changeset 241:c5d3ef11155f

* use own assertions which should get logged properly
author Matt Johnston <matt@ucc.asn.au>
date Mon, 05 Sep 2005 15:16:10 +0000
parents e923801a7678
children 3311f4aa52cb
files buffer.c circbuffer.c common-channel.c common-session.c dbutil.c dbutil.h dss.c keyimport.c packet.c queue.c rsa.c svr-authpubkey.c svr-chansession.c svr-main.c
diffstat 14 files changed, 67 insertions(+), 60 deletions(-) [+]
line wrap: on
line diff
--- a/buffer.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/buffer.c	Mon Sep 05 15:16:10 2005 +0000
@@ -153,7 +153,7 @@
 unsigned char buf_getbyte(buffer* buf) {
 
 	/* This check is really just ==, but the >= allows us to check for the
-	 * assert()able case of pos > len, which should _never_ happen. */
+	 * bad case of pos > len, which should _never_ happen. */
 	if (buf->pos >= buf->len) {
 		dropbear_exit("bad buf_getbyte");
 	}
@@ -270,7 +270,7 @@
 	unsigned int len, pad = 0;
 	TRACE(("enter buf_putmpint"))
 
-	assert(mp != NULL);
+	dropbear_assert(mp != NULL);
 
 	if (SIGN(mp) == MP_NEG) {
 		dropbear_exit("negative bignum");
--- a/circbuffer.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/circbuffer.c	Mon Sep 05 15:16:10 2005 +0000
@@ -66,8 +66,8 @@
 
 unsigned int cbuf_readlen(circbuffer *cbuf) {
 
-	assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size);
-	assert(((2*cbuf->size)+cbuf->readpos-cbuf->writepos)%cbuf->size == (cbuf->size-cbuf->used)%cbuf->size);
+	dropbear_assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size);
+	dropbear_assert(((2*cbuf->size)+cbuf->readpos-cbuf->writepos)%cbuf->size == (cbuf->size-cbuf->used)%cbuf->size);
 
 	if (cbuf->used == 0) {
 		TRACE(("cbuf_readlen: unused buffer"))
@@ -83,9 +83,9 @@
 
 unsigned int cbuf_writelen(circbuffer *cbuf) {
 
-	assert(cbuf->used <= cbuf->size);
-	assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size);
-	assert(((2*cbuf->size)+cbuf->readpos-cbuf->writepos)%cbuf->size == (cbuf->size-cbuf->used)%cbuf->size);
+	dropbear_assert(cbuf->used <= cbuf->size);
+	dropbear_assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size);
+	dropbear_assert(((2*cbuf->size)+cbuf->readpos-cbuf->writepos)%cbuf->size == (cbuf->size-cbuf->used)%cbuf->size);
 
 	if (cbuf->used == cbuf->size) {
 		TRACE(("cbuf_writelen: full buffer"))
@@ -122,7 +122,7 @@
 	}
 
 	cbuf->used += len;
-	assert(cbuf->used <= cbuf->size);
+	dropbear_assert(cbuf->used <= cbuf->size);
 	cbuf->writepos = (cbuf->writepos + len) % cbuf->size;
 }
 
@@ -132,7 +132,7 @@
 		dropbear_exit("bad cbuf read");
 	}
 
-	assert(cbuf->used >= len);
+	dropbear_assert(cbuf->used >= len);
 	cbuf->used -= len;
 	cbuf->readpos = (cbuf->readpos + len) % cbuf->size;
 }
--- a/common-channel.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/common-channel.c	Mon Sep 05 15:16:10 2005 +0000
@@ -409,9 +409,9 @@
 		channel->recvdonelen = 0;
 	}
 
-	assert(channel->recvwindow <= RECV_MAXWINDOW);
-	assert(channel->recvwindow <= cbuf_getavail(channel->writebuf));
-	assert(channel->extrabuf == NULL ||
+	dropbear_assert(channel->recvwindow <= RECV_MAXWINDOW);
+	dropbear_assert(channel->recvwindow <= cbuf_getavail(channel->writebuf));
+	dropbear_assert(channel->extrabuf == NULL ||
 			channel->recvwindow <= cbuf_getavail(channel->extrabuf));
 	
 	
@@ -603,14 +603,14 @@
 
 	CHECKCLEARTOWRITE();
 
-	assert(!channel->sentclosed);
+	dropbear_assert(!channel->sentclosed);
 
 	if (isextended) {
 		fd = channel->errfd;
 	} else {
 		fd = channel->outfd;
 	}
-	assert(fd >= 0);
+	dropbear_assert(fd >= 0);
 
 	maxlen = MIN(channel->transwindow, channel->transmaxpacket);
 	/* -(1+4+4) is SSH_MSG_CHANNEL_DATA, channel number, string length, and 
@@ -718,9 +718,9 @@
 		len -= buflen;
 	}
 
-	assert(channel->recvwindow >= datalen);
+	dropbear_assert(channel->recvwindow >= datalen);
 	channel->recvwindow -= datalen;
-	assert(channel->recvwindow <= RECV_MAXWINDOW);
+	dropbear_assert(channel->recvwindow <= RECV_MAXWINDOW);
 
 	TRACE(("leave recv_msg_channel_data"))
 }
--- a/common-session.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/common-session.c	Mon Sep 05 15:16:10 2005 +0000
@@ -126,7 +126,7 @@
 		timeout.tv_usec = 0;
 		FD_ZERO(&writefd);
 		FD_ZERO(&readfd);
-		assert(ses.payload == NULL);
+		dropbear_assert(ses.payload == NULL);
 		if (ses.sock != -1) {
 			FD_SET(ses.sock, &readfd);
 			if (!isempty(&ses.writequeue)) {
--- a/dbutil.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/dbutil.c	Mon Sep 05 15:16:10 2005 +0000
@@ -110,6 +110,10 @@
 	exit(exitcode);
 }
 
+void fail_assert(const char* expr, const char* file, int line) {
+	dropbear_exit("failed assertion (%s:%d): `%s'", file, line, expr);
+}
+
 static void generic_dropbear_log(int UNUSED(priority), const char* format, 
 		va_list param) {
 
--- a/dbutil.h	Fri Sep 02 15:35:18 2005 +0000
+++ b/dbutil.h	Mon Sep 05 15:16:10 2005 +0000
@@ -39,6 +39,7 @@
 void dropbear_exit(const char* format, ...);
 void dropbear_close(const char* format, ...);
 void dropbear_log(int priority, const char* format, ...);
+void fail_assert(const char* expr, const char* file, int line);
 #ifdef DEBUG_TRACE
 void dropbear_trace(const char* format, ...);
 void printhex(const char * label, const unsigned char * buf, int len);
@@ -66,4 +67,7 @@
 /* Used to force mp_ints to be initialised */
 #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL}
 
+/* Dropbear assertion */
+#define dropbear_assert(X) do { if (!(X)) { fail_assert(#X, __FILE__, __LINE__); } } while (0)
+
 #endif /* _DBUTIL_H_ */
--- a/dss.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/dss.c	Mon Sep 05 15:16:10 2005 +0000
@@ -46,7 +46,7 @@
 int buf_get_dss_pub_key(buffer* buf, dss_key *key) {
 
 	TRACE(("enter buf_get_dss_pub_key"))
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 	key->p = m_malloc(sizeof(mp_int));
 	key->q = m_malloc(sizeof(mp_int));
 	key->g = m_malloc(sizeof(mp_int));
@@ -80,7 +80,7 @@
 
 	int ret = DROPBEAR_FAILURE;
 
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 
 	ret = buf_get_dss_pub_key(buf, key);
 	if (ret == DROPBEAR_FAILURE) {
@@ -137,7 +137,7 @@
  */
 void buf_put_dss_pub_key(buffer* buf, dss_key *key) {
 
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 	buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
 	buf_putmpint(buf, key->p);
 	buf_putmpint(buf, key->q);
@@ -149,7 +149,7 @@
 /* Same as buf_put_dss_pub_key, but with the private "x" key appended */
 void buf_put_dss_priv_key(buffer* buf, dss_key *key) {
 
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 	buf_put_dss_pub_key(buf, key);
 	buf_putmpint(buf, key->x);
 
@@ -172,7 +172,7 @@
 	int stringlen;
 
