1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Make really sure that --verify-files always returns an error.

* g10/verify.c (verify_files): Track the first error code.
--

It seems to be possible to play tricks with packet structures so that
log_error is not used for a bad input data.  By actually checking the
return code and let the main driver in gpg call log_error, we can fix
this case.

Note that using gpg --verify-files and relying solely on gpg's return
code is at best a questionable strategy.  It is for example impossible
to tell which data has been signed.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 5681b8eaa44005afdd30211b47e5fb1a799583dd)
This commit is contained in:
Werner Koch 2020-02-10 15:32:55 +01:00
parent 47f514fde6
commit 49151255f3
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -191,7 +191,8 @@ verify_one_file (ctrl_t ctrl, const char *name )
int
verify_files (ctrl_t ctrl, int nfiles, char **files )
{
int i;
int i, rc;
int first_rc = 0;
if( !nfiles ) { /* read the filenames from stdin */
char line[2048];
@ -203,19 +204,26 @@ verify_files (ctrl_t ctrl, int nfiles, char **files )
log_error(_("input line %u too long or missing LF\n"), lno );
return GPG_ERR_GENERAL;
}
/* This code does not work on MSDOS but how cares there are
/* This code does not work on MSDOS but hwo cares there are
* also no script languages available. We don't strip any
* spaces, so that we can process nearly all filenames */
line[strlen(line)-1] = 0;
verify_one_file (ctrl, line );
rc = verify_one_file (ctrl, line);
if (!first_rc)
first_rc = rc;
}
}
else { /* take filenames from the array */
for(i=0; i < nfiles; i++ )
verify_one_file (ctrl, files[i] );
{
rc = verify_one_file (ctrl, files[i]);
if (!first_rc)
first_rc = rc;
}
}
return 0;
return first_rc;
}