Fix parsing of escape sequences in strings

Author: k0ekk0ek

src/fallback/text.h

@@ -27,77 +27,52 @@ static really_inline uint32_t unescape(const char *text, uint8_t *wire)
 }
 
 nonnull_all
-static really_inline int32_t parse_text_inner(
-  parser_t *parser,
-  const type_info_t *type,
-  const rdata_info_t *field,
-  rdata_t *rdata,
-  const token_t *token)
+static really_inline int32_t scan_string(
+  const char *data,
+  size_t length,
+  uint8_t *octets,
+  const uint8_t *limit)
 {
-  uint32_t skip;
-  const char *data = token->data, *limit = token->data + token->length;
+  const char *text = data, *text_limit = data + length;
+  uint8_t *wire = octets;
 
-  if ((uintptr_t)rdata->limit - (uintptr_t)rdata->octets >= token->length) {
-    while (data < limit) {
-      *rdata->octets = (uint8_t)*data;
-      if (likely(*data != '\\'))
-        (void)(rdata->octets += 1), data += 1;
-      else if (!(skip = unescape(data, rdata->octets)))
-        SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(field), NAME(type));
-      else
-        (void)(rdata->octets += 1), data += skip;
+  if (likely((uintptr_t)limit - (uintptr_t)wire >= length)) {
+    while (text < text_limit) {
+      *wire = (uint8_t)*text;
+      if (likely(*text != '\\')) {
+        text += 1;
+        wire += 1;
+      } else {
+        const uint32_t octet = unescape(text, wire);
+        if (!octet)
+          return -1;
+        text += octet;
+        wire += 1;
+      }
     }
 
-    if (data != limit)
-      SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(field), NAME(type));
-    return 0;
+    if (text != text_limit)
+      return -1;
+    return (int32_t)(wire - octets);
   } else {
-    while (data < limit && rdata->octets < rdata->limit) {
-      *rdata->octets = (uint8_t)*data;
-      if (likely(*data != '\\'))
-        (void)(rdata->octets += 1), data += 1;
-      else if (!(skip = unescape(data, rdata->octets)))
-        SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(field), NAME(type));
-      else
-        (void)(rdata->octets += 1), data += skip;
+    while (text < text_limit && wire < limit) {
+      *wire = (uint8_t)*text;
+      if (likely(*text != '\\')) {
+        text += 1;
+        wire += 1;
+      } else {
+        const uint32_t octet = unescape(text, wire);
+        if (!octet)
+          return -1;
+        text += octet;
+        wire += 1;
+      }
     }
 
-    if (data != limit || rdata->octets >= rdata->limit)
-      SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(field), NAME(type));
-    return 0;
+    if (text != text_limit || wire > limit)
+      return -1;
+    return (int32_t)(wire - octets);
   }
 }
 
-nonnull_all
-static really_inline int32_t parse_string(
-  parser_t *parser,
-  const type_info_t *type,
-  const rdata_info_t *field,
-  rdata_t *rdata,
-  const token_t *token)
-{
-  int32_t code;
-  uint8_t *octets = rdata->octets;
-  uint8_t *limit = rdata->limit;
-  if ((uintptr_t)rdata->limit - (uintptr_t)rdata->octets > 1 + 255)
-    rdata->limit = rdata->octets + 1 + 255;
-  rdata->octets += 1;
-
-  code = parse_text_inner(parser, type, field, rdata, token);
-  *octets = (uint8_t)((uintptr_t)rdata->octets - (uintptr_t)octets) - 1;
-  rdata->limit = limit;
-  return code;
-}
-
-nonnull_all
-static really_inline int32_t parse_text(
-  parser_t *parser,
-  const type_info_t *type,
-  const rdata_info_t *field,
-  rdata_t *rdata,
-  const token_t *token)
-{
-  return parse_text_inner(parser, type, field, rdata, token);
-}
-
 #endif // TEXT_H

src/generic/format.h

@@ -105,6 +105,47 @@ static really_inline int32_t parse_owner(
   return 0;
 }
 
+nonnull_all
+static really_inline int32_t parse_string(
+  parser_t *parser,
+  const type_info_t *type,
+  const rdata_info_t *field,
+  rdata_t *rdata,
+  const token_t *token)
+{
+  if (rdata->limit == rdata->octets)
+    SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(type), NAME(field));
+  assert(rdata->limit > rdata->octets);
+
+  int32_t length;
+  uint8_t *octets = rdata->octets + 1;
+  const uint8_t *limit = rdata->limit;
+
+  if (rdata->limit - rdata->octets > (1 + 255))
+    limit = rdata->octets + 1 + 255;
+  if ((length = scan_string(token->data, token->length, octets, limit)) == -1)
+    SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(type), NAME(field));
+  *rdata->octets = (uint8_t)length;
+  rdata->octets += 1u + (uint32_t)length;
+  return 0;
+}
+
+nonnull_all
+static really_inline int32_t parse_text(
+  parser_t *parser,
+  const type_info_t *type,
+  const rdata_info_t *field,
+  rdata_t *rdata,
+  const token_t *token)
+{
+  int32_t length;
+
+  if ((length = scan_string(token->data, token->length, rdata->octets, rdata->limit)) == -1)
+    SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(type), NAME(field));
+  rdata->octets += (uint32_t)length;
+  return 0;
+}
+
 nonnull_all
 static really_inline int32_t parse_rr(
   parser_t *parser, token_t *token)

src/generic/text.h

@@ -44,69 +44,64 @@ static really_inline void copy_string_block(
 }
 
 nonnull_all
-static really_inline int32_t parse_text_inner(
-  parser_t *parser,
-  const type_info_t *type,
-  const rdata_info_t *field,
-  rdata_t *rdata,
-  const token_t *token)
+static really_inline int32_t scan_string(
+  const char *data,
+  size_t length,
+  uint8_t *octets,
+  const uint8_t *limit)
 {
-  string_block_t b;
-  const char *t = token->data, *te = t + token->length;
-  uint64_t left = token->length;
+  const char *text = data;
+  uint8_t *wire = octets;
+  string_block_t block;
 
-  while ((t < te) & (rdata->octets < rdata->limit)) {
-    copy_string_block(&b, t, rdata->octets);
-    uint64_t n = 32;
-    if (left < 32)
-      n = left;
-    uint64_t mask = (1llu << n) - 1;
+  copy_string_block(&block, text, octets);
 
-    if (unlikely(b.backslashes & mask)) {
-      n = trailing_zeroes(b.backslashes);
-      rdata->octets += n; t += n;
-      if (!(n = unescape(t, rdata->octets)))
-        SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(field), NAME(type));
-      rdata->octets += 1; t += n;
-    } else {
-      rdata->octets += n; t += n;
-    }
-  }
+  uint64_t count = 32;
+  if (length < 32)
+    count = length;
+  uint64_t mask = (1llu << count) - 1u;
 
-  if (rdata->octets >= rdata->limit)
-    SYNTAX_ERROR(parser, "Invalid %s in %s", NAME(field), NAME(type));
-  return 0;
-}
+  // check for escape sequences
+  if (unlikely(block.backslashes & mask))
+    goto escaped;
 
-nonnull_all
-static really_inline int32_t parse_string(
-  parser_t *parser,
-  const type_info_t *type,
-  const rdata_info_t *field,
-  rdata_t *rdata,
-  const token_t *token)
-{
-  int32_t code;
-  uint8_t *octets = rdata->octets, *limit = rdata->limit;
-  if (rdata->limit - rdata->octets > 1 + 255)
-    rdata->limit = rdata->octets + 1 + 255;
-  rdata->octets += 1;
+  if (length < 32)
+    return (int32_t)count;
 
-  code = parse_text_inner(parser, type, field, rdata, token);
-  *octets = (uint8_t)((rdata->octets - octets) - 1);
-  rdata->limit = limit;
-  return code;
-}
+  text += count;
+  wire += count;
+  length -= count;
 
-nonnull_all
-static really_inline int32_t parse_text(
-  zone_parser_t *parser,
-  const type_info_t *type,
-  const rdata_info_t *field,
-  rdata_t *rdata,
-  const token_t *token)
-{
-  return parse_text_inner(parser, type, field, rdata, token);
+  do {
+    copy_string_block(&block, text, wire);
+    count = 32;
+    if (length < 32)
+      count = length;
+    mask = (1llu << count) - 1u;
+
+    // check for escape sequences
+    if (unlikely(block.backslashes & mask)) {
+escaped:
+      block.backslashes &= -block.backslashes;
+      mask = block.backslashes - 1;
+      count = count_ones(mask);
+      const uint32_t octet = unescape(text+count, wire+count);
+      if (!octet)
+        return -1;
+      text += count + octet;
+      wire += count + 1;
+      length -= count + octet;
+    } else {
+      text += count;
+      wire += count;
+      length -= count;
+    }
+  } while (length && wire < limit);
+
+  if (length || (wire > limit))
+    return -1;
+  assert(!length);
+  return (int32_t)(wire - octets);
 }
 
 #endif // TEXT_H

src/generic/types.h

@@ -32,6 +32,22 @@ static really_inline int32_t parse_name(
   rdata_t *rdata,
   const token_t *token);
 
+nonnull_all
+static really_inline int32_t parse_string(
+  parser_t *parser,
+  const type_info_t *type,
+  const rdata_info_t *field,
+  rdata_t *rdata,
+  const token_t *token);
+
+nonnull_all
+static really_inline int32_t parse_text(
+  parser_t *parser,
+  const type_info_t *type,
+  const rdata_info_t *field,
+  rdata_t *rdata,
+  const token_t *token);
+
 #define FIELDS(fields) \
   { (sizeof(fields)/sizeof(fields[0])), fields }