Add ValidateBufferArguments

3 files changed, 75 insertions, 65 deletions

diff --git a/crypto/src/tls/TlsProtocol.cs b/crypto/src/tls/TlsProtocol.cs
index c30c253e1..41d8e109e 100644
--- a/crypto/src/tls/TlsProtocol.cs
+++ b/crypto/src/tls/TlsProtocol.cs
@@ -4,6 +4,7 @@ using System.IO;
 
 using Org.BouncyCastle.Tls.Crypto;
 using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
 
 namespace Org.BouncyCastle.Tls
 {
@@ -700,19 +701,14 @@ namespace Org.BouncyCastle.Tls
         /// The method will return immediately, if there is still some data left in the buffer, or block until some
         /// application data has been read from the network.
         /// </remarks>
-        /// <param name="buf">The buffer where the data will be copied to.</param>
-        /// <param name="off">The position where the data will be placed in the buffer.</param>
-        /// <param name="len">The maximum number of bytes to read.</param>
+        /// <param name="buffer">The buffer where the data will be copied to.</param>
+        /// <param name="offset">The position where the data will be placed in the buffer.</param>
+        /// <param name="count">The maximum number of bytes to read.</param>
         /// <returns>The number of bytes read.</returns>
         /// <exception cref="IOException">If something goes wrong during reading data.</exception>
-        public virtual int ReadApplicationData(byte[] buf, int off, int len)
+        public virtual int ReadApplicationData(byte[] buffer, int offset, int count)
         {
-            if (buf == null)
-                throw new ArgumentNullException("buf");
-            if (off < 0)
-                throw new ArgumentOutOfRangeException("off");
-            if (len < 0 || len > buf.Length - off)
-                throw new ArgumentOutOfRangeException("len");
+            Streams.ValidateBufferArguments(buffer, offset, count);
 
             if (!m_appDataReady)
                 throw new InvalidOperationException("Cannot read application data until initial handshake completed.");
@@ -734,12 +730,12 @@ namespace Org.BouncyCastle.Tls
                 SafeReadRecord();
             }
 
-            if (len > 0)
+            if (count > 0)
             {
-                len = System.Math.Min(len, m_applicationDataQueue.Available);
-                m_applicationDataQueue.RemoveData(buf, off, len, 0);
+                count = System.Math.Min(count, m_applicationDataQueue.Available);
+                m_applicationDataQueue.RemoveData(buffer, offset, count, 0);
             }
-            return len;
+            return count;
         }
 
         /// <exception cref="IOException"/>
@@ -865,22 +861,24 @@ namespace Org.BouncyCastle.Tls
         /// This method must not be called until after the initial handshake is complete. Attempting to call it earlier
         /// will result in an <see cref="InvalidOperationException"/>.
         /// </remarks>
-        /// <param name="buf">The buffer containing application data to send.</param>
-        /// <param name="off">The offset at which the application data begins</param>
-        /// <param name="len">The number of bytes of application data.</param>
+        /// <param name="buffer">The buffer containing application data to send.</param>
+        /// <param name="offset">The offset at which the application data begins</param>
+        /// <param name="count">The number of bytes of application data.</param>
         /// <exception cref="InvalidOperationException">If called before the initial handshake has completed.
         /// </exception>
         /// <exception cref="IOException">If connection is already closed, or for encryption or transport errors.
         /// </exception>
-        public virtual void WriteApplicationData(byte[] buf, int off, int len)
+        public virtual void WriteApplicationData(byte[] buffer, int offset, int count)
         {
+            Streams.ValidateBufferArguments(buffer, offset, count);
+
             if (!m_appDataReady)
                 throw new InvalidOperationException(
                     "Cannot write application data until initial handshake completed.");
 
             lock (m_recordWriteLock)
             {
-                while (len > 0)
+                while (count > 0)
                 {
                     if (m_closed)
                         throw new IOException("Cannot write application data on closed/failed TLS connection");
@@ -914,11 +912,11 @@ namespace Org.BouncyCastle.Tls
                         case ADS_MODE_1_Nsub1:
                         default:
                         {
-                            if (len > 1)
+                            if (count > 1)
                             {
-                                SafeWriteRecord(ContentType.application_data, buf, off, 1);
-                                ++off;
-                                --len;
+                                SafeWriteRecord(ContentType.application_data, buffer, offset, 1);
+                                ++offset;
+                                --count;
                             }
                             break;
                         }
@@ -937,10 +935,10 @@ namespace Org.BouncyCastle.Tls
                     }
 