 	TRACE(("enter buf_dss_verify"))
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 
 	m_mp_init_multi(&val1, &val2, &val3, &val4, NULL);
 
@@ -310,7 +310,7 @@
 	hash_state hs;
 	
 	TRACE(("enter buf_put_dss_sign"))
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 	
 	/* hash the data */
 	sha1_init(&hs);
@@ -380,7 +380,7 @@
 	buf_putint(buf, 2*SHA1_HASH_SIZE);
 
 	writelen = mp_unsigned_bin_size(&dss_r);
-	assert(writelen <= SHA1_HASH_SIZE);
+	dropbear_assert(writelen <= SHA1_HASH_SIZE);
 	/* need to pad to 160 bits with leading zeros */
 	for (i = 0; i < SHA1_HASH_SIZE - writelen; i++) {
 		buf_putbyte(buf, 0);
@@ -393,7 +393,7 @@
 	buf_incrwritepos(buf, writelen);
 
 	writelen = mp_unsigned_bin_size(&dss_s);
-	assert(writelen <= SHA1_HASH_SIZE);
+	dropbear_assert(writelen <= SHA1_HASH_SIZE);
 	/* need to pad to 160 bits with leading zeros */
 	for (i = 0; i < SHA1_HASH_SIZE - writelen; i++) {
 		buf_putbyte(buf, 0);
--- a/keyimport.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/keyimport.c	Mon Sep 05 15:16:10 2005 +0000
@@ -203,7 +203,7 @@
 	unsigned long outlen;
 	int rawcpl;
 	rawcpl = cpl * 3 / 4;
-	assert((unsigned int)cpl < sizeof(out));
+	dropbear_assert((unsigned int)cpl < sizeof(out));
 
     while (datalen > 0) {
 		n = (datalen < rawcpl ? datalen : rawcpl);
@@ -714,7 +714,7 @@
 	}
 #endif
 
-	assert(keytype != -1);
+	dropbear_assert(keytype != -1);
 
 	/*
 	 * Fetch the key blobs.
@@ -913,7 +913,7 @@
 	 * with the same value. Those are all removed and the rest is
 	 * returned.
 	 */
-	assert(pos == len);
+	dropbear_assert(pos == len);
 	while (pos < outlen) {
 		outblob[pos++] = outlen - len;
 	}
@@ -1491,7 +1491,7 @@
 		privlen = pos - publen;
 	}
 
-	assert(privlen > 0);			   /* should have bombed by now if not */
+	dropbear_assert(privlen > 0);			   /* should have bombed by now if not */
 
 	retkey = snew(struct ssh2_userkey);
 	retkey->alg = alg;
@@ -1557,7 +1557,7 @@
 		pos += ssh2_read_mpint(privblob+pos, privlen-pos, &q);
 		pos += ssh2_read_mpint(privblob+pos, privlen-pos, &iqmp);
 
-		assert(e.start && iqmp.start); /* can't go wrong */
+		dropbear_assert(e.start && iqmp.start); /* can't go wrong */
 
 		numbers[0] = e;
 		numbers[1] = d;
@@ -1581,7 +1581,7 @@
 		pos = 0;
 		pos += ssh2_read_mpint(privblob+pos, privlen-pos, &x);
 
-		assert(y.start && x.start); /* can't go wrong */
+		dropbear_assert(y.start && x.start); /* can't go wrong */
 
 		numbers[0] = p;
 		numbers[1] = g;
@@ -1593,7 +1593,7 @@
 		initial_zero = 1;
 		type = "dl-modp{sign{dsa-nist-sha1},dh{plain}}";
 	} else {
-		assert(0);					 /* zoinks! */
+		dropbear_assert(0);					 /* zoinks! */
 	}
 
 	/*
@@ -1637,13 +1637,13 @@
 	}
 	ciphertext = (char *)outblob+lenpos+4;
 	cipherlen = pos - (lenpos+4);
-	assert(!passphrase || cipherlen % 8 == 0);
+	dropbear_assert(!passphrase || cipherlen % 8 == 0);
 	/* Wrap up the encrypted blob string. */
 	PUT_32BIT(outblob+lenpos, cipherlen);
 	/* And finally fill in the total length field. */
 	PUT_32BIT(outblob+4, pos);
 
-	assert(pos < outlen);
+	dropbear_assert(pos < outlen);
 
 	/*
 	 * Encrypt the key.
--- a/packet.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/packet.c	Mon Sep 05 15:16:10 2005 +0000
@@ -53,13 +53,13 @@
 	buffer * writebuf = NULL;
 	
 	TRACE(("enter write_packet"))
-	assert(!isempty(&ses.writequeue));
+	dropbear_assert(!isempty(&ses.writequeue));
 
 	/* Get the next buffer in the queue of encrypted packets to write*/
 	writebuf = (buffer*)examine(&ses.writequeue);
 
 	len = writebuf->len - writebuf->pos;
-	assert(len > 0);
+	dropbear_assert(len > 0);
 	/* Try to write as much as possible */
 	written = write(ses.sock, buf_getptr(writebuf, len), len);
 
@@ -118,7 +118,7 @@
 
 	/* Attempt to read the remainder of the packet, note that there
 	 * mightn't be any available (EAGAIN) */
-	assert(ses.readbuf != NULL);
+	dropbear_assert(ses.readbuf != NULL);
 	maxlen = ses.readbuf->len - ses.readbuf->pos;
 	len = read(ses.sock, buf_getptr(ses.readbuf, maxlen), maxlen);
 
@@ -162,7 +162,7 @@
 	if (ses.readbuf == NULL) {
 		/* start of a new packet */
 		ses.readbuf = buf_new(INIT_READBUF);
-		assert(ses.decryptreadbuf == NULL);
+		dropbear_assert(ses.decryptreadbuf == NULL);
 		ses.decryptreadbuf = buf_new(blocksize);
 	}
 
@@ -600,7 +600,7 @@
 			break;
 		}
 
-		assert(ses.keys->trans_zstream->avail_out == 0);
+		dropbear_assert(ses.keys->trans_zstream->avail_out == 0);
 
 		/* the buffer has been filled, we must extend. This only happens in
 		 * unusual circumstances where the data grows in size after deflate(),
--- a/queue.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/queue.c	Mon Sep 05 15:16:10 2005 +0000
@@ -42,7 +42,7 @@
 
 	void* ret;
 	struct Link* oldhead;
-	assert(!isempty(queue));
+	dropbear_assert(!isempty(queue));
 	
 	ret = queue->head->item;
 	oldhead = queue->head;
@@ -62,7 +62,7 @@
 
 void *examine(struct Queue* queue) {
 
-	assert(!isempty(queue));
+	dropbear_assert(!isempty(queue));
 	return queue->head->item;
 }
 
--- a/rsa.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/rsa.c	Mon Sep 05 15:16:10 2005 +0000
@@ -49,7 +49,7 @@
 int buf_get_rsa_pub_key(buffer* buf, rsa_key *key) {
 
 	TRACE(("enter buf_get_rsa_pub_key"))
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 	key->e = m_malloc(sizeof(mp_int));
 	key->n = m_malloc(sizeof(mp_int));
 	m_mp_init_multi(key->e, key->n, NULL);
@@ -80,7 +80,7 @@
  * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
 int buf_get_rsa_priv_key(buffer* buf, rsa_key *key) {
 
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 
 	TRACE(("enter buf_get_rsa_priv_key"))
 
@@ -163,7 +163,7 @@
 void buf_put_rsa_pub_key(buffer* buf, rsa_key *key) {
 
 	TRACE(("enter buf_put_rsa_pub_key"))
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 
 	buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
 	buf_putmpint(buf, key->e);
@@ -178,7 +178,7 @@
 
 	TRACE(("enter buf_put_rsa_priv_key"))
 
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 	buf_put_rsa_pub_key(buf, key);
 	buf_putmpint(buf, key->d);
 
@@ -209,7 +209,7 @@
 
 	TRACE(("enter buf_rsa_verify"))
 
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 
 	m_mp_init_multi(&rsa_mdash, &rsa_s, &rsa_em, NULL);
 
@@ -267,7 +267,7 @@
 	unsigned char *tmpbuf;
 	
 	TRACE(("enter buf_put_rsa_sign"))
-	assert(key != NULL);
+	dropbear_assert(key != NULL);
 
 	m_mp_init_multi(&rsa_s, &rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL);
 
