- fix: parse pgp packets more carefully.
CVS patchset: 5699 CVS date: 2002/09/03 20:15:20
This commit is contained in:
jbj
parent
f19f373a59
commit
56b3772145
1
CHANGES
1
CHANGES
|
|
@ -287,6 +287,7 @@
|
||||||
- fix: always do rpmalMakeIndex.
|
- fix: always do rpmalMakeIndex.
|
||||||
- fix: resurrect --triggers (#73330).
|
- fix: resurrect --triggers (#73330).
|
||||||
- python: typo in NOKEY exception string.
|
- python: typo in NOKEY exception string.
|
||||||
|
- fix: parse pgp packets more carefully.
|
||||||
|
|
||||||
4.0.3 -> 4.0.4:
|
4.0.3 -> 4.0.4:
|
||||||
- solaris: translate i86pc to i386 (#57182).
|
- solaris: translate i86pc to i386 (#57182).
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,4 @@
|
||||||
|
Makefile
|
||||||
|
stamp-po
|
||||||
|
*.mo
|
||||||
|
*.gmo
|
||||||
|
|
@ -321,17 +321,26 @@ const char * pgpMpiHex(const byte *p)
|
||||||
|
|
||||||
/*@-boundswrite@*/
|
/*@-boundswrite@*/
|
||||||
/**
|
/**
|
||||||
|
* @return 0 on success
|
||||||
*/
|
*/
|
||||||
static void pgpHexSet(const char * pre, int lbits,
|
static int pgpHexSet(const char * pre, int lbits,
|
||||||
/*@out@*/ mp32number * mpn, const byte * p)
|
/*@out@*/ mp32number * mpn, const byte * p, const byte * pend)
|
||||||
/*@globals fileSystem @*/
|
/*@globals fileSystem @*/
|
||||||
/*@modifies *mpn, fileSystem @*/
|
/*@modifies *mpn, fileSystem @*/
|
||||||
{
|
{
|
||||||
unsigned int mbits = pgpMpiBits(p);
|
unsigned int mbits = pgpMpiBits(p);
|
||||||
unsigned int nbits = (lbits > mbits ? lbits : mbits);
|
unsigned int nbits;
|
||||||
unsigned int nbytes = ((nbits + 7) >> 3);
|
unsigned int nbytes;
|
||||||
char * t = xmalloc(2*nbytes+1);
|
char * t;
|
||||||
unsigned int ix = 2 * ((nbits - mbits) >> 3);
|
unsigned int ix;
|
||||||
|
|
||||||
|
if ((p + ((mbits+7) >> 3)) > pend)
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
nbits = (lbits > mbits ? lbits : mbits);
|
||||||
|
nbytes = ((nbits + 7) >> 3);
|
||||||
|
t = xmalloc(2*nbytes+1);
|
||||||
|
ix = 2 * ((nbits - mbits) >> 3);
|
||||||
|
|
||||||
if (_debug)
|
if (_debug)
|
||||||
fprintf(stderr, "*** mbits %u nbits %u nbytes %u t %p[%d] ix %u\n", mbits, nbits, nbytes, t, (2*nbytes+1), ix);
|
fprintf(stderr, "*** mbits %u nbits %u nbytes %u t %p[%d] ix %u\n", mbits, nbits, nbytes, t, (2*nbytes+1), ix);
|
||||||
|
|
@ -343,6 +352,7 @@ fprintf(stderr, "*** %s %s\n", pre, t);
|
||||||
t = _free(t);
|
t = _free(t);
|
||||||
if (_debug && _print)
|
if (_debug && _print)
|
||||||
fprintf(stderr, "\t %s ", pre), mp32println(stderr, mpn->size, mpn->data);
|
fprintf(stderr, "\t %s ", pre), mp32println(stderr, mpn->size, mpn->data);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
/*@=boundswrite@*/
|
/*@=boundswrite@*/
|
||||||
|
|
||||||
|
|
@ -460,9 +470,10 @@ static int pgpPrtSigParams(/*@unused@*/ pgpTag tag, byte pubkey_algo, byte sigty
|
||||||
/*@globals fileSystem @*/
|
/*@globals fileSystem @*/
|
||||||
/*@modifies fileSystem @*/
|
/*@modifies fileSystem @*/
|
||||||
{
|
{
|
||||||
|
const byte * pend = h + hlen;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
|
for (i = 0; p < pend; i++, p += pgpMpiLen(p)) {
|
||||||
if (pubkey_algo == PGPPUBKEYALGO_RSA) {
|
if (pubkey_algo == PGPPUBKEYALGO_RSA) {
|
||||||
if (i >= 1) break;
|
if (i >= 1) break;
|
||||||
/*@-mods@*/
|
/*@-mods@*/
|
||||||
|
|
@ -487,16 +498,20 @@ fprintf(stderr, "\t m**d = "), mp32println(stderr, _dig->c.size, _dig->c.data)
|
||||||
if (_dig &&
|
if (_dig &&
|
||||||
(sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
|
(sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
|
||||||
{
|
{
|
||||||
|
int xx;
|
||||||
|
xx = 0;
|
||||||
switch (i) {
|
switch (i) {
|
||||||
case 0: /* r */
|
case 0: /* r */
|
||||||
pgpHexSet(pgpSigDSA[i], 160, &_dig->r, p);
|
xx = pgpHexSet(pgpSigDSA[i], 160, &_dig->r, p, pend);
|
||||||
/*@switchbreak@*/ break;
|
/*@switchbreak@*/ break;
|
||||||
case 1: /* s */
|
case 1: /* s */
|
||||||
pgpHexSet(pgpSigDSA[i], 160, &_dig->s, p);
|
xx = pgpHexSet(pgpSigDSA[i], 160, &_dig->s, p, pend);
|
||||||
/*@switchbreak@*/ break;
|
/*@switchbreak@*/ break;
|
||||||
default:
|
default:
|
||||||
|
xx = 1;
|
||||||
/*@switchbreak@*/ break;
|
/*@switchbreak@*/ break;
|
||||||
}
|
}
|
||||||
|
if (xx) return xx;
|
||||||
}
|
}
|
||||||
/*@=mods@*/
|
/*@=mods@*/
|
||||||
pgpPrtStr("", pgpSigDSA[i]);
|
pgpPrtStr("", pgpSigDSA[i]);
|
||||||
|
|
@ -523,10 +538,8 @@ int pgpPrtSig(pgpTag tag, const byte *h, unsigned int hlen)
|
||||||
{ pgpPktSigV3 v = (pgpPktSigV3)h;
|
{ pgpPktSigV3 v = (pgpPktSigV3)h;
|
||||||
time_t t;
|
time_t t;
|
||||||
|
|
||||||
if (v->hashlen != 5) {
|
if (v->hashlen != 5)
|
||||||
fprintf(stderr, " hashlen(%u) != 5\n", (unsigned)v->hashlen);
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
|
||||||
|
|
||||||
pgpPrtVal("V3 ", pgpTagTbl, tag);
|
pgpPrtVal("V3 ", pgpTagTbl, tag);
|
||||||
pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
|
pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
|
||||||
|
|
@ -572,6 +585,9 @@ int pgpPrtSig(pgpTag tag, const byte *h, unsigned int hlen)
|
||||||
plen = pgpGrab(v->hashlen, sizeof(v->hashlen));
|
plen = pgpGrab(v->hashlen, sizeof(v->hashlen));
|
||||||
p += sizeof(v->hashlen);
|
p += sizeof(v->hashlen);
|
||||||
|
|
||||||
|
if ((p + plen) > (h + hlen))
|
||||||
|
return 1;
|
||||||
|
|
||||||
if (_debug && _print)
|
if (_debug && _print)
|
||||||
fprintf(stderr, " hash[%u] -- %s\n", plen, pgpHexStr(p, plen));
|
fprintf(stderr, " hash[%u] -- %s\n", plen, pgpHexStr(p, plen));
|
||||||
/*@-mods@*/
|
/*@-mods@*/
|
||||||
|
|
@ -586,6 +602,9 @@ fprintf(stderr, " hash[%u] -- %s\n", plen, pgpHexStr(p, plen));
|
||||||
plen = pgpGrab(p,2);
|
plen = pgpGrab(p,2);
|
||||||
p += 2;
|
p += 2;
|
||||||
|
|
||||||
|
if ((p + plen) > (h + hlen))
|
||||||
|
return 1;
|
||||||
|
|
||||||
if (_debug && _print)
|
if (_debug && _print)
|
||||||
fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen));
|
fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen));
|
||||||
(void) pgpPrtSubType(p, plen, v->sigtype);
|
(void) pgpPrtSubType(p, plen, v->sigtype);
|
||||||
|
|
@ -933,7 +952,7 @@ int pgpPrtComment(pgpTag tag, const byte *h, unsigned int hlen)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int pgpPrtPkt(const byte *pkt)
|
int pgpPrtPkt(const byte *pkt, unsigned int pleft)
|
||||||
{
|
{
|
||||||
unsigned int val = *pkt;
|
unsigned int val = *pkt;
|
||||||
unsigned int pktlen;
|
unsigned int pktlen;
|
||||||
|
|
@ -957,6 +976,9 @@ int pgpPrtPkt(const byte *pkt)
