mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-18 14:17:03 +01:00
Make sure that only ascii is passed to isfoo functions.
This commit is contained in:
parent
a72b1e0a57
commit
6a00a17bd1
3
THANKS
3
THANKS
@ -66,13 +66,14 @@ Frank Tobin ftobin@uiuc.edu
|
||||
Gabriel Rosenkoetter gr@eclipsed.net
|
||||
Gaël Quéri gael@lautre.net
|
||||
Gene Carter gcarter@lanier.com
|
||||
Geoff Keating geoffk@ozemail.com.au
|
||||
Georg Schwarz georg.schwarz@iname.com
|
||||
Giampaolo Tomassoni g.tomassoni@libero.it
|
||||
Gilbert Fernandes gilbert_fernandes@hotmail.com
|
||||
Greg Louis glouis@dynamicro.on.ca
|
||||
Greg Troxel gdt@ir.bbn.com
|
||||
Gregory Steuck steuck@iname.com
|
||||
Geoff Keating geoffk@ozemail.com.au
|
||||
Gregery Barton gregery20@yahoo.com.au
|
||||
Harald Denker harry@hal.westfalen.de
|
||||
Holger Baust Holger.Baust@freenet-ag.de
|
||||
Hendrik Buschkamp buschkamp@rheumanet.org
|
||||
|
@ -1,3 +1,16 @@
|
||||
2003-06-07 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* g10.c (add_notation_data): Make sure that only ascii is passed
|
||||
to iscntrl. Noted by Christian Biere.
|
||||
* getkey.c (classify_user_id2): Replaced isspace by spacep
|
||||
* keygen.c (keygen_set_std_prefs): Likewise. Also for isdigit.
|
||||
(ask_user_id): Ditto.
|
||||
(get_parameter_algo): Ditto.
|
||||
* keyedit.c (keyedit_menu): Ditto.
|
||||
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
|
||||
* revoke.c (ask_revocation_reason):
|
||||
* keyserver.c (keyserver_spawn): Dito.
|
||||
|
||||
2003-06-04 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* options.skel: Use new hkp://subkeys.pgp.net as sample keyserver
|
||||
|
@ -2876,13 +2876,13 @@ add_notation_data( const char *string, int which )
|
||||
/* we only support printable text - therefore we enforce the use
|
||||
* of only printable characters (an empty value is valid) */
|
||||
for( s++; *s ; s++ ) {
|
||||
if( iscntrl(*s) ) {
|
||||
if ((*s & 0x80))
|
||||
highbit = 1;
|
||||
else if (iscntrl(*s)) {
|
||||
log_error(_("a notation value must not use "
|
||||
"any control characters\n") );
|
||||
return;
|
||||
}
|
||||
else if( *s & 0x80 )
|
||||
highbit = 1;
|
||||
}
|
||||
|
||||
if( highbit ) /* must use UTF8 encoding */
|
||||
|
@ -569,7 +569,7 @@ classify_user_id2( const char *name,
|
||||
memset (desc, 0, sizeof *desc);
|
||||
*force_exact = 0;
|
||||
/* skip leading spaces. Fixme: what is with trailing spaces? */
|
||||
for(s = name; *s && isspace(*s); s++ )
|
||||
for(s = name; *s && spacep (s); s++ )
|
||||
;
|
||||
|
||||
switch (*s) {
|
||||
@ -650,7 +650,7 @@ classify_user_id2( const char *name,
|
||||
}
|
||||
|
||||
/* check if a hexadecimal number is terminated by EOS or blank */
|
||||
if (hexlength && s[hexlength] && !isspace(s[hexlength])) {
|
||||
if (hexlength && s[hexlength] && !spacep(s+hexlength)) {
|
||||
if (hexprefix) /* a "0x" prefix without correct */
|
||||
return 0; /* termination is an error */
|
||||
else /* The first chars looked like */
|
||||
|
@ -1100,7 +1100,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
|
||||
cmd = cmdLIST;
|
||||
else if( *answer == CONTROL_D )
|
||||
cmd = cmdQUIT;
|
||||
else if( isdigit( *answer ) ) {
|
||||
else if( digitp(answer ) ) {
|
||||
cmd = cmdSELUID;
|
||||
arg_number = atoi(answer);
|
||||
}
|
||||
|
16
g10/keygen.c
16
g10/keygen.c
@ -244,17 +244,17 @@ keygen_set_std_prefs (const char *string,int personal)
