diff --git a/CMakeLists.txt b/CMakeLists.txt index 3eba7037..bd0ceed4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,6 +5,7 @@ project(rcutils) option(RCUTILS_NO_THREAD_SUPPORT "Disable thread support." OFF) option(RCUTILS_NO_FILESYSTEM "Disable filesystem usage." OFF) option(RCUTILS_AVOID_DYNAMIC_ALLOCATION "Disable dynamic allocations." OFF) +option(RCUTILS_NO_64_ATOMIC "Disable support for 64 bits atomic operations." OFF) # Default to C11 if(NOT CMAKE_C_STANDARD) @@ -73,6 +74,8 @@ set(rcutils_sources src/time.c ${time_impl_c} src/uint8_array.c + src/security_directory.c + $<$:src/atomic_64bits.c> ) set_source_files_properties( @@ -152,6 +155,9 @@ if(BUILD_TESTING) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++14") endif() + set(test_resources_dir_name "test/resources") + add_definitions(-DTEST_RESOURCES_DIRECTORY="${CMAKE_CURRENT_BINARY_DIR}/${test_resources_dir_name}") + find_package(ament_cmake_gmock REQUIRED) find_package(ament_cmake_gtest REQUIRED) find_package(ament_cmake_pytest REQUIRED) diff --git a/src/atomic_64bits.c b/src/atomic_64bits.c new file mode 100644 index 00000000..f11a39da --- /dev/null +++ b/src/atomic_64bits.c @@ -0,0 +1,92 @@ +// Copyright 2020 Proyectos y Sistemas de Mantenimiento SL (eProsima). +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include +#include + +#define FLAGS_LEN 23 + +static bool * get_memory_lock(void *address) +{ + static bool memory_locks[FLAGS_LEN] = { 0 }; + uintptr_t a = (uintptr_t)(address); + + // Public domain hash function taken from http://burtleburtle.net/bob/hash/integer.html + a = (a ^ 61) ^ (a >> 16); + a = a + (a << 3); + a = a ^ (a >> 4); + a = a * 0x27d4eb2d; + a = a ^ (a >> 15); + + a = a % FLAGS_LEN; + return memory_locks + a; +} + +void lock_memory(uint64_t *address){ + bool * memory_lock = get_memory_lock(address); + + while (__atomic_test_and_set(memory_lock, __ATOMIC_ACQUIRE) == 1); +} + +void unlock_memory(uint64_t *address){ + bool * memory_lock = get_memory_lock(address); + + __atomic_clear(memory_lock, __ATOMIC_RELEASE); +} + +uint64_t __atomic_load_8(uint64_t *mem, int model) { + (void) model; + + lock_memory(mem); + uint64_t ret = *mem; + unlock_memory(mem); + return ret; +} + +void __atomic_store_8(uint64_t *mem, uint64_t val, int model) { + (void) model; + + lock_memory(mem); + *mem = val; + unlock_memory(mem); +} + +uint64_t __atomic_exchange_8(uint64_t *mem, uint64_t val, int model) { + (void) model; + + lock_memory(mem); + uint64_t ret = *mem; + *mem = val; + unlock_memory(mem); + return ret; +} + +uint64_t __atomic_fetch_add_8(uint64_t *mem, uint64_t val, int model) { + (void) model; + + lock_memory(mem); + uint64_t ret = *mem; + *mem += val; + unlock_memory(mem); + return ret; +} + +#ifdef __cplusplus +} +#endif diff --git a/src/security_directory.c b/src/security_directory.c new file mode 100644 index 00000000..4bcba2d7 --- /dev/null +++ b/src/security_directory.c @@ -0,0 +1,278 @@ +// Copyright 2018 Open Source Robotics Foundation, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "rcutils/security_directory.h" + +#include "rcutils/error_handling.h" +#include "rcutils/filesystem.h" +#include "rcutils/get_env.h" +#include "rcutils/format_string.h" + +#ifdef __clang__ +# pragma clang diagnostic push +# pragma clang diagnostic ignored "-Wembedded-directive" +#endif + +#ifndef RCUTILS_NO_FILESYSTEM +#include "tinydir/tinydir.h" +#endif + +#ifdef __clang__ +# pragma clang diagnostic pop +#endif + +/** + * A security lookup function takes in the node's name, namespace, a security root directory and an allocator; + * It returns the relevant information required to load the security credentials, + * which is currently a path to a directory on the filesystem containing DDS Security permission files. + */ +typedef char * (* security_lookup_fn_t) ( + const char * node_name, + const char * node_namespace, + const char * ros_secure_root_env, + const rcutils_allocator_t * allocator +); + +char * exact_match_lookup( + const char * node_name, + const char * node_namespace, + const char * ros_secure_root_env, + const rcutils_allocator_t * allocator +); + +char * prefix_match_lookup( + const char * node_name, + const char * node_namespace, + const char * ros_secure_root_env, + const rcutils_allocator_t * allocator +); + +security_lookup_fn_t g_security_lookup_fns[] = { + NULL, + exact_match_lookup, + prefix_match_lookup, +}; + +typedef enum ros_security_lookup_type_e +{ + ROS_SECURITY_LOOKUP_NODE_OVERRIDE = 0, + ROS_SECURITY_LOOKUP_MATCH_EXACT = 1, + ROS_SECURITY_LOOKUP_MATCH_PREFIX = 2, +} ros_security_lookup_type_t; + +char * g_security_lookup_type_strings[] = { + "NODE_OVERRIDE", + "MATCH_EXACT", + "MATCH_PREFIX" +}; + +/// Return the directory whose name most closely matches node_name (longest-prefix match), +/// scanning under base_dir. +/** + * By using a prefix match, a node named e.g. "my_node_123" will be able to load and use the + * directory "my_node" if no better match exists. + * \param[in] base_dir + * \param[in] node_name + * \param[out] matched_name must be a valid memory address allocated with at least + * _TINYDIR_FILENAME_MAX characters. + * \return true if a match was found + */ +static bool get_best_matching_directory( + const char * base_dir, + const char * node_name, + char * matched_name) +{ +#ifdef RCUTILS_NO_FILESYSTEM + RCUTILS_SET_ERROR_MSG("not available filesystem"); + return false; +#else +size_t max_match_length = 0; + tinydir_dir dir; + if (NULL == base_dir || NULL == node_name || NULL == matched_name) { + return false; + } + if (-1 == tinydir_open(&dir, base_dir)) { + return false; + } + while (dir.has_next) { + tinydir_file file; + if (-1 == tinydir_readfile(&dir, &file)) { + goto cleanup; + } + if (file.is_dir) { + size_t matched_name_length = strnlen(file.name, sizeof(file.name) - 1); + if (0 == + strncmp(file.name, node_name, + matched_name_length) && matched_name_length > max_match_length) + { + max_match_length = matched_name_length; + memcpy(matched_name, file.name, max_match_length); + } + } + if (-1 == tinydir_next(&dir)) { + goto cleanup; + } + } +cleanup: + tinydir_close(&dir); + return max_match_length > 0; +#endif // _RCUTILS_NO_FILESYSTEM +} + +char * exact_match_lookup( + const char * node_name, + const char * node_namespace, + const char * ros_secure_root_env, + const rcutils_allocator_t * allocator) +{ + // Perform an exact match for the node's name in directory /. + char * node_secure_root = NULL; + // "/" case when root namespace is explicitly passed in + if (1 == strlen(node_namespace)) { + node_secure_root = rcutils_join_path(ros_secure_root_env, node_name, *allocator); + } else { + char * node_fqn = NULL; + char * node_root_path = NULL; + // Combine node namespace with node name + // TODO(ros2team): remove the hard-coded value of the root namespace + node_fqn = rcutils_format_string(*allocator, "%s%s%s", node_namespace, "/", node_name); + // Get native path, ignore the leading forward slash + // TODO(ros2team): remove the hard-coded length, use the length of the root namespace instead + node_root_path = rcutils_to_native_path(node_fqn + 1, *allocator); + node_secure_root = rcutils_join_path(ros_secure_root_env, node_root_path, *allocator); + allocator->deallocate(node_fqn, allocator->state); + allocator->deallocate(node_root_path, allocator->state); + } + return node_secure_root; +} + +char * prefix_match_lookup( + const char * node_name, + const char * node_namespace, + const char * ros_secure_root_env, + const rcutils_allocator_t * allocator) +{ +#ifdef RCUTILS_NO_FILESYSTEM + RCUTILS_SET_ERROR_MSG("not available filesystem"); + return false; +#else + // Perform longest prefix match for the node's name in directory /. + char * node_secure_root = NULL; + char matched_dir[_TINYDIR_FILENAME_MAX] = {0}; + char * base_lookup_dir = NULL; + if (strlen(node_namespace) == 1) { + base_lookup_dir = (char *) ros_secure_root_env; + } else { + // TODO(ros2team): remove the hard-coded length, use the length of the root namespace instead. + base_lookup_dir = rcutils_join_path(ros_secure_root_env, node_namespace + 1, *allocator); + } + if (get_best_matching_directory(base_lookup_dir, node_name, matched_dir)) { + node_secure_root = rcutils_join_path(base_lookup_dir, matched_dir, *allocator); + } + if (base_lookup_dir != ros_secure_root_env && NULL != base_lookup_dir) { + allocator->deallocate(base_lookup_dir, allocator->state); + } + return node_secure_root; +#endif // _RCUTILS_NO_FILESYSTEM +} + +char * rcutils_get_secure_root( + const char * node_name, + const char * node_namespace, + const rcutils_allocator_t * allocator) +{ + bool ros_secure_node_override = true; + + // find out if either of the configuration environment variables are set + const char * env_buf = NULL; + if (NULL == node_name) { + return NULL; + } + if (rcutils_get_env(ROS_SECURITY_NODE_DIRECTORY_VAR_NAME, &env_buf)) { + return NULL; + } + if (!env_buf) { + return NULL; + } + size_t ros_secure_root_size = strlen(env_buf); + if (!ros_secure_root_size) { + // check root directory if node directory environment variable is empty + if (rcutils_get_env(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME, &env_buf)) { + return NULL; + } + if (!env_buf) { + return NULL; + } + ros_secure_root_size = strlen(env_buf); + if (!ros_secure_root_size) { + return NULL; // environment variable was empty + } else { + ros_secure_node_override = false; + } + } + + // found a usable environment variable, copy into our memory before overwriting with next lookup + char * ros_secure_root_env = + (char *)allocator->allocate(ros_secure_root_size + 1, allocator->state); + memcpy(ros_secure_root_env, env_buf, ros_secure_root_size + 1); + // TODO(ros2team): This make an assumption on the value and length of the root namespace. + // This should likely come from another (rcl/rmw?) function for reuse. + // If the namespace is the root namespace ("/"), the secure root is just the node name. + + char * lookup_strategy = NULL; + char * node_secure_root = NULL; + if (ros_secure_node_override) { + node_secure_root = (char *)allocator->allocate(ros_secure_root_size + 1, allocator->state); + memcpy(node_secure_root, ros_secure_root_env, ros_secure_root_size + 1); + lookup_strategy = g_security_lookup_type_strings[ROS_SECURITY_LOOKUP_NODE_OVERRIDE]; + + } else { + // Check which lookup method to use and invoke the relevant function. + const char * ros_security_lookup_type = NULL; + if (rcutils_get_env(ROS_SECURITY_LOOKUP_TYPE_VAR_NAME, &ros_security_lookup_type)) { + allocator->deallocate(ros_secure_root_env, allocator->state); + return NULL; + } + if (0 == strcmp(ros_security_lookup_type, + g_security_lookup_type_strings[ROS_SECURITY_LOOKUP_MATCH_PREFIX])) + { + node_secure_root = g_security_lookup_fns[ROS_SECURITY_LOOKUP_MATCH_PREFIX] + (node_name, node_namespace, ros_secure_root_env, allocator); + lookup_strategy = g_security_lookup_type_strings[ROS_SECURITY_LOOKUP_MATCH_PREFIX]; + } else { /* Default is MATCH_EXACT */ + node_secure_root = g_security_lookup_fns[ROS_SECURITY_LOOKUP_MATCH_EXACT] + (node_name, node_namespace, ros_secure_root_env, allocator); + lookup_strategy = g_security_lookup_type_strings[ROS_SECURITY_LOOKUP_MATCH_EXACT]; + } + } + + if (NULL == node_secure_root || !rcutils_is_directory(node_secure_root)) { + // Check node_secure_root is not NULL before checking directory + if (NULL == node_secure_root) { + RCUTILS_SET_ERROR_MSG_WITH_FORMAT_STRING( + "SECURITY ERROR: unable to find a folder matching the node name in %s%s." + "Lookup strategy: %s", + ros_secure_root_env, node_namespace, lookup_strategy); + } else { + RCUTILS_SET_ERROR_MSG_WITH_FORMAT_STRING( + "SECURITY ERROR: directory %s does not exist. Lookup strategy: %s", + node_secure_root, lookup_strategy); + } + allocator->deallocate(ros_secure_root_env, allocator->state); + allocator->deallocate(node_secure_root, allocator->state); + return