|
||||||
}
|
}
|
||||||
|
|
||||||
pktlen = 1 + plen + hlen;
|
pktlen = 1 + plen + hlen;
|
||||||
|
if (pktlen > pleft)
|
||||||
|
return -1;
|
||||||
|
|
||||||
h = pkt + 1 + plen;
|
h = pkt + 1 + plen;
|
||||||
switch (tag) {
|
switch (tag) {
|
||||||
case PGPTAG_SIGNATURE:
|
case PGPTAG_SIGNATURE:
|
||||||
|
|
@ -1097,10 +1119,11 @@ pgpDig pgpFreeDig(/*@only@*/ /*@null@*/ pgpDig dig)
|
||||||
return dig;
|
return dig;
|
||||||
}
|
}
|
||||||
|
|
||||||
int pgpPrtPkts(const byte * pkts, unsigned int plen, pgpDig dig, int printing)
|
int pgpPrtPkts(const byte * pkts, unsigned int pktlen, pgpDig dig, int printing)
|
||||||
{
|
{
|
||||||
unsigned int val = *pkts;
|
unsigned int val = *pkts;
|
||||||
const byte *p;
|
const byte *p;
|
||||||
|
unsigned int pleft;
|
||||||
int len;
|
int len;
|
||||||
|
|
||||||
/*@-mods@*/
|
/*@-mods@*/
|
||||||
|
|
@ -1114,10 +1137,12 @@ int pgpPrtPkts(const byte * pkts, unsigned int plen, pgpDig dig, int printing)
|
||||||
_digp = NULL;
|
_digp = NULL;
|
||||||
/*@=mods@*/
|
/*@=mods@*/
|
||||||
|
|
||||||
for (p = pkts; p < (pkts + plen); p += len) {
|
for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
|
||||||
len = pgpPrtPkt(p);
|
len = pgpPrtPkt(p, pleft);
|
||||||
if (len <= 0)
|
if (len <= 0)
|
||||||
return len;
|
return len;
|
||||||
|
if (len > pleft) /* XXX shouldn't happen */
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1196,11 +1196,12 @@ int pgpPrtComment(pgpTag tag, const byte *h, unsigned int hlen)
|
||||||
/*@modifies fileSystem @*/;
|
/*@modifies fileSystem @*/;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Print/parse a single OpenPGP packet.
|
* Print/parse next OpenPGP packet.
|
||||||
* @param pkt OpenPGP packet
|
* @param pkt OpenPGP packet
|
||||||
* @return -1 on error, otherwise packet length
|
* @param pleft no. bytes remaining
|
||||||
|
* @return -1 on error, otherwise this packet length
|
||||||
*/
|
*/
|
||||||
int pgpPrtPkt(const byte *pkt)
|
int pgpPrtPkt(const byte *pkt, unsigned int pleft)
|
||||||
/*@globals fileSystem @*/
|
/*@globals fileSystem @*/
|
||||||
/*@modifies fileSystem @*/;
|
/*@modifies fileSystem @*/;
|
||||||
/*@=exportlocal@*/
|
/*@=exportlocal@*/
|
||||||
|
|
@ -1208,12 +1209,12 @@ int pgpPrtPkt(const byte *pkt)
|
||||||
/**
|
/**
|
||||||
* Print/parse a OpenPGP packet(s).
|
* Print/parse a OpenPGP packet(s).
|
||||||
* @param pkts OpenPGP packet(s)
|
* @param pkts OpenPGP packet(s)
|
||||||
* @param plen packet(s) length (no. of bytes)
|
* @param pktlen OpenPGP packet(s) length (no. of bytes)
|
||||||
* @retval dig parsed output of signature/pubkey packet parameters
|
* @retval dig parsed output of signature/pubkey packet parameters
|
||||||
* @param printing should packets be printed?
|
* @param printing should packets be printed?
|
||||||
* @return -1 on error, 0 on success
|
* @return -1 on error, 0 on success
|
||||||
*/
|
*/
|
||||||
int pgpPrtPkts(const byte *pkts, unsigned int plen, pgpDig dig, int printing)
|
int pgpPrtPkts(const byte *pkts, unsigned int pktlen, pgpDig dig, int printing)
|
||||||
/*@globals fileSystem @*/
|
/*@globals fileSystem @*/
|
||||||
/*@modifies fileSystem @*/;
|
/*@modifies fileSystem @*/;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue