From 5f0c4271d7fdf29aa8ee28bb257985a8ece553c0 Mon Sep 17 00:00:00 2001 From: fickleheart Date: Sat, 9 Mar 2019 16:46:55 -0600 Subject: [PATCH] Use consts in place of some 16s --- src/d_clisrv.h | 4 ++-- src/d_netcmd.c | 36 ++++++++++++++++++------------------ src/md5.h | 2 ++ src/w_wad.c | 1 - 4 files changed, 22 insertions(+), 21 deletions(-) diff --git a/src/d_clisrv.h b/src/d_clisrv.h index 2937e882..d979fb28 100644 --- a/src/d_clisrv.h +++ b/src/d_clisrv.h @@ -359,13 +359,13 @@ typedef struct UINT8 localplayers; UINT8 needsdownload; UINT8 challengenum; // Non-zero if trying to join with a password attempt - UINT8 challengeanswer[16]; // Join challenge + UINT8 challengeanswer[MD5_LEN]; // Join challenge } ATTRPACK clientconfig_pak; typedef struct { UINT8 challengenum; // Number to send back in join attempt - UINT8 question[16]; // Challenge data to be manipulated and answered with + UINT8 question[MD5_LEN]; // Challenge data to be manipulated and answered with } ATTRPACK joinchallenge_pak; #define SV_SPEEDMASK 0x03 diff --git a/src/d_netcmd.c b/src/d_netcmd.c index 451e9762..abc31949 100644 --- a/src/d_netcmd.c +++ b/src/d_netcmd.c @@ -3444,7 +3444,7 @@ static void D_MD5PasswordPass(const UINT8 *buffer, size_t len, const char *salt, } #define BASESALT "basepasswordstorage" -static UINT8 adminpassmd5[16]; +static UINT8 adminpassmd5[MD5_LEN]; static boolean adminpasswordset = false; void D_SetPassword(const char *pw) @@ -3483,7 +3483,7 @@ static void Command_Login_f(void) // If we have no MD5 support then completely disable XD_LOGIN responses for security. CONS_Alert(CONS_NOTICE, "Remote administration commands are not supported in this build.\n"); #else - XBOXSTATIC UINT8 finalmd5[16]; + XBOXSTATIC UINT8 finalmd5[MD5_LEN]; const char *pw; if (!netgame) @@ -3506,11 +3506,11 @@ static void Command_Login_f(void) D_MD5PasswordPass((const UINT8 *)pw, strlen(pw), BASESALT, &finalmd5); // Do the final pass to get the comparison the server will come up with - D_MD5PasswordPass(finalmd5, 16, va("PNUM%02d", consoleplayer), &finalmd5); + D_MD5PasswordPass(finalmd5, MD5_LEN, va("PNUM%02d", consoleplayer), &finalmd5); CONS_Printf(M_GetText("Sending login... (Notice only given if password is correct.)\n")); - SendNetXCmd(XD_LOGIN, finalmd5, 16); + SendNetXCmd(XD_LOGIN, finalmd5, MD5_LEN); #endif } @@ -3521,9 +3521,9 @@ static void Got_Login(UINT8 **cp, INT32 playernum) (void)cp; (void)playernum; #else - UINT8 sentmd5[16], finalmd5[16]; + UINT8 sentmd5[MD5_LEN], finalmd5[MD5_LEN]; - READMEM(*cp, sentmd5, 16); + READMEM(*cp, sentmd5, MD5_LEN); if (client) return; @@ -3535,9 +3535,9 @@ static void Got_Login(UINT8 **cp, INT32 playernum) } // Do the final pass to compare with the sent md5 - D_MD5PasswordPass(adminpassmd5, 16, va("PNUM%02d", playernum), &finalmd5); + D_MD5PasswordPass(adminpassmd5, MD5_LEN, va("PNUM%02d", playernum), &finalmd5); - if (!memcmp(sentmd5, finalmd5, 16)) + if (!memcmp(sentmd5, finalmd5, MD5_LEN)) { CONS_Printf(M_GetText("%s passed authentication.