xref: /freebsd/sbin/dhclient/parse.c (revision 5ab1c5846ff41be24b1f6beb0317bf8258cd4409)
1 /*	$OpenBSD: parse.c,v 1.11 2004/05/05 23:07:47 deraadt Exp $	*/
2 
3 /* Common parser code for dhcpd and dhclient. */
4 
5 /*-
6  * SPDX-License-Identifier: BSD-3-Clause
7  *
8  * Copyright (c) 1995, 1996, 1997, 1998 The Internet Software Consortium.
9  * All rights reserved.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  *
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  * 3. Neither the name of The Internet Software Consortium nor the names
21  *    of its contributors may be used to endorse or promote products derived
22  *    from this software without specific prior written permission.
23  *
24  * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
25  * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
26  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
27  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
28  * DISCLAIMED.  IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
29  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
31  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
32  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
33  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
34  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
35  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36  * SUCH DAMAGE.
37  *
38  * This software has been written for the Internet Software Consortium
39  * by Ted Lemon <mellon@fugue.com> in cooperation with Vixie
40  * Enterprises.  To learn more about the Internet Software Consortium,
41  * see ``http://www.vix.com/isc''.  To learn more about Vixie
42  * Enterprises, see ``http://www.vix.com''.
43  */
44 
45 #include <sys/cdefs.h>
46 __FBSDID("$FreeBSD$");
47 
48 #include <stdbool.h>
49 
50 #include "dhcpd.h"
51 #include "dhctoken.h"
52 
53 /* Skip to the semicolon ending the current statement.   If we encounter
54  * braces, the matching closing brace terminates the statement.   If we
55  * encounter a right brace but haven't encountered a left brace, return
56  * leaving the brace in the token buffer for the caller.   If we see a
57  * semicolon and haven't seen a left brace, return.   This lets us skip
58  * over:
59  *
60  *	statement;
61  *	statement foo bar { }
62  *	statement foo bar { statement { } }
63  *	statement}
64  *
65  *	...et cetera.
66  */
67 void
68 skip_to_semi(FILE *cfile)
69 {
70 	int brace_count = 0, token;
71 	char *val;
72 
73 	do {
74 		token = peek_token(&val, cfile);
75 		if (token == RBRACE) {
76 			if (brace_count) {
77 				token = next_token(&val, cfile);
78 				if (!--brace_count)
79 					return;
80 			} else
81 				return;
82 		} else if (token == LBRACE) {
83 			brace_count++;
84 		} else if (token == SEMI && !brace_count) {
85 			token = next_token(&val, cfile);
86 			return;
87 		} else if (token == '\n') {
88 			/*
89 			 * EOL only happens when parsing
90 			 * /etc/resolv.conf, and we treat it like a
91 			 * semicolon because the resolv.conf file is
92 			 * line-oriented.
93 			 */
94 			token = next_token(&val, cfile);
95 			return;
96 		}
97 		token = next_token(&val, cfile);
98 	} while (token != EOF);
99 }
100 
101 int
102 parse_semi(FILE *cfile)
103 {
104 	int token;
105 	char *val;
106 
107 	token = next_token(&val, cfile);
108 	if (token != SEMI) {
109 		parse_warn("semicolon expected.");
110 		skip_to_semi(cfile);
111 		return (0);
112 	}
113 	return (1);
114 }
115 
116 /*
117  * string-parameter :== STRING SEMI
118  */
119 char *
120 parse_string(FILE *cfile)
121 {
122 	char *val, *s;
123 	size_t valsize;
124 	int token;
125 
126 	token = next_token(&val, cfile);
127 	if (token != STRING) {
128 		parse_warn("filename must be a string");
129 		skip_to_semi(cfile);
130 		return (NULL);
131 	}
132 	valsize = strlen(val) + 1;
133 	s = malloc(valsize);
134 	if (!s)
135 		error("no memory for string %s.", val);
136 	memcpy(s, val, valsize);
137 
138 	if (!parse_semi(cfile)) {
139 		free(s);
140 		return (NULL);
141 	}
142 	return (s);
143 }
144 
145 int
146 parse_ip_addr(FILE *cfile, struct iaddr *addr)
147 {
148 	addr->len = 4;
149 	if (parse_numeric_aggregate(cfile, addr->iabuf,
150 	    &addr->len, DOT, 10, 8))
151 		return (1);
152 	return (0);
153 }
154 
155 /*
156  * hardware-parameter :== HARDWARE ETHERNET csns SEMI
157  * csns :== NUMBER | csns COLON NUMBER
158  */
159 void
160 parse_hardware_param(FILE *cfile, struct hardware *hardware)
161 {
162 	unsigned char *t;
163 	int token;
164 	size_t hlen;
165 	char *val;
166 
167 	token = next_token(&val, cfile);
168 	switch (token) {
169 	case ETHERNET:
170 		hardware->htype = HTYPE_ETHER;
171 		break;
172 	case TOKEN_RING:
173 		hardware->htype = HTYPE_IEEE802;
174 		break;
175 	case FDDI:
176 		hardware->htype = HTYPE_FDDI;
177 		break;
178 	default:
179 		parse_warn("expecting a network hardware type");
180 		skip_to_semi(cfile);
181 		return;
182 	}
183 
184 	/*
185 	 * Parse the hardware address information.   Technically, it
186 	 * would make a lot of sense to restrict the length of the data
187 	 * we'll accept here to the length of a particular hardware
188 	 * address type.   Unfortunately, there are some broken clients
189 	 * out there that put bogus data in the chaddr buffer, and we
190 	 * accept that data in the lease file rather than simply failing
191 	 * on such clients.   Yuck.
192 	 */
193 	hlen = 0;
194 	t = parse_numeric_aggregate(cfile, NULL, &hlen, COLON, 16, 8);
195 	if (!t)
196 		return;
197 	if (hlen > sizeof(hardware->haddr)) {
198 		free(t);
199 		parse_warn("hardware address too long");
200 	} else {
201 		hardware->hlen = hlen;
202 		memcpy((unsigned char *)&hardware->haddr[0], t,
203 		    hardware->hlen);
204 		if (hlen < sizeof(hardware->haddr))
205 			memset(&hardware->haddr[hlen], 0,
206 			    sizeof(hardware->haddr) - hlen);
207 		free(t);
208 	}
209 
210 	token = next_token(&val, cfile);
211 	if (token != SEMI) {
212 		parse_warn("expecting semicolon.");
213 		skip_to_semi(cfile);
214 	}
215 }
216 
217 /*
218  * lease-time :== NUMBER SEMI
219  */
220 void
221 parse_lease_time(FILE *cfile, time_t *timep)
222 {
223 	char *val;
224 	int token;
225 
226 	token = next_token(&val, cfile);
227 	if (token != NUMBER) {
228 		parse_warn("Expecting numeric lease time");
229 		skip_to_semi(cfile);
230 		return;
231 	}
232 	convert_num((unsigned char *)timep, val, 10, 32);
233 	/* Unswap the number - convert_num returns stuff in NBO. */
234 	*timep = ntohl(*timep); /* XXX */
235 
236 	parse_semi(cfile);
237 }
238 
239 /*
240  * No BNF for numeric aggregates - that's defined by the caller.  What
241  * this function does is to parse a sequence of numbers separated by the
242  * token specified in separator.  If max is zero, any number of numbers
243  * will be parsed; otherwise, exactly max numbers are expected.  Base
244  * and size tell us how to internalize the numbers once they've been
245  * tokenized.
246  */
247 unsigned char *
248 parse_numeric_aggregate(FILE *cfile, unsigned char *buf, size_t *max,
249     int separator, unsigned base, int size)
250 {
251 	unsigned char *bufp = buf, *s = NULL;
252 	int token;
253 	char *val, *t;
254 	size_t valsize, count = 0;
255 	pair c = NULL;
256 	unsigned char *lbufp = NULL;
257 
258 	if (!bufp && *max) {
259 		lbufp = bufp = malloc(*max * size / 8);
260 		if (!bufp)
261 			error("can't allocate space for numeric aggregate");
262 	} else
263 		s = bufp;
264 
265 	do {
266 		if (count) {
267 			token = peek_token(&val, cfile);
268 			if (token != separator) {
269 				if (!*max)
270 					break;
271 				if (token != RBRACE && token != LBRACE)
272 					token = next_token(&val, cfile);
273 				parse_warn("too few numbers.");
274 				if (token != SEMI)
275 					skip_to_semi(cfile);
276 				free(lbufp);
277 				return (NULL);
278 			}
279 			token = next_token(&val, cfile);
280 		}
281 		token = next_token(&val, cfile);
282 
283 		if (token == EOF) {
284 			parse_warn("unexpected end of file");
285 			break;
286 		}
287 
288 		/* Allow NUMBER_OR_NAME if base is 16. */
289 		if (token != NUMBER &&
290 		    (base != 16 || token != NUMBER_OR_NAME)) {
291 			parse_warn("expecting numeric value.");
292 			skip_to_semi(cfile);
293 			free(lbufp);
294 			return (NULL);
295 		}
296 		/*
297 		 * If we can, convert the number now; otherwise, build a
298 		 * linked list of all the numbers.
