[base16] Add buffer size parameter to base16_encode() and base16_decode()

The current API for Base16 (and Base64) encoding requires the caller
to always provide sufficient buffer space.  This prevents the use of
the generic encoding/decoding functionality in some situations, such
as in formatting the hex setting types.

Implement a generic hex_encode() (based on the existing
format_hex_setting()), implement base16_encode() and base16_decode()
in terms of the more generic hex_encode() and hex_decode(), and update
all callers to provide the additional buffer length parameter.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

4 files changed, 18 insertions, 14 deletions

diff --git a/src/net/infiniband/ib_srp.c b/src/net/infiniband/ib_srp.c
index 7b2b2b4e..3700184c 100644
--- a/src/net/infiniband/ib_srp.c
+++ b/src/net/infiniband/ib_srp.c
@@ -291,7 +291,7 @@ static int ib_srp_parse_byte_string ( const char *rp_comp, uint8_t *bytes,
 		return -EINVAL_BYTE_STRING_LEN;
 
 	/* Parse byte string */
-	decoded_size = base16_decode ( rp_comp, bytes );
+	decoded_size = base16_decode ( rp_comp, bytes, size );
 	if ( decoded_size < 0 )
 		return decoded_size;
 
diff --git a/src/net/pccrc.c b/src/net/pccrc.c
index 10342207..6ea26b3d 100644
--- a/src/net/pccrc.c
+++ b/src/net/pccrc.c
@@ -63,7 +63,7 @@ peerdist_info_hash_ntoa ( const struct peerdist_info *info, const void *hash ) {
 	assert ( base16_encoded_len ( digestsize ) < sizeof ( buf ) );
 
 	/* Transcribe hash value */
-	base16_encode ( hash, digestsize, buf );
+	base16_encode ( hash, digestsize, buf, sizeof ( buf ) );
 	return buf;
 }
 
diff --git a/src/net/tcp/httpcore.c b/src/net/tcp/httpcore.c
index 42a0f90e..d94ab5f0 100644
--- a/src/net/tcp/httpcore.c
+++ b/src/net/tcp/httpcore.c
@@ -1122,12 +1122,14 @@ static void http_digest_update ( struct md5_context *ctx, const char *string ) {
  *
  * @v ctx		Digest context
  * @v out		Buffer for digest output
+ * @v len		Buffer length
  */
-static void http_digest_final ( struct md5_context *ctx, char *out ) {
+static void http_digest_final ( struct md5_context *ctx, char *out,
+				size_t len ) {
 	uint8_t digest[MD5_DIGEST_SIZE];
 
 	digest_final ( &md5_algorithm, ctx, digest );
-	base16_encode ( digest, sizeof ( digest ), out );
+	base16_encode ( digest, sizeof ( digest ), out, len );
 }
 
 /**
@@ -1172,20 +1174,20 @@ static char * http_digest_auth ( struct http_request *http,
 	http_digest_update ( &ctx, user );
 	http_digest_update ( &ctx, realm );
 	http_digest_update ( &ctx, password );
-	http_digest_final ( &ctx, ha1 );
+	http_digest_final ( &ctx, ha1, sizeof ( ha1 ) );
 	if ( md5sess ) {
 		http_digest_init ( &ctx );
 		http_digest_update ( &ctx, ha1 );
 		http_digest_update ( &ctx, nonce );
 		http_digest_update ( &ctx, cnonce );
-		http_digest_final ( &ctx, ha1 );
+		http_digest_final ( &ctx, ha1, sizeof ( ha1 ) );
 	}
 
 	/* Generate HA2 */
 	http_digest_init ( &ctx );
 	http_digest_update ( &ctx, method );
 	http_digest_update ( &ctx, uri );
-	http_digest_final ( &ctx, ha2 );
+	http_digest_final ( &ctx, ha2, sizeof ( ha2 ) );
 
 	/* Generate response */
 	http_digest_init ( &ctx );
@@ -1197,7 +1199,7 @@ static char * http_digest_auth ( struct http_request *http,
 		http_digest_update ( &ctx, "auth" /* qop */ );
 	}
 	http_digest_update ( &ctx, ha2 );
-	http_digest_final ( &ctx, response );
+	http_digest_final ( &ctx, response, sizeof ( response ) );
 
 	/* Generate the authorisation string */
 	len = asprintf ( &auth, "Authorization: Digest username=\"%s\", "
diff --git a/src/net/tcp/iscsi.c b/src/net/tcp/iscsi.c
index 2e420d9a..e553b214 100644
--- a/src/net/tcp/iscsi.c
+++ b/src/net/tcp/iscsi.c
@@ -709,7 +709,7 @@ static int iscsi_build_login_request_strings ( struct iscsi_session *iscsi,
 		char buf[ base16_encoded_len ( iscsi->chap.response_len ) + 1 ];
 		assert ( iscsi->initiator_username != NULL );
 		base16_encode ( iscsi->chap.response, iscsi->chap.response_len,
-				buf );
+				buf, sizeof ( buf ) );
 		used += ssnprintf ( data + used, len - used,
 				    "CHAP_N=%s%cCHAP_R=0x%s%c",
 				    iscsi->initiator_username, 0, buf, 0 );
@@ -719,7 +719,7 @@ static int iscsi_build_login_request_strings ( struct iscsi_session *iscsi,
 		size_t challenge_len = ( sizeof ( iscsi->chap_challenge ) - 1 );
 		char buf[ base16_encoded_len ( challenge_len ) + 1 ];
 		base16_encode ( ( iscsi->chap_challenge + 1 ), challenge_len,
-				buf );
+				buf, sizeof ( buf ) );
 		used += ssnprintf ( data + used, len - used,
 				    "CHAP_I=%d%cCHAP_C=0x%s%c",
 				    iscsi->chap_challenge[0], 0, buf, 0 );
@@ -833,15 +833,17 @@ static int iscsi_tx_login_request ( struct iscsi_session *iscsi ) {
  *
  * @v encoded		Encoded large binary value
  * @v raw		Raw data
+ * @v len		Length of data buffer
  * @ret len		Length of raw data, or negative error
  */
-static int iscsi_large_binary_decode ( const char *encoded, uint8_t *raw ) {
+static int iscsi_large_binary_decode ( const char *encoded, uint8_t *raw,
+				       size_t len ) {
 
 	/* Check for initial '0x' or '0b' and decode as appropriate */
 	if ( *(encoded++) == '0' ) {
 		switch ( tolower ( *(encoded++) ) ) {
 		case 'x' :
-			return base16_decode ( encoded, raw );
+			return base16_decode ( encoded, raw, len );
 		case 'b' :
 			return base64_decode ( encoded, raw );
 		}
@@ -980,7 +982,7 @@ static int iscsi_handle_chap_c_value ( struct iscsi_session *iscsi,
 	int rc;
 
 	/* Process challenge */
-	len = iscsi_large_binary_decode ( value, buf );
+	len = iscsi_large_binary_decode ( value, buf, sizeof ( buf ) );
 	if ( len < 0 ) {
 		rc = len;
 		DBGC ( iscsi, "iSCSI %p invalid CHAP challenge \"%s\": %s\n",
@@ -1065,7 +1067,7 @@ static int iscsi_handle_chap_r_value ( struct iscsi_session *iscsi,
 	chap_respond ( &iscsi->chap );
 
 	/* Process response */
-	len = iscsi_large_binary_decode ( value, buf );
+	len = iscsi_large_binary_decode ( value, buf, sizeof ( buf ) );
 	if ( len < 0 ) {
 		rc = len;
 		DBGC ( iscsi, "iSCSI %p invalid CHAP response \"%s\": %s\n",