349
342
VIX_COMMAND_CATEGORY_PRIVILEGED),
350
343
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_DEBUGGER_SEND_COMMAND,
351
344
VIX_COMMAND_CATEGORY_PRIVILEGED),
353
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_GET_RECORD_STATE,
354
VIX_COMMAND_CATEGORY_PRIVILEGED),
355
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_SET_RECORD_STATE,
356
VIX_COMMAND_CATEGORY_PRIVILEGED),
357
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_REMOVE_RECORD_STATE,
358
VIX_COMMAND_CATEGORY_PRIVILEGED),
359
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_GET_REPLAY_STATE,
360
VIX_COMMAND_CATEGORY_PRIVILEGED),
361
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_SET_REPLAY_STATE,
362
VIX_COMMAND_CATEGORY_PRIVILEGED),
363
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_REMOVE_REPLAY_STATE,
364
VIX_COMMAND_CATEGORY_PRIVILEGED),
345
VIX_DEFINE_UNUSED_COMMAND,
346
VIX_DEFINE_UNUSED_COMMAND,
347
VIX_DEFINE_UNUSED_COMMAND,
348
VIX_DEFINE_UNUSED_COMMAND,
349
VIX_DEFINE_UNUSED_COMMAND,
350
VIX_DEFINE_UNUSED_COMMAND,
365
351
VIX_DEFINE_UNUSED_COMMAND,
366
352
VIX_DEFINE_UNUSED_COMMAND,
367
353
/* GET_VMX_DEVICE_STATE is needed for the initial handshake. */
368
354
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_GET_VMX_DEVICE_STATE,
369
355
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
370
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_GET_NUM_TIMEMARKERS,
371
VIX_COMMAND_CATEGORY_PRIVILEGED),
372
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_GET_TIMEMARKER,
373
VIX_COMMAND_CATEGORY_PRIVILEGED),
374
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_REMOVE_TIMEMARKER,
375
VIX_COMMAND_CATEGORY_PRIVILEGED),
356
VIX_DEFINE_UNUSED_COMMAND,
357
VIX_DEFINE_UNUSED_COMMAND,
358
VIX_DEFINE_UNUSED_COMMAND,
376
359
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_SET_SNAPSHOT_INFO,
377
360
VIX_COMMAND_CATEGORY_PRIVILEGED),
378
361
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_SNAPSHOT_SET_MRU,
428
411
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_QUERY_CHILDREN,
429
412
VIX_COMMAND_CATEGORY_PRIVILEGED),
430
414
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_LIST_FILES,
431
415
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
417
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_CREATE_DIRECTORY_EX,
418
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
420
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_MOVE_GUEST_FILE_EX,
421
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
423
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_MOVE_GUEST_DIRECTORY,
424
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
426
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_CREATE_TEMPORARY_FILE_EX,
427
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
429
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_CREATE_TEMPORARY_DIRECTORY,
430
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
432
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_SET_GUEST_FILE_ATTRIBUTES,
433
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
435
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_COPY_FILE_FROM_GUEST_TO_READER,
436
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
437
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_START_PROGRAM,
438
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
440
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_LIST_PROCESSES_EX,
441
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
443
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_READ_ENV_VARIABLES,
444
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
446
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_INITIATE_FILE_TRANSFER_FROM_GUEST,
447
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
449
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_INITIATE_FILE_TRANSFER_TO_GUEST,
450
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
452
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_ACQUIRE_CREDENTIALS,
453
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
454
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_RELEASE_CREDENTIALS,
455
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
456
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_VALIDATE_CREDENTIALS,
457
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
459
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_TERMINATE_PROCESS,
460
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
461
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_DELETE_GUEST_FILE_EX,
462
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
463
VIX_DEFINE_COMMAND_INFO(VIX_COMMAND_DELETE_GUEST_DIRECTORY_EX,
464
VIX_COMMAND_CATEGORY_ALWAYS_ALLOWED),
1732
1888
return newString;
1733
1889
} // VixMsg_StrdupClientData
1893
*-----------------------------------------------------------------------------
1895
* __VMAutomationValidateString --
1897
* Verifies that string at specified address is NUL terminated within
1898
* specified number of bytes, and is valid UTF-8.
1901
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
1906
*-----------------------------------------------------------------------------
1910
__VMAutomationValidateString(const char *caller, // IN
1911
unsigned int line, // IN
1912
const char *buffer, // IN
1913
size_t available) // IN
1915
size_t stringLength;
1918
* NUL terminated string needs at least one byte - NUL one.
1920
if (available < 1) {
1921
Log("%s(%u): Message body too short to contain string.\n", caller, line);
1922
return VIX_E_INVALID_MESSAGE_BODY;
1926
* Reject message if there is no NUL before request end. There must
1930
stringLength = Str_Strlen(buffer, available);
1931
if (stringLength >= available) {
1932
Log("%s(%u): Variable string is not NUL terminated "
1933
"before message end.\n", caller, line);
1934
return VIX_E_INVALID_MESSAGE_BODY;
1938
* If string is shorter than expected, complain. Maybe it is too strict,
1939
* but clients seems to not send malformed messages, so keep doing this.
1942
if (stringLength + 1 != available) {
1943
Log("%s(%u): Retrieved fixed string \"%s\" with "
1944
"trailing garbage.\n", caller, line, buffer);
1945
return VIX_E_INVALID_MESSAGE_BODY;
1949
* If string is not UTF-8, reject it. We do not want to pass non-UTF-8
1950
* strings through vmx bowels - they could hit some ASSERT somewhere...
1953
if (!Unicode_IsBufferValid(buffer, stringLength, STRING_ENCODING_UTF8)) {
1954
Log("%s(%u): Variable string is not an UTF8 string.\n", caller, line);
1955
return VIX_E_INVALID_UTF8_STRING;
1963
*-----------------------------------------------------------------------------
1965
* __VMAutomationValidateStringInBuffer --
1967
* Verifies that string at specified address is NUL terminated within
1968
* specified number of bytes, and is valid UTF-8.
1969
* String does not have to occupy the entire buffer.
1972
* VixError. VIX_OK on success.
1973
* Some other VIX_* code if message is malformed.
1978
*-----------------------------------------------------------------------------
1982
__VMAutomationValidateStringInBuffer(const char *caller, // IN
1983
unsigned int line, // IN
1984
const char *buffer, // IN
1985
size_t available, // IN
1986
size_t *strLen) // IN
1988
size_t stringLength;
1991
* NUL terminated string needs at least one byte - NUL one.
1993
if (available < 1) {
1994
Log("%s(%u): Message body too short to contain string.\n", caller, line);
1995
return VIX_E_INVALID_MESSAGE_BODY;
1999
* Reject message if there is no NUL before request end. There must
2003
stringLength = Str_Strlen(buffer, available);
2004
*strLen = stringLength;
2006
if (stringLength >= available) {
2007
Log("%s(%u): Variable string is not NUL terminated "
2008
"before message end.\n", caller, line);
2009
return VIX_E_INVALID_MESSAGE_BODY;
2013
* If string is not UTF-8, reject it. We do not want to pass non-UTF-8
2014
* strings through vmx bowels - they could hit some ASSERT somewhere...
2017
if (!Unicode_IsBufferValid(buffer, stringLength, STRING_ENCODING_UTF8)) {
2018
Log("%s(%u): Variable string is not an UTF8 string.\n", caller, line);
2019
return VIX_E_INVALID_UTF8_STRING;
2027
*-----------------------------------------------------------------------------
2029
* __VMAutomationMsgParserInitRequest --
2030
* VMAutomationMsgParserInitRequest --
2032
* Initializes request parser, and performs basic message validation
2033
* not performed elsewhere.
2036
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2041
*-----------------------------------------------------------------------------
2045
__VMAutomationMsgParserInitRequest(const char *caller, // IN
2046
unsigned int line, // IN
2047
VMAutomationMsgParser *state, // OUT (opt)
2048
const VixCommandRequestHeader *msg, // IN
2049
size_t fixedLength) // IN
2051
size_t miscDataLength = 0;
2054
* If the VM is encrypted, there is additional data factored into
2055
* the total message size that needs to be accounted for.
2058
if (VIX_REQUESTMSG_INCLUDES_AUTH_DATA_V1 & msg->requestFlags) {
2059
miscDataLength = sizeof(VixMsgAuthDataV1);
2064
return VMAutomationMsgParserInit(caller, line, state, &msg->commonHeader,
2065
sizeof *msg, fixedLength, miscDataLength, "request");
2070
*-----------------------------------------------------------------------------
2072
* __VMAutomationMsgParserInitResponse --
2073
* VMAutomationMsgParserInitResponse --
2075
* Initializes response parser, and performs basic message validation
2076
* not performed elsewhere.