NULL; + } + allocator->deallocate(ros_secure_root_env, allocator->state); + return node_secure_root; +} diff --git a/test/resources/test_security_directory/dummy_node/.gitkeep b/test/resources/test_security_directory/dummy_node/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/test/test_security_directory.cpp b/test/test_security_directory.cpp new file mode 100644 index 00000000..bf1b7f2b --- /dev/null +++ b/test/test_security_directory.cpp @@ -0,0 +1,216 @@ +// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include + +#include +#include +#include "rcutils/security_directory.h" +#include "rcutils/filesystem.h" +#include "osrf_testing_tools_cpp/scope_exit.hpp" +#include "rcutils/error_handling.h" + +#define ROOT_NAMESPACE "/" +#define TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME "test_security_directory" +#define TEST_NODE_NAME "dummy_node" +#define TEST_NODE_NAMESPACE ROOT_NAMESPACE TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME + +char g_envstring[512] = {0}; + +static int putenv_wrapper(const char * env_var) +{ +#ifdef _WIN32 + return _putenv(env_var); +#else + return putenv(reinterpret_cast(const_cast(env_var))); +#endif +} + +static int unsetenv_wrapper(const char * var_name) +{ +#ifdef _WIN32 + // On windows, putenv("VAR=") deletes VAR from environment + std::string var(var_name); + var += "="; + return _putenv(var.c_str()); +#else + return unsetenv(var_name); +#endif +} + +class TestGetSecureRoot : public ::testing::Test +{ +protected: + void SetUp() final + { + // Reset rcutils error global state in case a previously + // running test has failed. + rcutils_reset_error(); + + // Always make sure the variable we set is unset at the beginning of a test + unsetenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME); + unsetenv_wrapper(ROS_SECURITY_NODE_DIRECTORY_VAR_NAME); + unsetenv_wrapper(ROS_SECURITY_LOOKUP_TYPE_VAR_NAME); + allocator = rcutils_get_default_allocator(); + root_path = nullptr; + secure_root = nullptr; + base_lookup_dir_fqn = nullptr; + } + + void TearDown() final + { + OSRF_TESTING_TOOLS_CPP_SCOPE_EXIT({ + allocator.deallocate(root_path, allocator.state); + }); + OSRF_TESTING_TOOLS_CPP_SCOPE_EXIT({ + allocator.deallocate(secure_root, allocator.state); + }); + OSRF_TESTING_TOOLS_CPP_SCOPE_EXIT({ + allocator.deallocate(base_lookup_dir_fqn, allocator.state); + }); + } + + void set_base_lookup_dir_fqn(const char * resource_dir, const char * resource_dir_name) + { + base_lookup_dir_fqn = rcutils_join_path(resource_dir, + resource_dir_name, allocator); + std::string putenv_input = ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "="; + putenv_input += base_lookup_dir_fqn; + memcpy(g_envstring, putenv_input.c_str(), + std::min(putenv_input.length(), sizeof(g_envstring) - 1)); + putenv_wrapper(g_envstring); + } + + rcutils_allocator_t allocator; + char * root_path; + char * secure_root; + char * base_lookup_dir_fqn; +}; + +TEST_F(TestGetSecureRoot, failureScenarios) { + ASSERT_EQ(rcutils_get_secure_root(TEST_NODE_NAME, TEST_NODE_NAMESPACE, &allocator), + (char *) NULL); + + putenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + + /* Security directory is set, but there's no matching directory */ + /// Wrong namespace + ASSERT_EQ(rcutils_get_secure_root(TEST_NODE_NAME, "/some_other_namespace", &allocator), + (char *) NULL); + /// Wrong node name + ASSERT_EQ(rcutils_get_secure_root("not_" TEST_NODE_NAME, TEST_NODE_NAMESPACE, &allocator), + (char *) NULL); +} + +TEST_F(TestGetSecureRoot, successScenarios_local_exactMatch) { + putenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + + /* -------------------------- + * Namespace : Custom (local) + * Match type : Exact + * -------------------------- + * Root: ${CMAKE_BINARY_DIR}/tests/resources + * Namespace: /test_security_directory + * Node: dummy_node + */ + secure_root = rcutils_get_secure_root(TEST_NODE_NAME, TEST_NODE_NAMESPACE, &allocator); + std::string