\n"), player_names[playernum]); COM_BufInsertText(va("promote %d\n", playernum)); // do this immediately @@ -3710,9 +3710,9 @@ static void Got_Removal(UINT8 **cp, INT32 playernum) consvar_t cv_dummyjoinpassword = {"dummyjoinpassword", "", CV_HIDEN|CV_NOSHOWHELP, NULL, NULL, 0, NULL, NULL, 0, 0, NULL}; #define NUMJOINCHALLENGES 32 -static UINT8 joinpassmd5[17]; +static UINT8 joinpassmd5[MD5_LEN+1]; boolean joinpasswordset = false; -static UINT8 joinpasschallenges[NUMJOINCHALLENGES][17]; +static UINT8 joinpasschallenges[NUMJOINCHALLENGES][MD5_LEN+1]; static tic_t joinpasschallengeson[NUMJOINCHALLENGES]; boolean D_IsJoinPasswordOn(void) @@ -3722,21 +3722,21 @@ boolean D_IsJoinPasswordOn(void) static inline void GetChallengeAnswer(UINT8 *question, UINT8 *passwordmd5, UINT8 *answer) { - D_MD5PasswordPass(question, 16, (char *) passwordmd5, answer); + D_MD5PasswordPass(question, MD5_LEN, (char *) passwordmd5, answer); } void D_ComputeChallengeAnswer(UINT8 *question, const char *pw, UINT8 *answer) { - static UINT8 passwordmd5[17]; + static UINT8 passwordmd5[MD5_LEN+1]; - memset(passwordmd5, 0x00, 17); + memset(passwordmd5, 0x00, MD5_LEN+1); D_MD5PasswordPass((const UINT8 *)pw, strlen(pw), BASESALT, &passwordmd5); GetChallengeAnswer(question, passwordmd5, answer); } void D_SetJoinPassword(const char *pw) { - memset(joinpassmd5, 0x00, 17); + memset(joinpassmd5, 0x00, MD5_LEN+1); D_MD5PasswordPass((const UINT8 *)pw, strlen(pw), BASESALT, &joinpassmd5); joinpasswordset = true; } @@ -3748,11 +3748,11 @@ boolean D_VerifyJoinPasswordChallenge(UINT8 num, UINT8 *answer) num %= NUMJOINCHALLENGES; //@TODO use a constant-time memcmp.... - if (joinpasschallengeson[num] > 0 && memcmp(answer, joinpasschallenges[num], 16) == 0) + if (joinpasschallengeson[num] > 0 && memcmp(answer, joinpasschallenges[num], MD5_LEN) == 0) passed = true; // Wipe and reset the challenge so that it can't be tried against again, as a small measure against brute-force attacks. - memset(joinpasschallenges[num], 0x00, 17); + memset(joinpasschallenges[num], 0x00, MD5_LEN+1); joinpasschallengeson[num] = 0; return passed; @@ -3787,8 +3787,8 @@ void D_MakeJoinPasswordChallenge(UINT8 *num, UINT8 *question) joinpasschallengeson[(*num)] = I_GetTime(); - memset(question, 0x00, 17); - for (i = 0; i < 16; i++) + memset(question, 0x00, MD5_LEN+1); + for (i = 0; i < MD5_LEN; i++) question[i] = M_RandomByte(); // Store the answer in memory. What was the question again? diff --git a/src/md5.h b/src/md5.h index 0fe017f5..eaa85dc1 100644 --- a/src/md5.h +++ b/src/md5.h @@ -22,6 +22,8 @@ # include #endif +#define MD5_LEN 16 + /* The following contortions are an attempt to use the C preprocessor to determine an unsigned integral type that is 32 bits wide. An alternative approach is to use autoconf's AC_CHECK_SIZEOF macro, but diff --git a/src/w_wad.c b/src/w_wad.c index d1c6d488..b4ae1e0a 100644 --- a/src/w_wad.c +++ b/src/w_wad.c @@ -1556,7 +1556,6 @@ void *W_CachePatchName(const char *name, INT32 tag) return W_CachePatchNum(num, tag); } #ifndef NOMD5 -#define MD5_LEN 16 /** * Prints an MD5 string into a human-readable textual format.