokeyd);