security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Use inline functions to convert buffer data to scalars. 

* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--

Commit 91b826a388 was not enough to
avoid all sign extension on shift problems.  Hanno Böck found a case
with an invalid read due to this problem.  To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2015-02-11 10:27:57 +01:00
parent f0f71a721c
commit 2183683bd6
31 changed files with 220 additions and 210 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
agent/cvt-openpgp.c
View File

@ -27,6 +27,7 @@
#include "agent.h" #include "agent.h"
#include "i18n.h" #include "i18n.h"
#include "cvt-openpgp.h" #include "cvt-openpgp.h"
#include "host2net.h"
/* Helper to pass data via the callback to do_unprotect. */ /* Helper to pass data via the callback to do_unprotect. */
@ -487,7 +488,7 @@ do_unprotect (const char *passphrase,
ndata = (ndatabits+7)/8; ndata = (ndatabits+7)/8;
if (ndata > 1) if (ndata > 1)
csum_pgp7 = p[ndata-2] << 8 | p[ndata-1]; csum_pgp7 = buf16_to_u16 (p+ndata-2);
data = xtrymalloc_secure (ndata); data = xtrymalloc_secure (ndata);
if (!data) if (!data)
{ {
@ -531,7 +532,7 @@ do_unprotect (const char *passphrase,
} }
else else
{ {
desired_csum = (data[ndata-2] << 8 | data[ndata-1]); desired_csum = buf16_to_u16 (data+ndata-2);
actual_csum = checksum (data, ndata-2); actual_csum = checksum (data, ndata-2);
if (desired_csum != actual_csum) if (desired_csum != actual_csum)
{ {
@ -586,7 +587,7 @@ do_unprotect (const char *passphrase,
p = gcry_mpi_get_opaque (skey[i], &ndatabits); p = gcry_mpi_get_opaque (skey[i], &ndatabits);
ndata = (ndatabits+7)/8; ndata = (ndatabits+7)/8;
if (!(ndata >= 2) || !(ndata == ((p[0] << 8 | p[1]) + 7)/8 + 2)) if (!(ndata >= 2) || !(ndata == (buf16_to_ushort (p) + 7)/8 + 2))
{ {
gcry_cipher_close (cipher_hd); gcry_cipher_close (cipher_hd);
return gpg_error (GPG_ERR_BAD_SECKEY); return gpg_error (GPG_ERR_BAD_SECKEY);

2
common/b64enc.c
View File

@ -253,7 +253,7 @@ b64enc_write (struct b64state *state, const void *buffer, size_t nbytes)
u32 crc = state->crc; u32 crc = state->crc;
for (p=buffer, n=nbytes; n; p++, n-- ) for (p=buffer, n=nbytes; n; p++, n-- )
crc = (crc << 8) ^ crc_table[((crc >> 16)&0xff) ^ *p]; crc = ((u32)crc << 8) ^ crc_table[((crc >> 16)&0xff) ^ *p];
state->crc = (crc & 0x00ffffff); state->crc = (crc & 0x00ffffff);
} }

20
common/dns-cert.c
View File

@ -47,6 +47,7 @@
#endif #endif
#include "util.h" #include "util.h"
#include "host2net.h"
#include "dns-cert.h" #include "dns-cert.h"
/* Not every installation has gotten around to supporting CERTs /* Not every installation has gotten around to supporting CERTs
@ -130,7 +131,7 @@ get_dns_cert (const char *name, estream_t *r_key,
if (datalen < 5) if (datalen < 5)
continue; /* Truncated CERT record - skip. */ continue; /* Truncated CERT record - skip. */
ctype = ((data[0] << 8) | data[1]); ctype = buf16_to_uint (data);
/* (key tag and algorithm fields are not required.) */ /* (key tag and algorithm fields are not required.) */
data += 5; data += 5;
datalen -= 5; datalen -= 5;
@ -262,12 +263,13 @@ get_dns_cert (const char *name, estream_t *r_key,
if ((emsg - pt) < 15) if ((emsg - pt) < 15)
break; break;
type = *pt++ << 8; type = buf16_to_u16 (pt);
type |= *pt++; pt += 2;
class = *pt++ << 8; class = buf16_to_u16 (pt);
pt += 2;
class |= *pt++; class |= *pt++;
/* We asked for IN and got something else !? */
if (class != C_IN) if (class != C_IN)
break; break;
@ -275,8 +277,8 @@ get_dns_cert (const char *name, estream_t *r_key,
pt += 4; pt += 4;
/* data length */ /* data length */
dlen = *pt++ << 8; dlen = buf16_to_u16 (pt);
dlen |= *pt++; pt += 2;
/* We asked for CERT and got something else - might be a /* We asked for CERT and got something else - might be a
CNAME, so loop around again. */ CNAME, so loop around again. */
@ -287,8 +289,8 @@ get_dns_cert (const char *name, estream_t *r_key,
} }
/* The CERT type */ /* The CERT type */
ctype = *pt++ << 8; ctype = buf16_to_u16 (pt);
ctype |= *pt++; pt += 2;
/* Skip the CERT key tag and algo which we don't need. */ /* Skip the CERT key tag and algo which we don't need. */
pt += 3; pt += 3;

72
common/host2net.h
View File

@ -1,5 +1,5 @@
/* host2net.h - Endian conversion macros /* host2net.h - Endian conversion macros
* Copyright (C) 1998, 2014 Werner Koch * Copyright (C) 1998, 2014, 2015 Werner Koch
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -32,9 +32,6 @@
#include "types.h" #include "types.h"
#define buftoulong( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \
(*((byte*)(p)+2) << 8) | (*((byte*)(p)+3)))
#define buftoushort( p ) ((*((byte*)(p)) << 8) | (*((byte*)(p)+1)))
#define ulongtobuf( p, a ) do { \ #define ulongtobuf( p, a ) do { \
((byte*)p)[0] = a >> 24; \ ((byte*)p)[0] = a >> 24; \
((byte*)p)[1] = a >> 16; \ ((byte*)p)[1] = a >> 16; \
@ -45,8 +42,71 @@
((byte*)p)[0] = a >> 8; \ ((byte*)p)[0] = a >> 8; \
((byte*)p)[1] = a ; \ ((byte*)p)[1] = a ; \
} while(0) } while(0)
#define buftou32( p) buftoulong( (p) )
#define u32tobuf( p, a) ulongtobuf( (p), (a) )
static inline unsigned long
buf16_to_ulong (const void *buffer)
{
const unsigned char *p = buffer;
return (((unsigned long)p[0] << 8) | p[1]);
}
static inline unsigned int
buf16_to_uint (const void *buffer)
{
const unsigned char *p = buffer;
return (((unsigned int)p[0] << 8) | p[1]);
}
static inline unsigned short
buf16_to_ushort (const void *buffer)
{
const unsigned char *p = buffer;
return (((unsigned short)p[0] << 8) | p[1]);
}
static inline u16
buf16_to_u16 (const void *buffer)
{
const unsigned char *p = buffer;
return (((u16)p[0] << 8) | p[1]);
}
static inline size_t
buf32_to_size_t (const void *buffer)
{
const unsigned char *p = buffer;
return (((size_t)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
}
static inline unsigned long
buf32_to_ulong (const void *buffer)
{
const unsigned char *p = buffer;
return (((unsigned long)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
}
static inline unsigned int
buf32_to_uint (const void *buffer)
{
const unsigned char *p = buffer;
return (((unsigned int)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
}
static inline u32
buf32_to_u32 (const void *buffer)
{
const unsigned char *p = buffer;
return (((u32)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
}
#endif /*GNUPG_COMMON_HOST2NET_H*/ #endif /*GNUPG_COMMON_HOST2NET_H*/