2079
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2084
*-----------------------------------------------------------------------------
2088
__VMAutomationMsgParserInitResponse(const char *caller, // IN
2089
unsigned int line, // IN
2090
VMAutomationMsgParser *state, // OUT (opt)
2091
const VixCommandResponseHeader *msg, // IN
2092
size_t fixedLength) // IN
2094
return VMAutomationMsgParserInit(caller, line, state, &msg->commonHeader,
2095
sizeof *msg, fixedLength, 0, "response");
2100
*-----------------------------------------------------------------------------
2102
* VMAutomationMsgParserInit --
2104
* Initializes message parser, and performs basic message validation
2105
* not performed elsewhere.
2108
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2113
*-----------------------------------------------------------------------------
2117
VMAutomationMsgParserInit(const char *caller, // IN
2118
unsigned int line, // IN
2119
VMAutomationMsgParser *state, // OUT (opt)
2120
const VixMsgHeader *msg, // IN
2121
size_t headerLength, // IN
2122
size_t fixedLength, // IN
2123
size_t miscDataLength, // IN
2124
const char *packetType) // IN
2126
uint32 headerAndBodyLength;
2127
// use int64 to prevent overflow
2128
int64 computedTotalLength = (int64)msg->headerLength +
2129
(int64)msg->bodyLength + (int64)msg->credentialLength +
2130
(int64)miscDataLength;
2132
int64 extBodySize = (int64)msg->headerLength + (int64)msg->bodyLength -
2135
if (computedTotalLength != (int64)msg->totalMessageLength) {
2136
Log("%s:%d, header information mismatch.\n", __FILE__, __LINE__);
2137
return VIX_E_INVALID_MESSAGE_HEADER;
2140
if (extBodySize < 0) {
2141
Log("%s:%d, %s too short.\n", __FILE__, __LINE__, packetType);
2142
return VIX_E_INVALID_MESSAGE_HEADER;
2146
* Protocol allows for headerLength expansion, but predefined structures
2147
* do not anticipate that even a bit. So give up if header length is
2148
* incompatible with our structures.
2151
if (msg->headerLength != headerLength) {
2152
Log("%s(%u): %s header length %u is not supported "
2153
"(%"FMTSZ"u is required).\n",
2154
caller, line, packetType, msg->headerLength, headerLength);
2155
return VIX_E_INVALID_MESSAGE_HEADER;
2159
* Message looks reasonable. Skip over fixed part.
2162
headerAndBodyLength = msg->headerLength + msg->bodyLength;
2165
state->currentPtr = (const char *)msg + fixedLength;
2166
state->endPtr = (const char *)msg + headerAndBodyLength;
2173
*-----------------------------------------------------------------------------
2175
* VMAutomation_VerifyRequestLength --
2177
* Ensures that request contains at least fixedLength bytes in
2181
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2186
*-----------------------------------------------------------------------------
2190
VMAutomation_VerifyRequestLength(const VixCommandRequestHeader *request, // IN
2191
size_t fixedLength) // IN
2193
return VMAutomationMsgParserInitRequest(NULL, request, fixedLength);
2198
*-----------------------------------------------------------------------------
2200
* VMAutomationMsgParserGetRemainingData --
2202
* Fetches all data remaining in the request.
2205
* Pointer to the data.
2210
*-----------------------------------------------------------------------------
2214
VMAutomationMsgParserGetRemainingData(VMAutomationMsgParser *state, // IN/OUT
2215
size_t *length) // OUT
2219
*length = state->endPtr - state->currentPtr;
2220
data = state->currentPtr;
2221
state->currentPtr = state->endPtr;
2228
*-----------------------------------------------------------------------------
2230
* VMAutomationMsgParserGetData --
2231
* __VMAutomationMsgParserGetData --
2233
* Fetches specified number of bytes.
2236
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2241
*-----------------------------------------------------------------------------
2245
__VMAutomationMsgParserGetData(const char *caller, // IN
2246
unsigned int line, // IN
2247
VMAutomationMsgParser *state, // IN/OUT
2248
size_t length, // IN
2249
const char **result) // OUT (opt)
2253
available = state->endPtr - state->currentPtr;
2255
/* If message is too short, return an error. */
2256
if (available < length) {
2257
Log("%s(%u): Message has only %"FMTSZ"u bytes available when "
2258
"looking for %"FMTSZ"u bytes od data.\n",
2259
caller, line, available, length);
2260
return VIX_E_INVALID_MESSAGE_BODY;
2264
*result = state->currentPtr;
2266
state->currentPtr += length;
2272
*-----------------------------------------------------------------------------
2274
* VMAutomationMsgParserGetOptionalString --
2275
* __VMAutomationMsgParserGetOptionalString --
2277
* Fetches string of specified length from the request. Length includes
2278
* terminating NUL byte, which must be present. Length of zero results
2279
* in NULL being returned.
2282
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2287
*-----------------------------------------------------------------------------
2291
__VMAutomationMsgParserGetOptionalString(const char *caller, // IN
2292
unsigned int line, // IN
2293
VMAutomationMsgParser *state, // IN/OUT
2294
size_t length, // IN
2295
const char **result) // OUT
2301
err = __VMAutomationMsgParserGetData(caller, line, state, length,
2303
if (VIX_OK != err) {
2306
err = __VMAutomationValidateString(caller, line, string, length);
2307
if (VIX_OK != err) {
2319
*-----------------------------------------------------------------------------
2321
* VMAutomationMsgParserGetOptionalStrings --
2322
* __VMAutomationMsgParserGetOptionalStrings --
2324
* Fetches an array of strings from the request. Length includes the
2325
* terminating NUL byte of each string.
2328
* VixError. VIX_OK on success.
2329
* Some other VIX_* code if message is malformed.
2334
*-----------------------------------------------------------------------------
2338
__VMAutomationMsgParserGetOptionalStrings(const char *caller, // IN
2339
unsigned int line, // IN
2340
VMAutomationMsgParser *state, // IN/OUT
2342
size_t length, // IN
2343
const char **result) // OUT
2345
VixError err = VIX_OK;
2347
const char *theResult;
2356
err = __VMAutomationMsgParserGetData(caller, line, state, length,
2358
if (VIX_OK != err) {
2364
for (i = 0; i < count; ++i) {
2365
err = __VMAutomationValidateStringInBuffer(caller, line,
2366
buffer, length, &strLen);
2367
if (VIX_OK != err) {
2370
ASSERT(strLen < length);
2371
buffer += (strLen + 1);
2372
length -= (strLen + 1);
2376
* If string is shorter than expected, complain. Maybe it is too strict,
2377
* but clients seems to not send malformed messages, so keep doing this.
2381
Log("%s(%u): Retrieved an array of string with trailing garbage.\n",
2383
return VIX_E_INVALID_MESSAGE_BODY;
2386
*result = theResult;
2395
*-----------------------------------------------------------------------------
2397
* VMAutomationMsgParserGetString --
2398
* __VMAutomationMsgParserGetString --
2400
* Fetches string of specified length from the request. Length of
2401
* string is specified in number of usable characters: function consumes
2402
* length + 1 bytes from request, and first length bytes must be non-NUL,
2403
* while length+1st byte must be NUL.
2406
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2411
*-----------------------------------------------------------------------------
2415
__VMAutomationMsgParserGetString(const char *caller, // IN
2416
unsigned int line, // IN
2417
VMAutomationMsgParser *state, // IN/OUT
2418
size_t length, // IN
2419
const char **result) // OUT
2426
Log("%s(%u): String is too long.\n", caller, line);
2427
return VIX_E_INVALID_ARG;
2429
err = __VMAutomationMsgParserGetData(caller, line, state, length,
2431
if (VIX_OK != err) {
2434
err = __VMAutomationValidateString(caller, line, string, length);
2435
if (VIX_OK != err) {
2445
*-----------------------------------------------------------------------------
2447
* VMAutomationMsgParserGetPropertyList --
2448
* __VMAutomationMsgParserGetPropertyList --
2450
* Fetches specified number of bytes.
2453
* VixError. VIX_OK on success. Some other VIX_* code if message is malformed.
2458
*-----------------------------------------------------------------------------
2462
__VMAutomationMsgParserGetPropertyList(const char *caller, // IN
2463
unsigned int line, // IN
2464
VMAutomationMsgParser *state, // IN/OUT
2465
size_t length, // IN
2466
VixPropertyListImpl *propList) // IN/OUT
2474
err = __VMAutomationMsgParserGetData(caller, line, state, length,
2476
if (VIX_OK == err) {
2477
err = VixPropertyList_Deserialize(propList, data, length,
2478
VIX_PROPERTY_LIST_BAD_ENCODING_ERROR);