security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Code Activity

Make sure that only ascii is passed to isfoo functions.

Browse Source
This commit is contained in:
Werner Koch 2003-06-07 20:06:32 +00:00
parent a72b1e0a57
commit 6a00a17bd1
15 changed files with 66 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
THANKS
View File

@ -66,13 +66,14 @@ Frank Tobin ftobin@uiuc.edu
Gabriel Rosenkoetter gr@eclipsed.net Gabriel Rosenkoetter gr@eclipsed.net
Gaël Quéri gael@lautre.net Gaël Quéri gael@lautre.net
Gene Carter gcarter@lanier.com Gene Carter gcarter@lanier.com
Geoff Keating geoffk@ozemail.com.au
Georg Schwarz georg.schwarz@iname.com Georg Schwarz georg.schwarz@iname.com
Giampaolo Tomassoni g.tomassoni@libero.it Giampaolo Tomassoni g.tomassoni@libero.it
Gilbert Fernandes gilbert_fernandes@hotmail.com Gilbert Fernandes gilbert_fernandes@hotmail.com
Greg Louis glouis@dynamicro.on.ca Greg Louis glouis@dynamicro.on.ca
Greg Troxel gdt@ir.bbn.com Greg Troxel gdt@ir.bbn.com
Gregory Steuck steuck@iname.com Gregory Steuck steuck@iname.com
Geoff Keating geoffk@ozemail.com.au Gregery Barton gregery20@yahoo.com.au
Harald Denker harry@hal.westfalen.de Harald Denker harry@hal.westfalen.de
Holger Baust Holger.Baust@freenet-ag.de Holger Baust Holger.Baust@freenet-ag.de
Hendrik Buschkamp buschkamp@rheumanet.org Hendrik Buschkamp buschkamp@rheumanet.org

13
g10/ChangeLog
View File

@ -1,3 +1,16 @@
2003-06-07 Werner Koch <wk@gnupg.org>
* g10.c (add_notation_data): Make sure that only ascii is passed
to iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (keygen_set_std_prefs): Likewise. Also for isdigit.
(ask_user_id): Ditto.
(get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-06-04 David Shaw <dshaw@jabberwocky.com> 2003-06-04 David Shaw <dshaw@jabberwocky.com>
* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver * options.skel: Use new hkp://subkeys.pgp.net as sample keyserver

6
g10/g10.c
View File

@ -2876,13 +2876,13 @@ add_notation_data( const char *string, int which )
/* we only support printable text - therefore we enforce the use /* we only support printable text - therefore we enforce the use
* of only printable characters (an empty value is valid) */ * of only printable characters (an empty value is valid) */
for( s++; *s ; s++ ) { for( s++; *s ; s++ ) {
if( iscntrl(*s) ) { if ((*s & 0x80))
highbit = 1;
else if (iscntrl(*s)) {
log_error(_("a notation value must not use " log_error(_("a notation value must not use "
"any control characters\n") ); "any control characters\n") );
return; return;
} }
else if( *s & 0x80 )
highbit = 1;
} }
if( highbit ) /* must use UTF8 encoding */ if( highbit ) /* must use UTF8 encoding */

4
g10/getkey.c
View File

@ -569,7 +569,7 @@ classify_user_id2( const char *name,
memset (desc, 0, sizeof *desc); memset (desc, 0, sizeof *desc);
*force_exact = 0; *force_exact = 0;
/* skip leading spaces. Fixme: what is with trailing spaces? */ /* skip leading spaces. Fixme: what is with trailing spaces? */
for(s = name; *s && isspace(*s); s++ ) for(s = name; *s && spacep (s); s++ )
; ;
switch (*s) { switch (*s) {
@ -650,7 +650,7 @@ classify_user_id2( const char *name,
} }
/* check if a hexadecimal number is terminated by EOS or blank */ /* check if a hexadecimal number is terminated by EOS or blank */
if (hexlength && s[hexlength] && !isspace(s[hexlength])) { if (hexlength && s[hexlength] && !spacep(s+hexlength)) {
if (hexprefix) /* a "0x" prefix without correct */ if (hexprefix) /* a "0x" prefix without correct */
return 0; /* termination is an error */ return 0; /* termination is an error */
else /* The first chars looked like */ else /* The first chars looked like */

2
g10/keyedit.c
View File

@ -1100,7 +1100,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
cmd = cmdLIST; cmd = cmdLIST;
else if( *answer == CONTROL_D ) else if( *answer == CONTROL_D )
cmd = cmdQUIT; cmd = cmdQUIT;
else if( isdigit( *answer ) ) { else if( digitp(answer ) ) {
cmd = cmdSELUID; cmd = cmdSELUID;
arg_number = atoi(answer); arg_number = atoi(answer);
} }

16
g10/keygen.c
View File

@ -244,17 +244,17 @@ keygen_set_std_prefs (const char *string,int personal)
string = ""; string = "";
for (s=string; *s; s = s2) { for (s=string; *s; s = s2) {
if ((*s=='s' || *s == 'S') && isdigit(s[1]) ) { if ((*s=='s' || *s == 'S') && digitp (s+1) ) {
val = strtoul (++s, (char**)&s2, 10); val = strtoul (++s, (char**)&s2, 10);
if (set_one_pref (val, 'S', check_cipher_algo, sym, &nsym)) if (set_one_pref (val, 'S', check_cipher_algo, sym, &nsym))
rc = -1; rc = -1;
} }
else if ((*s=='h' || *s == 'H') && isdigit(s[1]) ) { else if ((*s=='h' || *s == 'H') && digitp (s+1) ) {
val = strtoul (++s, (char**)&s2, 10); val = strtoul (++s, (char**)&s2, 10);
if (set_one_pref (val, 'H', check_digest_algo, hash, &nhash)) if (set_one_pref (val, 'H', check_digest_algo, hash, &nhash))
rc = -1; rc = -1;
} }
else if ((*s=='z' || *s == 'Z') && isdigit(s[1]) ) { else if ((*s=='z' || *s == 'Z') && digitp (s+1) ) {
val = strtoul (++s, (char**)&s2, 10); val = strtoul (++s, (char**)&s2, 10);
if (set_one_pref (val, 'Z', check_compress_algo, zip, &nzip)) if (set_one_pref (val, 'Z', check_compress_algo, zip, &nzip))
rc = -1; rc = -1;
@ -267,7 +267,7 @@ keygen_set_std_prefs (const char *string,int personal)
mdc=0; mdc=0;
s2=s+6; s2=s+6;
} }
else if (isspace (*s)) else if (spacep (s))
s2 = s+1; s2 = s+1;
else { else {
log_info (_("invalid character in preference string\n")); log_info (_("invalid character in preference string\n"));
@ -915,10 +915,10 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
static int static int
check_valid_days( const char *s ) check_valid_days( const char *s )
{ {
if( !isdigit(*s) ) if( !digitp(s) )
return 0; return 0;
for( s++; *s; s++) for( s++; *s; s++)
if( !isdigit(*s) ) if( !digitp(s) )
break; break;
if( !*s ) if( !*s )
return 1; return 1;
@ -1252,7 +1252,7 @@ ask_user_id( int mode )
if( strpbrk( aname, "<>" ) ) if( strpbrk( aname, "<>" ) )
tty_printf(_("Invalid character in name\n")); tty_printf(_("Invalid character in name\n"));
else if( isdigit(*aname) ) else if( digitp(aname) )
tty_printf(_("Name may not start with a digit\n")); tty_printf(_("Name may not start with a digit\n"));
else if( strlen(aname) < 5 ) else if( strlen(aname) < 5 )
tty_printf(_("Name must be at least 5 characters long\n")); tty_printf(_("Name must be at least 5 characters long\n"));
@ -1522,7 +1522,7 @@ get_parameter_algo( struct para_data_s *para, enum para_name key )
struct para_data_s *r = get_parameter( para, key ); struct para_data_s *r = get_parameter( para, key );
if( !r ) if( !r )
return -1; return -1;
if( isdigit( *r->u.value ) ) if( digitp( r->u.value ) )
i = atoi( r->u.value ); i = atoi( r->u.value );
else else
i = string_to_pubkey_algo( r->u.value ); i = string_to_pubkey_algo( r->u.value );

4
g10/keyserver.c
View File

@ -189,7 +189,7 @@ parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
ch=opt.keyserver_port; ch=opt.keyserver_port;
while(*ch!='\0') while(*ch!='\0')
{ {
if(!isdigit(*ch)) if(!digitp(ch))
return G10ERR_BAD_URI; return G10ERR_BAD_URI;
ch++; ch++;
@ -569,7 +569,7 @@ keyserver_spawn(int action,STRLIST list,
/* remove trailing whitespace */ /* remove trailing whitespace */
plen=strlen(ptr); plen=strlen(ptr);
while(plen>0 && isspace(ptr[plen-1])) while(plen>0 && spacep(ptr+plen-1))
plen--; plen--;
plen[ptr]='\0'; plen[ptr]='\0';

2
g10/revoke.c
View File

@ -636,7 +636,7 @@ ask_revocation_reason( int key_rev, int cert_rev, int hint )
return NULL; /* cancel */ return NULL; /* cancel */
if( hint && !*answer ) if( hint && !*answer )
n = hint; n = hint;
else if(!isdigit( *answer ) ) else if(!digitp( answer ) )
n = -1; n = -1;
else else
n = atoi(answer); n = atoi(answer);

2
g10/tdbdump.c
View File

@ -153,7 +153,7 @@ import_ownertrust( const char *fname )
break; /* can't continue */ break; /* can't continue */
} }
for(p = line; *p && *p != ':' ; p++ ) for(p = line; *p && *p != ':' ; p++ )
if( !isxdigit(*p) ) if( !hexdigitp(p) )
break; break;
if( *p != ':' ) { if( *p != ':' ) {
log_error_f(fname, _("error: missing colon\n") ); log_error_f(fname, _("error: missing colon\n") );

4
include/ChangeLog
View File

@ -1,3 +1,7 @@
2003-06-07 Werner Koch <wk@gnupg.org>
* util.h (hexdigitp,spacep,digitp): New.
2003-05-21 David Shaw <dshaw@jabberwocky.com> 2003-05-21 David Shaw <dshaw@jabberwocky.com>
* cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h: * cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h:

7
include/util.h
View File

@ -260,6 +260,13 @@ int vasprintf ( char **result, const char *format, va_list args);
#define wipememory2(_ptr,_set,_len) do { volatile char *_vptr=(volatile char *)(_ptr); size_t _vlen=(_len); while(_vlen) { *_vptr=(_set); _vptr++; _vlen--; } } while(0) #define wipememory2(_ptr,_set,_len) do { volatile char *_vptr=(volatile char *)(_ptr); size_t _vlen=(_len); while(_vlen) { *_vptr=(_set); _vptr++; _vlen--; } } while(0)
#define wipememory(_ptr,_len) wipememory2(_ptr,0,_len) #define wipememory(_ptr,_len) wipememory2(_ptr,0,_len)
/*-- macros to replace ctype ones and avoid locale problems --*/
#define spacep(p) (*(p) == ' ' || *(p) == '\t')
#define digitp(p) (*(p) >= '0' && *(p) <= '9')
#define hexdigitp(a) (digitp (a) \
|| (*(a) >= 'A' && *(a) <= 'F') \
|| (*(a) >= 'a' && *(a) <= 'f'))
/******* RISC OS stuff ***********/ /******* RISC OS stuff ***********/
#ifdef __riscos__ #ifdef __riscos__
/* needed for strcasecmp() */ /* needed for strcasecmp() */

13
util/ChangeLog
View File

@ -1,3 +1,12 @@
2003-06-07 Werner Koch <wk@gnupg.org>
* iobuf.c (check_special_filename): Replaced is isdigit by digitp
to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.
2003-05-21 David Shaw <dshaw@jabberwocky.com> 2003-05-21 David Shaw <dshaw@jabberwocky.com>
* argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c, * argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c,
@ -1034,7 +1043,7 @@ Fri Feb 13 15:14:13 1998 Werner Koch (wk@isil.d.shuttle.de)
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. Copyright 1998,1999,2000,2001,2002,2003 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without unlimited permission to copy and/or distribute it, with or without
@ -1043,5 +1052,3 @@ Fri Feb 13 15:14:13 1998 Werner Koch (wk@isil.d.shuttle.de)
This file is distributed in the hope that it will be useful, but This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

2
util/iobuf.c
View File

@ -1032,7 +1032,7 @@ check_special_filename ( const char *fname )
int i; int i;
fname += 2; fname += 2;
for (i=0; isdigit (fname[i]); i++ ) for (i=0; digitp (fname+i); i++ )
; ;
if ( !fname[i] ) if ( !fname[i] )
return atoi (fname); return atoi (fname);

8
util/miscutil.c
View File

@ -1,5 +1,5 @@
/* miscutil.c - miscellaneous utilities /* miscutil.c - miscellaneous utilities
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. * Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -56,11 +56,11 @@ scan_isodatestr( const char *string )
if( strlen(string) != 10 || string[4] != '-' || string[7] != '-' ) if( strlen(string) != 10 || string[4] != '-' || string[7] != '-' )
return 0; return 0;
for( i=0; i < 4; i++ ) for( i=0; i < 4; i++ )
if( !isdigit(string[i]) ) if( !digitp(string+i) )
return 0; return 0;
if( !isdigit(string[5]) || !isdigit(string[6]) ) if( !digitp(string+5) || !digitp(string+6) )
return 0; return 0;
if( !isdigit(string[8]) || !isdigit(string[9]) ) if( !digitp(string+8) || !digitp(string+9) )
return 0; return 0;
year = atoi(string); year = atoi(string);
month = atoi(string+5); month = atoi(string+5);

11
util/strgutil.c
View File

@ -1,5 +1,6 @@
/* strgutil.c - string utilities /* strgutil.c - string utilities
* Copyright (C) 1994, 1998, 1999, 2000, 2001 Free Software Foundation, Inc. * Copyright (C) 1994, 1998, 1999, 2000, 2001,
* 2003 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -825,7 +826,7 @@ strlwr(char *s)
{ {
char *p; char *p;
for(p=s; *p; p++ ) for(p=s; *p; p++ )
*p = tolower(*p); *p = tolower(*(unsigned char *)p);
return s; return s;
} }
#endif #endif
@ -835,7 +836,8 @@ int
strcasecmp( const char *a, const char *b ) strcasecmp( const char *a, const char *b )
{ {
for( ; *a && *b; a++, b++ ) { for( ; *a && *b; a++, b++ ) {
if( *a != *b && toupper(*a) != toupper(*b) ) if( *a != *b
&& toupper(*(const byte *)a) != toupper(*(const byte *)b) )
break; break;
} }
return *(const byte*)a - *(const byte*)b; return *(const byte*)a - *(const byte*)b;
@ -847,7 +849,8 @@ int
strncasecmp( const char *a, const char *b, size_t n ) strncasecmp( const char *a, const char *b, size_t n )
{ {
for( ; n && *a && *b; a++, b++, n--) { for( ; n && *a && *b; a++, b++, n--) {
if( *a != *b && toupper(*a) != toupper(*b) ) if( *a != *b
&& toupper(*(const byte *)a) != toupper(*(const byte *)b) )
break; break;
} }
if (!n) if (!n)