From d49ad2ca27a44c85ca1bf5f084b0d75274cb368b Mon Sep 17 00:00:00 2001 From: jbj Date: Wed, 1 Dec 2004 17:52:31 +0000 Subject: [PATCH] Deal with \r\n after "-----END PGP PBLIC KEY BLOCK-----" from hkp://sks.keyserver.penguin.de Add parser failure error codes. CVS patchset: 7622 CVS date: 2004/12/01 17:52:31 --- rpmio/rpmpgp.c | 38 +++++++++++++++++++++++++++++--------- rpmio/rpmpgp.h | 9 ++++++++- 2 files changed, 37 insertions(+), 10 deletions(-) diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index 199aaedae..c631ad89b 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -377,6 +377,7 @@ int pgpPrtSubType(const byte *h, unsigned int hlen, pgpSigType sigtype) pgpPrtVal(" ", pgpSubTypeTbl, (p[0]&(~PGPSUBTYPE_CRITICAL))); if (p[0] & PGPSUBTYPE_CRITICAL) + if (_print) fprintf(stderr, " *CRITICAL*"); switch (*p) { case PGPSUBTYPE_PREFER_SYMKEY: /* preferred symmetric algorithms */ @@ -1213,7 +1214,7 @@ pgpArmor pgpReadPkts(const char * fn, const byte ** pkt, size_t * pktlen) const char * armortype = NULL; char * t, * te; int pstate = 0; - pgpArmor ec = PGPARMOR_ERROR; /* XXX assume failure */ + pgpArmor ec = PGPARMOR_ERR_NO_BEGIN_PGP; /* XXX assume failure */ int rc; rc = rpmioSlurp(fn, &b, &blen); @@ -1244,8 +1245,10 @@ pgpArmor pgpReadPkts(const char * fn, const byte ** pkt, size_t * pktlen) t += sizeof("-----BEGIN PGP ")-1; rc = pgpValTok(pgpArmorTbl, t, te); - if (rc < 0) + if (rc < 0) { + ec = PGPARMOR_ERR_UNKNOWN_ARMOR_TYPE; goto exit; + } if (rc != PGPARMOR_PUBKEY) /* XXX ASCII Pubkeys only, please. */ continue; armortype = t; @@ -1278,10 +1281,13 @@ pgpArmor pgpReadPkts(const char * fn, const byte ** pkt, size_t * pktlen) /*@switchbreak@*/ break; case 3: pstate = 0; - if (!TOKEQ(t, "-----END PGP ")) + if (!TOKEQ(t, "-----END PGP ")) { + ec = PGPARMOR_ERR_NO_END_PGP; goto exit; + } *t = '\0'; /* Terminate encoded crc */ t += sizeof("-----END PGP ")-1; + if (t >= te) continue; if (armortype == NULL) /* XXX can't happen */ continue; @@ -1289,23 +1295,37 @@ pgpArmor pgpReadPkts(const char * fn, const byte ** pkt, size_t * pktlen) if (rc) continue; - t = te - (sizeof("-----\n")-1); - if (!TOKEQ(t, "-----\n")) + t += strlen(armortype); + if (t >= te) continue; + + if (!TOKEQ(t, "-----")) { + ec = PGPARMOR_ERR_NO_END_PGP; goto exit; + } + t += (sizeof("-----")-1); + if (t >= te) continue; + /* XXX permitting \r here is not RFC-2440 compliant */ + if (!(*t == '\n' || *t == '\r')) continue; crcdec = NULL; crclen = 0; - if (b64decode(crcenc, (void **)&crcdec, &crclen) != 0) - continue; + if (b64decode(crcenc, (void **)&crcdec, &crclen) != 0) { + ec = PGPARMOR_ERR_CRC_DECODE; + goto exit; + } crcpkt = pgpGrab(crcdec, crclen); crcdec = _free(crcdec); dec = NULL; declen = 0; - if (b64decode(enc, (void **)&dec, &declen) != 0) + if (b64decode(enc, (void **)&dec, &declen) != 0) { + ec = PGPARMOR_ERR_BODY_DECODE; goto exit; + } crc = pgpCRC(dec, declen); - if (crcpkt != crc) + if (crcpkt != crc) { + ec = PGPARMOR_ERR_CRC_CHECK; goto exit; + } b = _free(b); b = dec; blen = declen; diff --git a/rpmio/rpmpgp.h b/rpmio/rpmpgp.h index 2db424c04..dd5d18b26 100644 --- a/rpmio/rpmpgp.h +++ b/rpmio/rpmpgp.h @@ -926,7 +926,14 @@ union pgpPktPre_u { */ /*@-typeuse@*/ typedef enum pgpArmor_e { - PGPARMOR_ERROR = -1, + PGPARMOR_ERR_CRC_CHECK = -7, + PGPARMOR_ERR_BODY_DECODE = -6, + PGPARMOR_ERR_CRC_DECODE = -5, + PGPARMOR_ERR_NO_END_PGP = -4, + PGPARMOR_ERR_UNKNOWN_PREAMBLE_TAG = -3, + PGPARMOR_ERR_UNKNOWN_ARMOR_TYPE = -2, + PGPARMOR_ERR_NO_BEGIN_PGP = -1, +#define PGPARMOR_ERROR PGPARMOR_ERR_NO_BEGIN_PGP PGPARMOR_NONE = 0, PGPARMOR_MESSAGE = 1, /*!< MESSAGE */ PGPARMOR_PUBKEY = 2, /*!< PUBLIC KEY BLOCK */