secure_root_str(secure_root); + ASSERT_STREQ(TEST_NODE_NAME, + secure_root_str.substr(secure_root_str.size() - (sizeof(TEST_NODE_NAME) - 1)).c_str()); +} + +TEST_F(TestGetSecureRoot, successScenarios_local_prefixMatch) { + putenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + secure_root = rcutils_get_secure_root(TEST_NODE_NAME, TEST_NODE_NAMESPACE, &allocator); + + /* -------------------------- + * Namespace : Custom (local) + * Match type : Prefix + * -------------------------- + * Root: ${CMAKE_BINARY_DIR}/tests/resources + * Namespace: /test_security_directory + * Node: dummy_node_and_some_suffix_added */ + root_path = rcutils_get_secure_root(TEST_NODE_NAME "_and_some_suffix_added", + TEST_NODE_NAMESPACE, &allocator); + ASSERT_STRNE(root_path, secure_root); + putenv_wrapper(ROS_SECURITY_LOOKUP_TYPE_VAR_NAME "=MATCH_PREFIX"); + root_path = rcutils_get_secure_root(TEST_NODE_NAME "_and_some_suffix_added", + TEST_NODE_NAMESPACE, &allocator); + ASSERT_STREQ(root_path, secure_root); +} + +TEST_F(TestGetSecureRoot, successScenarios_root_exactMatch) { + putenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + putenv_wrapper(ROS_SECURITY_LOOKUP_TYPE_VAR_NAME "=MATCH_PREFIX"); + secure_root = rcutils_get_secure_root(TEST_NODE_NAME, TEST_NODE_NAMESPACE, &allocator); + + /* Include the namespace as part of the root security directory and test root namespace */ + set_base_lookup_dir_fqn(TEST_RESOURCES_DIRECTORY, TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME); + /* -------------------------- + * Namespace : Root + * Match type : Exact + * -------------------------- + * Root: ${CMAKE_BINARY_DIR}/tests/resources/test_security_directory + * Namespace: / + * Node: dummy_node */ + root_path = rcutils_get_secure_root(TEST_NODE_NAME, ROOT_NAMESPACE, &allocator); + ASSERT_STREQ(root_path, secure_root); +} + +TEST_F(TestGetSecureRoot, successScenarios_root_prefixMatch) { + putenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + putenv_wrapper(ROS_SECURITY_LOOKUP_TYPE_VAR_NAME "=MATCH_PREFIX"); + secure_root = rcutils_get_secure_root(TEST_NODE_NAME, TEST_NODE_NAMESPACE, &allocator); + + /* Include the namespace as part of the root security directory and test root namespace */ + set_base_lookup_dir_fqn(TEST_RESOURCES_DIRECTORY, TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME); + /* -------------------------- + * Namespace : Root + * Match type : Prefix + * -------------------------- + * Root dir: ${CMAKE_BINARY_DIR}/tests/resources/test_security_directory + * Namespace: / + * Node: dummy_node_and_some_suffix_added */ + root_path = rcutils_get_secure_root(TEST_NODE_NAME "_and_some_suffix_added", + ROOT_NAMESPACE, &allocator); + ASSERT_STREQ(root_path, secure_root); +} + +TEST_F(TestGetSecureRoot, nodeSecurityDirectoryOverride_validDirectory) { + /* Specify a valid directory */ + putenv_wrapper(ROS_SECURITY_NODE_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + root_path = rcutils_get_secure_root("name shouldn't matter", + "namespace shouldn't matter", &allocator); + ASSERT_STREQ(root_path, TEST_RESOURCES_DIRECTORY); +} + +TEST_F(TestGetSecureRoot, + nodeSecurityDirectoryOverride_validDirectory_overrideRootDirectoryAttempt) { + /* Setting root dir has no effect */ + putenv_wrapper(ROS_SECURITY_NODE_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + root_path = rcutils_get_secure_root("name shouldn't matter", + "namespace shouldn't matter", &allocator); + putenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); + ASSERT_STREQ(root_path, TEST_RESOURCES_DIRECTORY); +} + +TEST_F(TestGetSecureRoot, nodeSecurityDirectoryOverride_invalidDirectory) { + /* The override provided should exist. Providing correct node/namespace/root dir won't help + * if the node override is invalid. */ + putenv_wrapper( + ROS_SECURITY_NODE_DIRECTORY_VAR_NAME + "=TheresN_oWayThi_sDirectory_Exists_hence_this_would_fail"); + ASSERT_EQ(rcutils_get_secure_root(TEST_NODE_NAME, TEST_NODE_NAMESPACE, &allocator), + (char *) NULL); +}