299 		 */
300 		if (s) {
301 			convert_num(s, val, base, size);
302 			s += size / 8;
303 		} else {
304 			valsize = strlen(val) + 1;
305 			t = malloc(valsize);
306 			if (!t)
307 				error("no temp space for number.");
308 			memcpy(t, val, valsize);
309 			c = cons(t, c);
310 		}
311 	} while (++count != *max);
312 
313 	/* If we had to cons up a list, convert it now. */
314 	if (c) {
315 		free(lbufp);
316 		bufp = malloc(count * size / 8);
317 		if (!bufp)
318 			error("can't allocate space for numeric aggregate.");
319 		s = bufp + count - size / 8;
320 		*max = count;
321 	}
322 	while (c) {
323 		pair cdr = c->cdr;
324 		convert_num(s, (char *)c->car, base, size);
325 		s -= size / 8;
326 		/* Free up temp space. */
327 		free(c->car);
328 		free(c);
329 		c = cdr;
330 	}
331 	return (bufp);
332 }
333 
334 void
335 convert_num(unsigned char *buf, char *str, unsigned base, int size)
336 {
337 	bool negative = false;
338 	unsigned tval, max;
339 	u_int32_t val = 0;
340 	char *ptr = str;
341 
342 	if (*ptr == '-') {
343 		negative = true;
344 		ptr++;
345 	}
346 
347 	/* If base wasn't specified, figure it out from the data. */
348 	if (!base) {
349 		if (ptr[0] == '0') {
350 			if (ptr[1] == 'x') {
351 				base = 16;
352 				ptr += 2;
353 			} else if (isascii(ptr[1]) && isdigit(ptr[1])) {
354 				base = 8;
355 				ptr += 1;
356 			} else
357 				base = 10;
358 		} else
359 			base = 10;
360 	}
361 
362 	do {
363 		tval = *ptr++;
364 		/* XXX assumes ASCII... */
365 		if (tval >= 'a')
366 			tval = tval - 'a' + 10;
367 		else if (tval >= 'A')
368 			tval = tval - 'A' + 10;
369 		else if (tval >= '0')
370 			tval -= '0';
371 		else {
372 			warning("Bogus number: %s.", str);
373 			break;
374 		}
375 		if (tval >= base) {
376 			warning("Bogus number: %s: digit %d not in base %d",
377 			    str, tval, base);
378 			break;
379 		}
380 		val = val * base + tval;
381 	} while (*ptr);
382 
383 	if (negative)
384 		max = (1 << (size - 1));
385 	else
386 		max = (1 << (size - 1)) + ((1 << (size - 1)) - 1);
387 	if (val > max) {
388 		switch (base) {
389 		case 8:
390 			warning("value %s%o exceeds max (%d) for precision.",
391 			    negative ? "-" : "", val, max);
392 			break;
393 		case 16:
394 			warning("value %s%x exceeds max (%d) for precision.",
395 			    negative ? "-" : "", val, max);
396 			break;
397 		default:
398 			warning("value %s%u exceeds max (%d) for precision.",
399 			    negative ? "-" : "", val, max);
400 			break;
401 		}
402 	}
403 
404 	if (negative)
405 		switch (size) {
406 		case 8:
407 			*buf = -(unsigned long)val;
408 			break;
409 		case 16:
410 			putShort(buf, -(unsigned long)val);
411 			break;
412 		case 32:
413 			putLong(buf, -(unsigned long)val);
414 			break;
415 		default:
416 			warning("Unexpected integer size: %d", size);
417 			break;
418 		}
419 	else
420 		switch (size) {
421 		case 8:
422 			*buf = (u_int8_t)val;
423 			break;
424 		case 16:
425 			putUShort(buf, (u_int16_t)val);
426 			break;
427 		case 32:
428 			putULong(buf, val);
429 			break;
430 		default:
431 			warning("Unexpected integer size: %d", size);
432 			break;
433 		}
434 }
435 
436 /*
437  * date :== NUMBER NUMBER SLASH NUMBER SLASH NUMBER
438  *		NUMBER COLON NUMBER COLON NUMBER SEMI
439  *
440  * Dates are always in GMT; first number is day of week; next is
441  * year/month/day; next is hours:minutes:seconds on a 24-hour
442  * clock.