7
common/iobuf.c
View File

@ -871,7 +871,7 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
} }
else if (c == 255) else if (c == 255)
{ {
a->size = iobuf_get (chain) << 24; a->size = (size_t)iobuf_get (chain) << 24;
a->size |= iobuf_get (chain) << 16; a->size |= iobuf_get (chain) << 16;
a->size |= iobuf_get (chain) << 8; a->size |= iobuf_get (chain) << 8;
if ((c = iobuf_get (chain)) == -1) if ((c = iobuf_get (chain)) == -1)
@ -1228,9 +1228,12 @@ iobuf_t
iobuf_temp_with_content (const char *buffer, size_t length) iobuf_temp_with_content (const char *buffer, size_t length)
{ {
iobuf_t a; iobuf_t a;
int i;
a = iobuf_alloc (3, length); a = iobuf_alloc (3, length);
memcpy (a->d.buf, buffer, length); /* memcpy (a->d.buf, buffer, length); */
for (i=0; i < length; i++)
a->d.buf[i] = buffer[i];
a->d.len = length; a->d.len = length;
return a; return a;

14
common/pka.c
View File

@ -51,6 +51,7 @@
#endif #endif
#include "util.h" #include "util.h"
#include "host2net.h"
#include "pka.h" #include "pka.h"
#ifdef USE_DNS_PKA #ifdef USE_DNS_PKA
@ -252,13 +253,14 @@ get_pka_info (const char *address, unsigned char *fpr)
if (p >= pend - 10) if (p >= pend - 10)
return NULL; /* RR too short. */ return NULL; /* RR too short. */
type = *p++ << 8; type = buf16_to_uint (p);
type |= *p++; p += 2;
class = *p++ << 8; class = buf16_to_uint (p);
class |= *p++; p += 2;
p += 4; p += 4;
txtlen = *p++ << 8; txtlen = buf16_to_uint (p);
txtlen |= *p++; p += 2;
if (type != T_TXT || class != C_IN) if (type != T_TXT || class != C_IN)
return NULL; /* Answer does not match the query. */ return NULL; /* Answer does not match the query. */

28
common/srv.c
View File

@ -48,6 +48,7 @@
#endif #endif
#include "util.h" #include "util.h"
#include "host2net.h"
#include "srv.h" #include "srv.h"
/* Not every installation has gotten around to supporting SRVs /* Not every installation has gotten around to supporting SRVs
@ -184,27 +185,28 @@ getsrv (const char *name,struct srventry **list)
if((emsg-pt)<16) if((emsg-pt)<16)
goto fail; goto fail;
type=*pt++ << 8; type = buf16_to_u16 (pt);
type|=*pt++; pt += 2;
/* We asked for SRV and got something else !? */ /* We asked for SRV and got something else !? */
if(type!=T_SRV) if(type!=T_SRV)
goto fail; goto fail;
class=*pt++ << 8; class = buf16_to_u16 (pt);
class|=*pt++; pt += 2;
/* We asked for IN and got something else !? */ /* We asked for IN and got something else !? */
if(class!=C_IN) if(class!=C_IN)
goto fail; goto fail;
pt+=4; /* ttl */ pt += 4; /* ttl */
dlen=*pt++ << 8; dlen = buf16_to_u16 (pt);
dlen|=*pt++; pt += 2;
srv->priority=*pt++ << 8;
srv->priority|=*pt++; srv->priority = buf16_to_ushort (pt);
srv->weight=*pt++ << 8; pt += 2;
srv->weight|=*pt++; srv->weight = buf16_to_ushort (pt);
srv->port=*pt++ << 8; pt += 2;
srv->port|=*pt++; srv->port = buf16_to_ushort (pt);
pt += 2;
/* Get the name. 2782 doesn't allow name compression, but /* Get the name. 2782 doesn't allow name compression, but
dn_expand still works to pull the name out of the dn_expand still works to pull the name out of the

2
common/tlv.c
View File

@ -96,7 +96,7 @@ do_find_tlv (const unsigned char *buffer, size_t length,
{ /* Two byte length follows. */ { /* Two byte length follows. */
if (n < 2) if (n < 2)
return NULL; /* We expected 2 more bytes with the length. */ return NULL; /* We expected 2 more bytes with the length. */
len = (s[0] << 8) | s[1]; len = ((size_t)s[0] << 8) | s[1];
s += 2; n -= 2; s += 2; n -= 2;
} }
else else

5
dirmngr/ldap.c
View File

@ -36,6 +36,7 @@
#include "ldapserver.h" #include "ldapserver.h"
#include "misc.h" #include "misc.h"
#include "ldap-wrapper.h" #include "ldap-wrapper.h"
#include "host2net.h"
#define UNENCODED_URL_CHARS "abcdefghijklmnopqrstuvwxyz" \ #define UNENCODED_URL_CHARS "abcdefghijklmnopqrstuvwxyz" \
@ -664,7 +665,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context,
gpg_error_t err; gpg_error_t err;
unsigned char hdr[5]; unsigned char hdr[5];
char *p, *pend; char *p, *pend;
int n; unsigned long n;
int okay = 0; int okay = 0;
/* int is_cms = 0; */ /* int is_cms = 0; */
@ -677,7 +678,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context,
err = read_buffer (context->reader, hdr, 5); err = read_buffer (context->reader, hdr, 5);
if (err) if (err)
break; break;
n = (hdr[1] << 24)|(hdr[2]<<16)|(hdr[3]<<8)|hdr[4]; n = buf32_to_ulong (hdr+1);
if (*hdr == 'V' && okay) if (*hdr == 'V' && okay)
{ {
#if 0 /* That code is not yet ready. */ #if 0 /* That code is not yet ready. */

8
g10/build-packet.c
View File

@ -32,6 +32,7 @@
#include "iobuf.h" #include "iobuf.h"
#include "i18n.h" #include "i18n.h"
#include "options.h" #include "options.h"
#include "host2net.h"
static int do_user_id( IOBUF out, int ctb, PKT_user_id *uid ); static int do_user_id( IOBUF out, int ctb, PKT_user_id *uid );
static int do_key (iobuf_t out, int ctb, PKT_public_key *pk); static int do_key (iobuf_t out, int ctb, PKT_public_key *pk);
@ -621,10 +622,7 @@ delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype )
if( n == 255 ) { if( n == 255 ) {
if( buflen < 4 ) if( buflen < 4 )
break; break;
n = (((size_t)buffer[0] << 24) n = buf32_to_size_t (buffer);
| (buffer[1] << 16)
| (buffer[2] << 8)
| buffer[3]);
buffer += 4; buffer += 4;
buflen -= 4; buflen -= 4;
} }
@ -747,7 +745,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
/* This should never happen since we don't currently allow /* This should never happen since we don't currently allow
creating such a subpacket, but just in case... */ creating such a subpacket, but just in case... */
case SIGSUBPKT_SIG_EXPIRE: case SIGSUBPKT_SIG_EXPIRE:
if(buffer_to_u32(buffer)+sig->timestamp<=make_timestamp()) if(buf32_to_u32(buffer)+sig->timestamp<=make_timestamp())
sig->flags.expired=1; sig->flags.expired=1;
else else
sig->flags.expired=0; sig->flags.expired=0;

3
g10/call-agent.c
View File

@ -41,6 +41,7 @@
#include "call-agent.h" #include "call-agent.h"
#include "status.h" #include "status.h"
#include "../common/shareddefs.h" #include "../common/shareddefs.h"
#include "host2net.h"
#ifndef DBG_ASSUAN #ifndef DBG_ASSUAN
# define DBG_ASSUAN 1 # define DBG_ASSUAN 1
@ -761,7 +762,7 @@ agent_scd_apdu (const char *hexapdu, unsigned int *r_sw)
err = gpg_error (GPG_ERR_CARD); err = gpg_error (GPG_ERR_CARD);
else else
{ {
*r_sw = (data[datalen-2] << 8) | data[datalen-1]; *r_sw = buf16_to_uint (data+datalen-2);
} }
xfree (data); xfree (data);
} }

14
g10/getkey.c
View File

@ -36,6 +36,8 @@
#include "i18n.h" #include "i18n.h"
#include "keyserver-internal.h" #include "keyserver-internal.h"
#include "call-agent.h" #include "call-agent.h"
#include "host2net.h"
#define MAX_PK_CACHE_ENTRIES PK_UID_CACHE_SIZE #define MAX_PK_CACHE_ENTRIES PK_UID_CACHE_SIZE
#define MAX_UID_CACHE_ENTRIES PK_UID_CACHE_SIZE #define MAX_UID_CACHE_ENTRIES PK_UID_CACHE_SIZE
@ -1418,8 +1420,8 @@ fixup_uidnode (KBNODE uidnode, KBNODE signode, u32 keycreated)
/* Ditto for the key expiration. */ /* Ditto for the key expiration. */
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
if (p && buffer_to_u32 (p)) if (p && buf32_to_u32 (p))
uid->help_key_expire = keycreated + buffer_to_u32 (p); uid->help_key_expire = keycreated + buf32_to_u32 (p);
else else
uid->help_key_expire = 0; uid->help_key_expire = 0;
@ -1651,9 +1653,9 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
key_usage = parse_key_usage (sig); key_usage = parse_key_usage (sig);
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
if (p && buffer_to_u32 (p)) if (p && buf32_to_u32 (p))
{ {
key_expire = keytimestamp + buffer_to_u32 (p); key_expire = keytimestamp + buf32_to_u32 (p);
key_expire_seen = 1; key_expire_seen = 1;
} }
@ -2102,8 +2104,8 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
subpk->pubkey_usage = key_usage; subpk->pubkey_usage = key_usage;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
if (p && buffer_to_u32 (p)) if (p && buf32_to_u32 (p))
key_expire = keytimestamp + buffer_to_u32 (p); key_expire = keytimestamp + buf32_to_u32 (p);
else else
key_expire = 0; key_expire = 0;
subpk->has_expired = key_expire >= curtime ? 0 : key_expire; subpk->has_expired = key_expire >= curtime ? 0 : key_expire;

9
g10/keygen.c
View File

@ -43,6 +43,8 @@
#include "call-agent.h" #include "call-agent.h"
#include "pkglue.h" #include "pkglue.h"
#include "../common/shareddefs.h" #include "../common/shareddefs.h"
#include "host2net.h"
/* The default algorithms. If you change them remember to change them /* The default algorithms. If you change them remember to change them
also in gpg.c:gpgconf_list. You should also check that the value also in gpg.c:gpgconf_list. You should also check that the value
@ -845,10 +847,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
} }
else if (buf[1] == 255) else if (buf[1] == 255)
{ {
pktlen = buf[2] << 24; pktlen = buf32_to_size_t (buf+2);
pktlen |= buf[3] << 16;
pktlen |= buf[4] << 8;
pktlen |= buf[5];
buf += 6; buf += 6;
} }
else else
@ -865,7 +864,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
break; break;
case 2: case 2:
pktlen = buf[mark++] << 24; pktlen = (size_t)buf[mark++] << 24;
pktlen |= buf[mark++] << 16; pktlen |= buf[mark++] << 16;
case 1: case 1:

29
g10/keyid.c
View File

@ -35,6 +35,8 @@
#include "keydb.h" #include "keydb.h"
#include "i18n.h" #include "i18n.h"
#include "rmd160.h" #include "rmd160.h"
#include "host2net.h"
#define KEYID_STR_SIZE 19 #define KEYID_STR_SIZE 19
@ -256,9 +258,9 @@ v3_keyid (gcry_mpi_t a, u32 *ki)
else else
{ {
p = buffer + nbytes - 8; p = buffer + nbytes - 8;
ki[0] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3]; ki[0] = buf32_to_u32 (p);
p += 4; p += 4;
ki[1] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3]; ki[1] = buf32_to_u32 (p);
} }
xfree (buffer); xfree (buffer);
return ki[1]; return ki[1];
@ -378,15 +380,8 @@ keystr_from_desc(KEYDB_SEARCH_DESC *desc)
{ {
u32 keyid[2]; u32 keyid[2];
keyid[0] = ((unsigned char)desc->u.fpr[12] << 24 keyid[0] = buf32_to_u32 (desc->u.fpr+12);
| (unsigned char)desc->u.fpr[13] << 16 keyid[1] = buf32_to_u32 (desc->u.fpr+16);
| (unsigned char)desc->u.fpr[14] << 8
| (unsigned char)desc->u.fpr[15]);
keyid[1] = ((unsigned char)desc->u.fpr[16] << 24
| (unsigned char)desc->u.fpr[17] << 16
| (unsigned char)desc->u.fpr[18] << 8
| (unsigned char)desc->u.fpr[19]);
return keystr(keyid); return keystr(keyid);
} }
@ -427,8 +422,8 @@ keyid_from_pk (PKT_public_key *pk, u32 *keyid)
if(md) if(md)
{ {
dp = gcry_md_read ( md, 0 ); dp = gcry_md_read ( md, 0 );
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; keyid[0] = buf32_to_u32 (dp+12);
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; keyid[1] = buf32_to_u32 (dp+16);
lowbits = keyid[1]; lowbits = keyid[1];
gcry_md_close (md); gcry_md_close (md);
pk->keyid[0] = keyid[0]; pk->keyid[0] = keyid[0];
@ -474,8 +469,8 @@ keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
else else
{ {
const byte *dp = fprint; const byte *dp = fprint;
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; keyid[0] = buf32_to_u32 (dp+12);
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; keyid[1] = buf32_to_u32 (dp+16);
} }
return keyid[1]; return keyid[1];
@ -691,8 +686,8 @@ fingerprint_from_pk (PKT_public_key *pk, byte *array, size_t *ret_len)
if (!array) if (!array)
array = xmalloc ( len ); array = xmalloc ( len );
memcpy (array, dp, len ); memcpy (array, dp, len );
pk->keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; pk->keyid[0] = buf32_to_u32 (dp+12);
pk->keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; pk->keyid[1] = buf32_to_u32 (dp+16);
gcry_md_close( md); gcry_md_close( md);
if (ret_len) if (ret_len)

10
g10/misc.c
View File

@ -278,16 +278,6 @@ checksum_mpi (gcry_mpi_t a)
return csum; return csum;
} }
u32
buffer_to_u32( const byte *buffer )
{
unsigned long a;
a = *buffer << 24;
a |= buffer[1] << 16;
a |= buffer[2] << 8;
a |= buffer[3];
return a;
}
void void
print_pubkey_algo_note (pubkey_algo_t algo) print_pubkey_algo_note (pubkey_algo_t algo)

37
g10/parse-packet.c
View File

@ -34,6 +34,7 @@
#include "options.h" #include "options.h"
#include "main.h" #include "main.h"
#include "i18n.h" #include "i18n.h"
#include "host2net.h"
/* Maximum length of packets to avoid excessive memory allocation. */ /* Maximum length of packets to avoid excessive memory allocation. */
@ -90,7 +91,7 @@ static unsigned short
read_16 (IOBUF inp) read_16 (IOBUF inp)
{ {
unsigned short a; unsigned short a;
a = iobuf_get_noeof (inp) << 8; a = (unsigned short)iobuf_get_noeof (inp) << 8;
a |= iobuf_get_noeof (inp); a |= iobuf_get_noeof (inp);
return a; return a;
} }
@ -100,7 +101,7 @@ static unsigned long
read_32 (IOBUF inp) read_32 (IOBUF inp)
{ {
unsigned long a; unsigned long a;
a = iobuf_get_noeof (inp) << 24; a = (unsigned long)iobuf_get_noeof (inp) << 24;
a |= iobuf_get_noeof (inp) << 16; a |= iobuf_get_noeof (inp) << 16;
a |= iobuf_get_noeof (inp) << 8; a |= iobuf_get_noeof (inp) << 8;
a |= iobuf_get_noeof (inp); a |= iobuf_get_noeof (inp);
@ -486,7 +487,7 @@ parse (IOBUF inp, PACKET * pkt, int onlykeypkts, off_t * retpos,
} }
else if (c == 255) else if (c == 255)
{ {
pktlen = (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 24; pktlen = (unsigned long)(hdr[hdrlen++] = iobuf_get_noeof (inp)) << 24;
pktlen |= (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 16; pktlen |= (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 16;
pktlen |= (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 8; pktlen |= (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 8;
if ((c = iobuf_get (inp)) == -1) if ((c = iobuf_get (inp)) == -1)
@ -1132,14 +1133,14 @@ dump_sig_subpkt (int hashed, int type, int critical,
case SIGSUBPKT_SIG_CREATED: case SIGSUBPKT_SIG_CREATED:
if (length >= 4) if (length >= 4)
es_fprintf (listfp, "sig created %s", es_fprintf (listfp, "sig created %s",
strtimestamp (buffer_to_u32 (buffer))); strtimestamp (buf32_to_u32 (buffer)));
break; break;
case SIGSUBPKT_SIG_EXPIRE: case SIGSUBPKT_SIG_EXPIRE:
if (length >= 4) if (length >= 4)
{ {
if (buffer_to_u32 (buffer)) if (buf32_to_u32 (buffer))
es_fprintf (listfp, "sig expires after %s", es_fprintf (listfp, "sig expires after %s",
strtimevalue (buffer_to_u32 (buffer))); strtimevalue (buf32_to_u32 (buffer)));
else else
es_fprintf (listfp, "sig does not expire"); es_fprintf (listfp, "sig does not expire");
} }
@ -1172,9 +1173,9 @@ dump_sig_subpkt (int hashed, int type, int critical,
case SIGSUBPKT_KEY_EXPIRE: case SIGSUBPKT_KEY_EXPIRE:
if (length >= 4) if (length >= 4)
{ {
if (buffer_to_u32 (buffer)) if (buf32_to_u32 (buffer))
es_fprintf (listfp, "key expires after %s", es_fprintf (listfp, "key expires after %s",
strtimevalue (buffer_to_u32 (buffer))); strtimevalue (buf32_to_u32 (buffer)));
else else
es_fprintf (listfp, "key does not expire"); es_fprintf (listfp, "key does not expire");
} }
@ -1198,8 +1199,8 @@ dump_sig_subpkt (int hashed, int type, int critical,
case SIGSUBPKT_ISSUER: case SIGSUBPKT_ISSUER:
if (length >= 8) if (length >= 8)
es_fprintf (listfp, "issuer key ID %08lX%08lX", es_fprintf (listfp, "issuer key ID %08lX%08lX",
(ulong) buffer_to_u32 (buffer), (ulong) buf32_to_u32 (buffer),
(ulong) buffer_to_u32 (buffer + 4)); (ulong) buf32_to_u32 (buffer + 4));
break; break;
case SIGSUBPKT_NOTATION: case SIGSUBPKT_NOTATION:
{ {
@ -1461,8 +1462,7 @@ enum_sig_subpkt (const subpktarea_t * pktbuf, sigsubpkttype_t reqtype,
{ {
if (buflen < 4) if (buflen < 4)
goto too_short; goto too_short;
n = (buffer[0] << 24) | (buffer[1] << 16) n = buf32_to_size_t (buffer);
| (buffer[2] << 8) | buffer[3];
buffer += 4; buffer += 4;
buflen -= 4; buflen -= 4;
} }
@ -1735,7 +1735,7 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_CREATED, NULL); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_CREATED, NULL);
if (p) if (p)
sig->timestamp = buffer_to_u32 (p); sig->timestamp = buf32_to_u32 (p);
else if (!(sig->pubkey_algo >= 100 && sig->pubkey_algo <= 110) else if (!(sig->pubkey_algo >= 100 && sig->pubkey_algo <= 110)
&& opt.verbose) && opt.verbose)
log_info ("signature packet without timestamp\n"); log_info ("signature packet without timestamp\n");
@ -1743,16 +1743,16 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
p = parse_sig_subpkt2 (sig, SIGSUBPKT_ISSUER, NULL); p = parse_sig_subpkt2 (sig, SIGSUBPKT_ISSUER, NULL);
if (p) if (p)
{ {
sig->keyid[0] = buffer_to_u32 (p); sig->keyid[0] = buf32_to_u32 (p);
sig->keyid[1] = buffer_to_u32 (p + 4); sig->keyid[1] = buf32_to_u32 (p + 4);
} }
else if (!(sig->pubkey_algo >= 100 && sig->pubkey_algo <= 110) else if (!(sig->pubkey_algo >= 100 && sig->pubkey_algo <= 110)
&& opt.verbose) && opt.verbose)
log_info ("signature packet without keyid\n"); log_info ("signature packet without keyid\n");
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL);
if (p && buffer_to_u32 (p)) if (p && buf32_to_u32 (p))
sig->expiredate = sig->timestamp + buffer_to_u32 (p); sig->expiredate = sig->timestamp + buf32_to_u32 (p);
if (sig->expiredate && sig->expiredate <= make_timestamp ()) if (sig->expiredate && sig->expiredate <= make_timestamp ())
sig->flags.expired = 1; sig->flags.expired = 1;
@ -2365,8 +2365,7 @@ parse_attribute_subpkts (PKT_user_id * uid)
{ {
if (buflen < 4) if (buflen < 4)
goto too_short; goto too_short;
n = (buffer[0] << 24) | (buffer[1] << 16) n = buf32_to_size_t (buffer);
| (buffer[2] << 8) | buffer[3];
buffer += 4; buffer += 4;
buflen -= 4; buflen -= 4;
} }