                     // Fragment data according to the current fragment limit.
-                    int toWrite = System.Math.Min(len, m_recordStream.PlaintextLimit);
-                    SafeWriteRecord(ContentType.application_data, buf, off, toWrite);
-                    off += toWrite;
-                    len -= toWrite;
+                    int toWrite = System.Math.Min(count, m_recordStream.PlaintextLimit);
+                    SafeWriteRecord(ContentType.application_data, buffer, offset, toWrite);
+                    offset += toWrite;
+                    count -= toWrite;
                 }
             }
         }
diff --git a/crypto/src/tls/TlsStream.cs b/crypto/src/tls/TlsStream.cs
index 9ca88a2a7..02f8b733e 100644
--- a/crypto/src/tls/TlsStream.cs
+++ b/crypto/src/tls/TlsStream.cs
@@ -61,9 +61,9 @@ namespace Org.BouncyCastle.Tls
             set { throw new NotSupportedException(); }
         }
 
-        public override int Read(byte[] buf, int off, int len)
+        public override int Read(byte[] buffer, int offset, int count)
         {
-            return m_handler.ReadApplicationData(buf, off, len);
+            return m_handler.ReadApplicationData(buffer, offset, count);
         }
 
         public override int ReadByte()
@@ -83,9 +83,9 @@ namespace Org.BouncyCastle.Tls
             throw new NotSupportedException();
         }
 
-        public override void Write(byte[] buf, int off, int len)
+        public override void Write(byte[] buffer, int offset, int count)
         {
-            m_handler.WriteApplicationData(buf, off, len);
+            m_handler.WriteApplicationData(buffer, offset, count);
         }
 
         public override void WriteByte(byte b)
diff --git a/crypto/src/util/io/Streams.cs b/crypto/src/util/io/Streams.cs
index a86367e56..3623dfe39 100644
--- a/crypto/src/util/io/Streams.cs
+++ b/crypto/src/util/io/Streams.cs
@@ -19,38 +19,6 @@ namespace Org.BouncyCastle.Utilities.IO
 			}
 		}
 
-		public static byte[] ReadAll(Stream inStr)
-		{
-			MemoryStream buf = new MemoryStream();
-			PipeAll(inStr, buf);
-			return buf.ToArray();
-		}
-
-		public static byte[] ReadAllLimited(Stream inStr, int limit)
-		{
-			MemoryStream buf = new MemoryStream();
-			PipeAllLimited(inStr, limit, buf);
-			return buf.ToArray();
-		}
-
-		public static int ReadFully(Stream inStr, byte[] buf)
-		{
-			return ReadFully(inStr, buf, 0, buf.Length);
-		}
-
-		public static int ReadFully(Stream inStr, byte[] buf, int off, int len)
-		{
-			int totalRead = 0;
-			while (totalRead < len)
-			{
-				int numRead = inStr.Read(buf, off + totalRead, len - totalRead);
-				if (numRead < 1)
-					break;
-				totalRead += numRead;
-			}
-			return totalRead;
-		}
-
         /// <summary>Write the full contents of inStr to the destination stream outStr.</summary>
         /// <param name="inStr">Source stream.</param>
         /// <param name="outStr">Destination stream.</param>
@@ -105,8 +73,52 @@ namespace Org.BouncyCastle.Utilities.IO
 			return total;
 		}
 
-        /// <exception cref="IOException"></exception>
-        public static void WriteBufTo(MemoryStream buf, Stream output)
+		public static byte[] ReadAll(Stream inStr)
+		{
+			MemoryStream buf = new MemoryStream();
+			PipeAll(inStr, buf);
+			return buf.ToArray();
+		}
+
+		public static byte[] ReadAllLimited(Stream inStr, int limit)
+		{
+			MemoryStream buf = new MemoryStream();
+			PipeAllLimited(inStr, limit, buf);
+			return buf.ToArray();
+		}
+
+		public static int ReadFully(Stream inStr, byte[] buf)
+		{
+			return ReadFully(inStr, buf, 0, buf.Length);
+		}
+
+		public static int ReadFully(Stream inStr, byte[] buf, int off, int len)
+		{
+			int totalRead = 0;
+			while (totalRead < len)
+			{
+				int numRead = inStr.Read(buf, off + totalRead, len - totalRead);
+				if (numRead < 1)
+					break;
+				totalRead += numRead;
+			}
+			return totalRead;
+		}
+
+		public static void ValidateBufferArguments(byte[] buffer, int offset, int count)
+        {
+			if (buffer == null)
+				throw new ArgumentNullException("buffer");
+			int available = buffer.Length - offset;
+			if ((offset | available) < 0)
+				throw new ArgumentOutOfRangeException("offset");
+			int remaining = available - count;
+			if ((count | remaining) < 0)
+				throw new ArgumentOutOfRangeException("count");
+		}
+
+		/// <exception cref="IOException"></exception>
+		public static void WriteBufTo(MemoryStream buf, Stream output)
         {
             buf.WriteTo(output);
         }