443  */
444 time_t
445 parse_date(FILE *cfile)
446 {
447 	static int months[11] = { 31, 59, 90, 120, 151, 181,
448 	    212, 243, 273, 304, 334 };
449 	int guess, token;
450 	struct tm tm;
451 	char *val;
452 
453 	/* Day of week... */
454 	token = next_token(&val, cfile);
455 	if (token != NUMBER) {
456 		parse_warn("numeric day of week expected.");
457 		if (token != SEMI)
458 			skip_to_semi(cfile);
459 		return (0);
460 	}
461 	tm.tm_wday = atoi(val);
462 
463 	/* Year... */
464 	token = next_token(&val, cfile);
465 	if (token != NUMBER) {
466 		parse_warn("numeric year expected.");
467 		if (token != SEMI)
468 			skip_to_semi(cfile);
469 		return (0);
470 	}
471 	tm.tm_year = atoi(val);
472 	if (tm.tm_year > 1900)
473 		tm.tm_year -= 1900;
474 
475 	/* Slash separating year from month... */
476 	token = next_token(&val, cfile);
477 	if (token != SLASH) {
478 		parse_warn("expected slash separating year from month.");
479 		if (token != SEMI)
480 			skip_to_semi(cfile);
481 		return (0);
482 	}
483 
484 	/* Month... */
485 	token = next_token(&val, cfile);
486 	if (token != NUMBER) {
487 		parse_warn("numeric month expected.");
488 		if (token != SEMI)
489 			skip_to_semi(cfile);
490 		return (0);
491 	}
492 	tm.tm_mon = atoi(val) - 1;
493 
494 	/* Slash separating month from day... */
495 	token = next_token(&val, cfile);
496 	if (token != SLASH) {
497 		parse_warn("expected slash separating month from day.");
498 		if (token != SEMI)
499 			skip_to_semi(cfile);
500 		return (0);
501 	}
502 
503 	/* Month... */
504 	token = next_token(&val, cfile);
505 	if (token != NUMBER) {
506 		parse_warn("numeric day of month expected.");
507 		if (token != SEMI)
508 			skip_to_semi(cfile);
509 		return (0);
510 	}
511 	tm.tm_mday = atoi(val);
512 
513 	/* Hour... */
514 	token = next_token(&val, cfile);
515 	if (token != NUMBER) {
516 		parse_warn("numeric hour expected.");
517 		if (token != SEMI)
518 			skip_to_semi(cfile);
519 		return (0);
520 	}
521 	tm.tm_hour = atoi(val);
522 
523 	/* Colon separating hour from minute... */
524 	token = next_token(&val, cfile);
525 	if (token != COLON) {
526 		parse_warn("expected colon separating hour from minute.");
527 		if (token != SEMI)
528 			skip_to_semi(cfile);
529 		return (0);
530 	}
531 
532 	/* Minute... */
533 	token = next_token(&val, cfile);
534 	if (token != NUMBER) {
535 		parse_warn("numeric minute expected.");
536 		if (token != SEMI)
537 			skip_to_semi(cfile);
538 		return (0);
539 	}
540 	tm.tm_min = atoi(val);
541 
542 	/* Colon separating minute from second... */
543 	token = next_token(&val, cfile);
544 	if (token != COLON) {
545 		parse_warn("expected colon separating hour from minute.");
546 		if (token != SEMI)
547 			skip_to_semi(cfile);
548 		return (0);
549 	}
550 
551 	/* Minute... */
552 	token = next_token(&val, cfile);
553 	if (token != NUMBER) {
554 		parse_warn("numeric minute expected.");
555 		if (token != SEMI)
556 			skip_to_semi(cfile);
557 		return (0);
558 	}
559 	tm.tm_sec = atoi(val);
560 	tm.tm_isdst = 0;
561 
562 	/* XXX: We assume that mktime does not use tm_yday. */
563 	tm.tm_yday = 0;
564 
565 	/* Make sure the date ends in a semicolon... */
566 	token = next_token(&val, cfile);
567 	if (token != SEMI) {
568 		parse_warn("semicolon expected.");
569 		skip_to_semi(cfile);
570 		return (0);
571 	}
572 
573 	/* Guess the time value... */
574 	guess = ((((((365 * (tm.tm_year - 70) +	/* Days in years since '70 */
575 		    (tm.tm_year - 69) / 4 +	/* Leap days since '70 */
576 		    (tm.tm_mon			/* Days in months this year */
577 		    ? months[tm.tm_mon - 1]
578 		    : 0) +
579 		    (tm.tm_mon > 1 &&		/* Leap day this year */
580 		    !((tm.tm_year - 72) & 3)) +
581 		    tm.tm_mday - 1) * 24) +	/* Day of month */
582 		    tm.tm_hour) * 60) +
583 		    tm.tm_min) * 60) + tm.tm_sec;
584 
585 	/*
586 	 * This guess could be wrong because of leap seconds or other
587 	 * weirdness we don't know about that the system does.   For
588 	 * now, we're just going to accept the guess, but at some point
589 	 * it might be nice to do a successive approximation here to get
590 	 * an exact value.   Even if the error is small, if the server
591 	 * is restarted frequently (and thus the lease database is
592 	 * reread), the error could accumulate into something
593 	 * significant.
594 	 */
595 	return (guess);
596 }
597