|
||||
string = "";
|
||||
|
||||
for (s=string; *s; s = s2) {
|
||||
if ((*s=='s' || *s == 'S') && isdigit(s[1]) ) {
|
||||
if ((*s=='s' || *s == 'S') && digitp (s+1) ) {
|
||||
val = strtoul (++s, (char**)&s2, 10);
|
||||
if (set_one_pref (val, 'S', check_cipher_algo, sym, &nsym))
|
||||
rc = -1;
|
||||
}
|
||||
else if ((*s=='h' || *s == 'H') && isdigit(s[1]) ) {
|
||||
else if ((*s=='h' || *s == 'H') && digitp (s+1) ) {
|
||||
val = strtoul (++s, (char**)&s2, 10);
|
||||
if (set_one_pref (val, 'H', check_digest_algo, hash, &nhash))
|
||||
rc = -1;
|
||||
}
|
||||
else if ((*s=='z' || *s == 'Z') && isdigit(s[1]) ) {
|
||||
else if ((*s=='z' || *s == 'Z') && digitp (s+1) ) {
|
||||
val = strtoul (++s, (char**)&s2, 10);
|
||||
if (set_one_pref (val, 'Z', check_compress_algo, zip, &nzip))
|
||||
rc = -1;
|
||||
@ -267,7 +267,7 @@ keygen_set_std_prefs (const char *string,int personal)
|
||||
mdc=0;
|
||||
s2=s+6;
|
||||
}
|
||||
else if (isspace (*s))
|
||||
else if (spacep (s))
|
||||
s2 = s+1;
|
||||
else {
|
||||
log_info (_("invalid character in preference string\n"));
|
||||
@ -915,10 +915,10 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
|
||||
static int
|
||||
check_valid_days( const char *s )
|
||||
{
|
||||
if( !isdigit(*s) )
|
||||
if( !digitp(s) )
|
||||
return 0;
|
||||
for( s++; *s; s++)
|
||||
if( !isdigit(*s) )
|
||||
if( !digitp(s) )
|
||||
break;
|
||||
if( !*s )
|
||||
return 1;
|
||||
@ -1252,7 +1252,7 @@ ask_user_id( int mode )
|
||||
|
||||
if( strpbrk( aname, "<>" ) )
|
||||
tty_printf(_("Invalid character in name\n"));
|
||||
else if( isdigit(*aname) )
|
||||
else if( digitp(aname) )
|
||||
tty_printf(_("Name may not start with a digit\n"));
|
||||
else if( strlen(aname) < 5 )
|
||||
tty_printf(_("Name must be at least 5 characters long\n"));
|
||||
@ -1522,7 +1522,7 @@ get_parameter_algo( struct para_data_s *para, enum para_name key )
|
||||
struct para_data_s *r = get_parameter( para, key );
|
||||
if( !r )
|
||||
return -1;
|
||||
if( isdigit( *r->u.value ) )
|
||||
if( digitp( r->u.value ) )
|
||||
i = atoi( r->u.value );
|
||||
else
|
||||
i = string_to_pubkey_algo( r->u.value );
|
||||
|
@ -189,7 +189,7 @@ parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
|
||||
ch=opt.keyserver_port;
|
||||
while(*ch!='\0')
|
||||
{
|
||||
if(!isdigit(*ch))
|
||||
if(!digitp(ch))
|
||||
return G10ERR_BAD_URI;
|
||||
|
||||
ch++;
|
||||
@ -569,7 +569,7 @@ keyserver_spawn(int action,STRLIST list,
|
||||
|
||||
/* remove trailing whitespace */
|
||||
plen=strlen(ptr);
|
||||
while(plen>0 && isspace(ptr[plen-1]))
|
||||
while(plen>0 && spacep(ptr+plen-1))
|
||||
plen--;
|
||||
plen[ptr]='\0';
|
||||
|
||||
|
@ -636,7 +636,7 @@ ask_revocation_reason( int key_rev, int cert_rev, int hint )
|
||||
return NULL; /* cancel */
|
||||
if( hint && !*answer )
|
||||
n = hint;
|
||||
else if(!isdigit( *answer ) )
|
||||
else if(!digitp( answer ) )
|
||||
n = -1;
|
||||
else
|
||||
n = atoi(answer);
|
||||
|
@ -153,7 +153,7 @@ import_ownertrust( const char *fname )
|
||||
break; /* can't continue */
|
||||
}
|
||||
for(p = line; *p && *p != ':' ; p++ )
|
||||
if( !isxdigit(*p) )
|
||||
if( !hexdigitp(p) )
|
||||
break;
|
||||
if( *p != ':' ) {
|
||||
log_error_f(fname, _("error: missing colon\n") );
|
||||
|
@ -1,3 +1,7 @@
|
||||
2003-06-07 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* util.h (hexdigitp,spacep,digitp): New.