4
g10/pubkey-enc.c
View File

@ -35,6 +35,7 @@
#include "i18n.h" #include "i18n.h"
#include "pkglue.h" #include "pkglue.h"
#include "call-agent.h" #include "call-agent.h"
#include "host2net.h"
static gpg_error_t get_it (PKT_pubkey_enc *k, static gpg_error_t get_it (PKT_pubkey_enc *k,
@ -321,8 +322,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
} }
/* Copy the key to DEK and compare the checksum. */ /* Copy the key to DEK and compare the checksum. */
csum = frame[nframe - 2] << 8; csum = buf16_to_u16 (frame+nframe-2);
csum |= frame[nframe - 1];
memcpy (dek->key, frame + n, dek->keylen); memcpy (dek->key, frame + n, dek->keylen);
for (csum2 = 0, n = 0; n < dek->keylen; n++) for (csum2 = 0, n = 0; n < dek->keylen; n++)
csum2 += dek->key[n]; csum2 += dek->key[n];

2
g10/seckey-cert.c
View File

@ -115,7 +115,7 @@ xxxx_do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
ndata = (ndatabits+7)/8; ndata = (ndatabits+7)/8;
if ( ndata > 1 ) if ( ndata > 1 )
csumc = p[ndata-2] << 8 | p[ndata-1]; csumc = buf16_to_u16 (p+ndata-2);
data = xmalloc_secure ( ndata ); data = xmalloc_secure ( ndata );
gcry_cipher_decrypt ( cipher_hd, data, ndata, p, ndata ); gcry_cipher_decrypt ( cipher_hd, data, ndata, p, ndata );
gcry_mpi_release (sk->skey[i]); sk->skey[i] = NULL ; gcry_mpi_release (sk->skey[i]); sk->skey[i] = NULL ;

20
g10/tdbio.c
View File

@ -1257,13 +1257,13 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
rec->r.ver.trust_model = *p++; rec->r.ver.trust_model = *p++;
rec->r.ver.min_cert_level = *p++; rec->r.ver.min_cert_level = *p++;
p += 2; p += 2;
rec->r.ver.created = buftoulong(p); p += 4; rec->r.ver.created = buf32_to_ulong(p); p += 4;
rec->r.ver.nextcheck = buftoulong(p); p += 4; rec->r.ver.nextcheck = buf32_to_ulong(p); p += 4;
p += 4; p += 4;
p += 4; p += 4;
rec->r.ver.firstfree =buftoulong(p); p += 4; rec->r.ver.firstfree =buf32_to_ulong(p); p += 4;
p += 4; p += 4;
rec->r.ver.trusthashtbl =buftoulong(p); p += 4; rec->r.ver.trusthashtbl =buf32_to_ulong(p); p += 4;
if( recnum ) { if( recnum ) {
log_error( _("%s: version record with recnum %lu\n"), db_name, log_error( _("%s: version record with recnum %lu\n"), db_name,
(ulong)recnum ); (ulong)recnum );
@ -1276,17 +1276,17 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
} }
break; break;
case RECTYPE_FREE: case RECTYPE_FREE:
rec->r.free.next = buftoulong(p); p += 4; rec->r.free.next = buf32_to_ulong(p); p += 4;
break; break;
case RECTYPE_HTBL: case RECTYPE_HTBL:
for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) { for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
rec->r.htbl.item[i] = buftoulong(p); p += 4; rec->r.htbl.item[i] = buf32_to_ulong(p); p += 4;
} }
break; break;
case RECTYPE_HLST: case RECTYPE_HLST:
rec->r.hlst.next = buftoulong(p); p += 4; rec->r.hlst.next = buf32_to_ulong(p); p += 4;
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) { for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
rec->r.hlst.rnum[i] = buftoulong(p); p += 4; rec->r.hlst.rnum[i] = buf32_to_ulong(p); p += 4;
} }
break; break;
case RECTYPE_TRUST: case RECTYPE_TRUST:
@ -1295,12 +1295,12 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
rec->r.trust.depth = *p++; rec->r.trust.depth = *p++;
rec->r.trust.min_ownertrust = *p++; rec->r.trust.min_ownertrust = *p++;
p++; p++;
rec->r.trust.validlist = buftoulong(p); p += 4; rec->r.trust.validlist = buf32_to_ulong(p); p += 4;
break; break;
case RECTYPE_VALID: case RECTYPE_VALID:
memcpy( rec->r.valid.namehash, p, 20); p+=20; memcpy( rec->r.valid.namehash, p, 20); p+=20;
rec->r.valid.validity = *p++; rec->r.valid.validity = *p++;
rec->r.valid.next = buftoulong(p); p += 4; rec->r.valid.next = buf32_to_ulong(p); p += 4;
rec->r.valid.full_count = *p++; rec->r.valid.full_count = *p++;
rec->r.valid.marginal_count = *p++; rec->r.valid.marginal_count = *p++;
break; break;

3
g10/trust.c
View File

@ -33,6 +33,7 @@
#include "main.h" #include "main.h"
#include "i18n.h" #include "i18n.h"
#include "trustdb.h" #include "trustdb.h"
#include "host2net.h"
/* Return true if key is disabled. Note that this is usually used via /* Return true if key is disabled. Note that this is usually used via
@ -536,7 +537,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
u32 expire; u32 expire;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL ); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
expire = p? sig->timestamp + buffer_to_u32(p) : 0; expire = p? sig->timestamp + buf32_to_u32(p) : 0;
if (expire==0 || expire > curtime ) if (expire==0 || expire > curtime )
{ {

7
g13/mount.c
View File

@ -37,6 +37,7 @@
#include "call-gpg.h" #include "call-gpg.h"
#include "mountinfo.h" #include "mountinfo.h"
#include "runner.h" #include "runner.h"
#include "host2net.h"
/* Parse the header prefix and return the length of the entire header. */ /* Parse the header prefix and return the length of the entire header. */
@ -50,8 +51,7 @@ parse_header (const char *filename,
if (packetlen != 32) if (packetlen != 32)
return gpg_error (GPG_ERR_BUG); return gpg_error (GPG_ERR_BUG);
len = ((packet[2] << 24) | (packet[3] << 16) len = buf32_to_uint (packet+2);
| (packet[4] << 8) | packet[5]);
if (packet[0] != (0xc0|61) || len < 26 if (packet[0] != (0xc0|61) || len < 26
|| memcmp (packet+6, "GnuPG/G13", 10)) || memcmp (packet+6, "GnuPG/G13", 10))
{ {
@ -76,8 +76,7 @@ parse_header (const char *filename,
return gpg_error (GPG_ERR_NOT_IMPLEMENTED); return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
} }
len = ((packet[20] << 24) | (packet[21] << 16) len = buf32_to_uint (packet+20);
| (packet[22] << 8) | packet[23]);
/* Do a basic sanity check on the length. */ /* Do a basic sanity check on the length. */
if (len < 32 || len > 1024*1024) if (len < 32 || len > 1024*1024)

22
kbx/keybox-dump.c
View File

@ -25,30 +25,14 @@
#include "keybox-defs.h" #include "keybox-defs.h"
#include <gcrypt.h> #include <gcrypt.h>
#include "host2net.h"
/* Argg, we can't include ../common/util.h */ /* Argg, we can't include ../common/util.h */
char *bin2hexcolon (const void *buffer, size_t length, char *stringbuf); char *bin2hexcolon (const void *buffer, size_t length, char *stringbuf);
#define get32(a) buf32_to_ulong ((a))
#define get16(a) buf16_to_ulong ((a))
static ulong
get32 (const byte *buffer)
{
ulong a;
a = *buffer << 24;
a |= buffer[1] << 16;
a |= buffer[2] << 8;
a |= buffer[3];
return a;
}
static ulong
get16 (const byte *buffer)
{
ulong a;
a = *buffer << 8;
a |= buffer[1];
return a;
}
void void
print_string (FILE *fp, const byte *p, size_t n, int delim) print_string (FILE *fp, const byte *p, size_t n, int delim)

8
kbx/keybox-openpgp.c
View File

@ -36,7 +36,7 @@
#include <gcrypt.h> #include <gcrypt.h>
#include "../common/openpgpdefs.h" #include "../common/openpgpdefs.h"
#include "host2net.h"
/* Assume a valid OpenPGP packet at the address pointed to by BUFBTR /* Assume a valid OpenPGP packet at the address pointed to by BUFBTR
which has a maximum length as stored at BUFLEN. Return the header which has a maximum length as stored at BUFLEN. Return the header
@ -94,10 +94,8 @@ next_packet (unsigned char const **bufptr, size_t *buflen,
{ {
if (len <4 ) if (len <4 )
return gpg_error (GPG_ERR_INV_PACKET); /* No length bytes. */ return gpg_error (GPG_ERR_INV_PACKET); /* No length bytes. */
pktlen = (*buf++) << 24; pktlen = buf32_to_ulong (buf);
pktlen |= (*buf++) << 16; buf += 4;
pktlen |= (*buf++) << 8;
pktlen |= (*buf++);
len -= 4; len -= 4;
} }
else /* Partial length encoding is not allowed for key packets. */ else /* Partial length encoding is not allowed for key packets. */

25
kbx/keybox-search.c
View File

@ -29,7 +29,7 @@
#include "keybox-defs.h" #include "keybox-defs.h"
#include <gcrypt.h> #include <gcrypt.h>
#include "host2net.h"
#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ #define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
*(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
@ -42,27 +42,8 @@ struct sn_array_s {
}; };
#define get32(a) buf32_to_ulong ((a))
static inline ulong #define get16(a) buf16_to_ulong ((a))
get32 (const byte *buffer)
{
ulong a;
a = *buffer << 24;
a |= buffer[1] << 16;
a |= buffer[2] << 8;
a |= buffer[3];
return a;
}
static inline ulong
get16 (const byte *buffer)
{
ulong a;
a = *buffer << 8;
a |= buffer[1];
return a;
}
static inline unsigned int static inline unsigned int

9
kbx/keybox-update.c
View File

@ -28,6 +28,7 @@
#include "keybox-defs.h" #include "keybox-defs.h"
#include "../common/sysutils.h" #include "../common/sysutils.h"
#include "../common/host2net.h"
#define EXTSEP_S "." #define EXTSEP_S "."
@ -734,8 +735,7 @@ keybox_compress (KEYBOX_HANDLE hd)
buffer = _keybox_get_blob_image (blob, &length); buffer = _keybox_get_blob_image (blob, &length);
if (length > 4 && buffer[4] == KEYBOX_BLOBTYPE_HEADER) if (length > 4 && buffer[4] == KEYBOX_BLOBTYPE_HEADER)
{ {
u32 last_maint = ((buffer[20] << 24) | (buffer[20+1] << 16) u32 last_maint = buf32_to_u32 (buffer+20);
| (buffer[20+2] << 8) | (buffer[20+3]));
if ( (last_maint + 3*3600) > time (NULL) ) if ( (last_maint + 3*3600) > time (NULL) )
{ {
@ -811,7 +811,7 @@ keybox_compress (KEYBOX_HANDLE hd)
rc = gpg_error (GPG_ERR_BUG); rc = gpg_error (GPG_ERR_BUG);
break; break;
} }
blobflags = ((buffer[pos] << 8) | (buffer[pos+1])); blobflags = buf16_to_uint (buffer+pos);
if ((blobflags & KEYBOX_FLAG_BLOB_EPHEMERAL)) if ((blobflags & KEYBOX_FLAG_BLOB_EPHEMERAL))
{ {
/* This is an ephemeral blob. */ /* This is an ephemeral blob. */
@ -820,8 +820,7 @@ keybox_compress (KEYBOX_HANDLE hd)
|| size != 4) || size != 4)
created_at = 0; /* oops. */ created_at = 0; /* oops. */
else else
created_at = ((buffer[pos] << 24) | (buffer[pos+1] << 16) created_at = buf32_to_u32 (buffer+pos);
| (buffer[pos+2] << 8) | (buffer[pos+3]));
if (created_at && created_at < cut_time) if (created_at && created_at < cut_time)
{ {

40
scd/apdu.c
View File

@ -59,6 +59,7 @@
#include "scdaemon.h" #include "scdaemon.h"
#include "exechelp.h" #include "exechelp.h"
#endif /* GNUPG_MAJOR_VERSION != 1 */ #endif /* GNUPG_MAJOR_VERSION != 1 */
#include "host2net.h"
#include "iso7816.h" #include "iso7816.h"
#include "apdu.h" #include "apdu.h"
@ -1047,15 +1048,14 @@ pcsc_get_status_wrapped (int slot, unsigned int *status)
i? strerror (errno) : "premature EOF"); i? strerror (errno) : "premature EOF");
goto command_failed; goto command_failed;
} }
len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; len = buf_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4) if (msgbuf[0] != 0x81 || len < 4)
{ {
log_error ("invalid response header from PC/SC received\n"); log_error ("invalid response header from PC/SC received\n");
goto command_failed; goto command_failed;
} }
len -= 4; /* Already read the error code. */ len -= 4; /* Already read the error code. */
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
| (msgbuf[7] << 8 ) | msgbuf[8]);
if (err) if (err)
{ {
log_error ("pcsc_status failed: %s (0x%lx)\n", log_error ("pcsc_status failed: %s (0x%lx)\n",
@ -1218,15 +1218,14 @@ pcsc_send_apdu_wrapped (int slot, unsigned char *apdu, size_t apdulen,
i? strerror (errno) : "premature EOF"); i? strerror (errno) : "premature EOF");
goto command_failed; goto command_failed;
} }
len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; len = buf_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4) if (msgbuf[0] != 0x81 || len < 4)
{ {
log_error ("invalid response header from PC/SC received\n"); log_error ("invalid response header from PC/SC received\n");
goto command_failed; goto command_failed;
} }
len -= 4; /* Already read the error code. */ len -= 4; /* Already read the error code. */
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
| (msgbuf[7] << 8 ) | msgbuf[8]);
if (err) if (err)
{ {
log_error ("pcsc_transmit failed: %s (0x%lx)\n", log_error ("pcsc_transmit failed: %s (0x%lx)\n",
@ -1359,15 +1358,14 @@ control_pcsc_wrapped (int slot, pcsc_dword_t ioctl_code,
i? strerror (errno) : "premature EOF"); i? strerror (errno) : "premature EOF");
goto command_failed; goto command_failed;
} }
len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4) if (msgbuf[0] != 0x81 || len < 4)
{ {
log_error ("invalid response header from PC/SC received\n"); log_error ("invalid response header from PC/SC received\n");
goto command_failed; goto command_failed;
} }
len -= 4; /* Already read the error code. */ len -= 4; /* Already read the error code. */
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
| (msgbuf[7] << 8 ) | msgbuf[8]);
if (err) if (err)
{ {
log_error ("pcsc_control failed: %s (0x%lx)\n", log_error ("pcsc_control failed: %s (0x%lx)\n",
@ -1497,15 +1495,14 @@ close_pcsc_reader_wrapped (int slot)
i? strerror (errno) : "premature EOF"); i? strerror (errno) : "premature EOF");
goto command_failed; goto command_failed;
} }
len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4) if (msgbuf[0] != 0x81 || len < 4)
{ {
log_error ("invalid response header from PC/SC received\n"); log_error ("invalid response header from PC/SC received\n");
goto command_failed; goto command_failed;
} }
len -= 4; /* Already read the error code. */ len -= 4; /* Already read the error code. */
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
| (msgbuf[7] << 8 ) | msgbuf[8]);
if (err) if (err)
log_error ("pcsc_close failed: %s (0x%lx)\n", log_error ("pcsc_close failed: %s (0x%lx)\n",
pcsc_error_string (err), err); pcsc_error_string (err), err);
@ -1687,7 +1684,7 @@ reset_pcsc_reader_wrapped (int slot)
i? strerror (errno) : "premature EOF"); i? strerror (errno) : "premature EOF");
goto command_failed; goto command_failed;
} }
len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4) if (msgbuf[0] != 0x81 || len < 4)
{ {
log_error ("invalid response header from PC/SC received\n"); log_error ("invalid response header from PC/SC received\n");
@ -1701,8 +1698,7 @@ reset_pcsc_reader_wrapped (int slot)
sw = SW_HOST_GENERAL_ERROR; sw = SW_HOST_GENERAL_ERROR;
goto command_failed; goto command_failed;
} }
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
| (msgbuf[7] << 8 ) | msgbuf[8]);
if (err) if (err)
{ {
log_error ("PC/SC RESET failed: %s (0x%lx)\n", log_error ("PC/SC RESET failed: %s (0x%lx)\n",
@ -1794,9 +1790,9 @@ pcsc_vendor_specific_init (int slot)
if (l == 1) if (l == 1)
v = p[0]; v = p[0];
else if (l == 2) else if (l == 2)
v = ((p[0] << 8) | p[1]); v = buf16_to_uint (p);
else if (l == 4) else if (l == 4)
v = ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); v = buf32_to_uint (p);
if (code == FEATURE_VERIFY_PIN_DIRECT) if (code == FEATURE_VERIFY_PIN_DIRECT)
reader_table[slot].pcsc.verify_ioctl = v; reader_table[slot].pcsc.verify_ioctl = v;
@ -1855,9 +1851,9 @@ pcsc_vendor_specific_init (int slot)
if (l == 1) if (l == 1)
v = p[0]; v = p[0];
else if (l == 2) else if (l == 2)
v = ((p[1] << 8) | p[0]); v = buf16_to_uint (p);
else if (l == 4) else if (l == 4)
v = ((p[3] << 24) | (p[2] << 16) | (p[1] << 8) | p[0]); v = buf32_to_uint (p);
if (tag == PCSCv2_PART10_PROPERTY_bMinPINSize) if (tag == PCSCv2_PART10_PROPERTY_bMinPINSize)
reader_table[slot].pcsc.pinmin = v; reader_table[slot].pcsc.pinmin = v;
@ -2151,7 +2147,7 @@ open_pcsc_reader_wrapped (const char *portstr)
i? strerror (errno) : "premature EOF"); i? strerror (errno) : "premature EOF");
goto command_failed; goto command_failed;
} }
len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4) if (msgbuf[0] != 0x81 || len < 4)
{ {
log_error ("invalid response header from PC/SC received\n"); log_error ("invalid response header from PC/SC received\n");
@ -2164,9 +2160,7 @@ open_pcsc_reader_wrapped (const char *portstr)
(unsigned long)len); (unsigned long)len);
goto command_failed; goto command_failed;
} }
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
| (msgbuf[7] << 8 ) | msgbuf[8]);
if (err) if (err)
{ {
log_error ("PC/SC OPEN failed: %s\n", pcsc_error_string (err)); log_error ("PC/SC OPEN failed: %s\n", pcsc_error_string (err));