@@ -320,7 +320,7 @@
 	buf_putint(buf, nsize);
 	/* pad out s to same length as n */
 	ssize = mp_unsigned_bin_size(&rsa_s);
-	assert(ssize <= nsize);
+	dropbear_assert(ssize <= nsize);
 	for (i = 0; i < nsize-ssize; i++) {
 		buf_putbyte(buf, 0x00);
 	}
@@ -365,8 +365,8 @@
 	hash_state hs;
 	unsigned int nsize;
 	
-	assert(key != NULL);
-	assert(data != NULL);
+	dropbear_assert(key != NULL);
+	dropbear_assert(data != NULL);
 	nsize = mp_unsigned_bin_size(key->n);
 
 	rsa_EM = buf_new(nsize-1);
@@ -387,7 +387,7 @@
 	sha1_done(&hs, buf_getwriteptr(rsa_EM, SHA1_HASH_SIZE));
 	buf_incrwritepos(rsa_EM, SHA1_HASH_SIZE);
 
-	assert(rsa_EM->pos == rsa_EM->size);
+	dropbear_assert(rsa_EM->pos == rsa_EM->size);
 
 	/* Create the mp_int from the encoded bytes */
 	buf_setpos(rsa_EM, 0);
--- a/svr-authpubkey.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/svr-authpubkey.c	Mon Sep 05 15:16:10 2005 +0000
@@ -266,7 +266,6 @@
 
 	TRACE(("enter checkpubkeyperms"))
 
-	assert(ses.authstate.pw);
 	if (ses.authstate.pw->pw_dir == NULL) {
 		goto out;
 	}
--- a/svr-chansession.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/svr-chansession.c	Mon Sep 05 15:16:10 2005 +0000
@@ -148,8 +148,8 @@
 static void send_msg_chansess_exitstatus(struct Channel * channel,
 		struct ChanSess * chansess) {
 
-	assert(chansess->exit.exitpid != -1);
-	assert(chansess->exit.exitsignal == -1);
+	dropbear_assert(chansess->exit.exitpid != -1);
+	dropbear_assert(chansess->exit.exitsignal == -1);
 
 	CHECKCLEARTOWRITE();
 
@@ -170,8 +170,8 @@
 	int i;
 	char* signame = NULL;
 
-	assert(chansess->exit.exitpid != -1);
-	assert(chansess->exit.exitsignal > 0);
+	dropbear_assert(chansess->exit.exitpid != -1);
+	dropbear_assert(chansess->exit.exitsignal > 0);
 
 	CHECKCLEARTOWRITE();
 
@@ -205,7 +205,7 @@
 
 	struct ChanSess *chansess;
 
-	assert(channel->typedata == NULL);
+	dropbear_assert(channel->typedata == NULL);
 
 	chansess = (struct ChanSess*)m_malloc(sizeof(struct ChanSess));
 	chansess->cmd = NULL;
@@ -279,7 +279,7 @@
 	/* clear child pid entries */
 	for (i = 0; i < svr_ses.childpidsize; i++) {
 		if (svr_ses.childpids[i].chansess == chansess) {
-			assert(svr_ses.childpids[i].pid > 0);
+			dropbear_assert(svr_ses.childpids[i].pid > 0);
 			TRACE(("closing pid %d", svr_ses.childpids[i].pid))
 			TRACE(("exitpid = %d", chansess->exit.exitpid))
 			svr_ses.childpids[i].pid = -1;
@@ -313,7 +313,7 @@
 	}
 
 	chansess = (struct ChanSess*)channel->typedata;
-	assert(chansess != NULL);
+	dropbear_assert(chansess != NULL);
 	TRACE(("type is %s", type))
 
 	if (strcmp(type, "window-change") == 0) {
--- a/svr-main.c	Fri Sep 02 15:35:18 2005 +0000
+++ b/svr-main.c	Mon Sep 05 15:16:10 2005 +0000
@@ -284,7 +284,7 @@
 								getaddrhostname(&remoteaddr),
 								addrstring);
 				/* don't return */
-				assert(0);
+				dropbear_assert(0);
 			}
 			
 			/* parent */