3
scd/app-nks.c
View File

@ -56,6 +56,7 @@
#include "app-common.h" #include "app-common.h"
#include "tlv.h" #include "tlv.h"
#include "apdu.h" #include "apdu.h"
#include "host2net.h"
static char const aid_nks[] = { 0xD2, 0x76, 0x00, 0x00, 0x03, 0x01, 0x02 }; static char const aid_nks[] = { 0xD2, 0x76, 0x00, 0x00, 0x03, 0x01, 0x02 };
static char const aid_sigg[] = { 0xD2, 0x76, 0x00, 0x00, 0x66, 0x01 }; static char const aid_sigg[] = { 0xD2, 0x76, 0x00, 0x00, 0x66, 0x01 };
@ -278,7 +279,7 @@ get_chv_status (app_t app, int sigg, int pwid)
rc = -1; /* Error. */ rc = -1; /* Error. */
else else
{ {
unsigned int sw = ((result[resultlen-2] << 8) | result[resultlen-1]); unsigned int sw = buf16_to_uint (result+resultlen-2);
if (sw == 0x6a88) if (sw == 0x6a88)
rc = -2; /* No such PIN. */ rc = -2; /* No such PIN. */

3
scd/app-openpgp.c
View File

@ -67,6 +67,7 @@
#include "iso7816.h" #include "iso7816.h"
#include "app-common.h" #include "app-common.h"
#include "tlv.h" #include "tlv.h"
#include "host2net.h"
/* A table describing the DOs of the card. */ /* A table describing the DOs of the card. */
@ -876,7 +877,7 @@ send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword,
char numbuf1[50], numbuf2[50]; char numbuf1[50], numbuf2[50];
unsigned long value; unsigned long value;
value = (stamp[0] << 24) | (stamp[1]<<16) | (stamp[2]<<8) | stamp[3]; value = buf32_to_ulong (stamp);
if (!value) if (!value)
return; return;
sprintf (numbuf1, "%d", number); sprintf (numbuf1, "%d", number);

2
scd/ccid-driver.c
View File

@ -290,7 +290,7 @@ static int send_escape_cmd (ccid_driver_t handle, const unsigned char *data,
static unsigned int static unsigned int
convert_le_u32 (const unsigned char *buf) convert_le_u32 (const unsigned char *buf)
{ {
return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24);
} }

13
sm/fingerprint.c
View File

@ -31,6 +31,9 @@
#include <gcrypt.h> #include <gcrypt.h>
#include <ksba.h> #include <ksba.h>
#include "host2net.h"
/* Return the fingerprint of the certificate (we can't put this into /* Return the fingerprint of the certificate (we can't put this into
libksba because we need libgcrypt support). The caller must libksba because we need libgcrypt support). The caller must
provide an array of sufficient length or NULL so that the function provide an array of sufficient length or NULL so that the function
@ -149,14 +152,8 @@ gpgsm_get_short_fingerprint (ksba_cert_t cert, unsigned long *r_high)
gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL); gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL);
if (r_high) if (r_high)
*r_high = (((unsigned long)digest[12]<<24) *r_high = buf32_to_ulong (digest+12);
|(digest[13]<<16) return buf32_to_ulong (digest + 16);
|(digest[14]<< 8)
|digest[15]);
return (((unsigned long)digest[16]<<24)
|(digest[17]<<16)
|(digest[18]<<8)
|digest[19]);
} }

2
tools/ccidmon.c
View File

@ -145,7 +145,7 @@ err (const char *format, ...)
static unsigned int static unsigned int
convert_le_u32 (const unsigned char *buf) convert_le_u32 (const unsigned char *buf)
{ {
return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24);
} }