|
||||
|
||||
2003-05-21 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* cipher.h, i18n.h, iobuf.h, memory.h, mpi.h, types.h, util.h:
|
||||
|
@ -260,6 +260,13 @@ int vasprintf ( char **result, const char *format, va_list args);
|
||||
#define wipememory2(_ptr,_set,_len) do { volatile char *_vptr=(volatile char *)(_ptr); size_t _vlen=(_len); while(_vlen) { *_vptr=(_set); _vptr++; _vlen--; } } while(0)
|
||||
#define wipememory(_ptr,_len) wipememory2(_ptr,0,_len)
|
||||
|
||||
/*-- macros to replace ctype ones and avoid locale problems --*/
|
||||
#define spacep(p) (*(p) == ' ' || *(p) == '\t')
|
||||
#define digitp(p) (*(p) >= '0' && *(p) <= '9')
|
||||
#define hexdigitp(a) (digitp (a) \
|
||||
|| (*(a) >= 'A' && *(a) <= 'F') \
|
||||
|| (*(a) >= 'a' && *(a) <= 'f'))
|
||||
|
||||
/******* RISC OS stuff ***********/
|
||||
#ifdef __riscos__
|
||||
/* needed for strcasecmp() */
|
||||
|
@ -1,3 +1,12 @@
|
||||
2003-06-07 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* iobuf.c (check_special_filename): Replaced is isdigit by digitp
|
||||
to avoid passing negative values and potential locale problems.
|
||||
Problem noted by Christian Biere.
|
||||
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
|
||||
pass a negative value.
|
||||
* miscutil.c (scan_isodatestr): Ditto.
|
||||
|
||||
2003-05-21 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* argparse.c, dotlock.c, fileutil.c, iobuf.c, miscutil.c,
|
||||
@ -1034,7 +1043,7 @@ Fri Feb 13 15:14:13 1998 Werner Koch (wk@isil.d.shuttle.de)
|
||||
|
||||
|
||||
|
||||
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
|
||||
Copyright 1998,1999,2000,2001,2002,2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is free software; as a special exception the author gives
|
||||
unlimited permission to copy and/or distribute it, with or without
|
||||
@ -1043,5 +1052,3 @@ Fri Feb 13 15:14:13 1998 Werner Koch (wk@isil.d.shuttle.de)
|
||||
This file is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
||||
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
|
||||
|
@ -1032,7 +1032,7 @@ check_special_filename ( const char *fname )
|
||||
int i;
|
||||
|
||||
fname += 2;
|
||||
for (i=0; isdigit (fname[i]); i++ )
|
||||
for (i=0; digitp (fname+i); i++ )
|
||||
;
|
||||
if ( !fname[i] )
|
||||
return atoi (fname);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* miscutil.c - miscellaneous utilities
|
||||
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -56,11 +56,11 @@ scan_isodatestr( const char *string )
|
||||
if( strlen(string) != 10 || string[4] != '-' || string[7] != '-' )
|
||||
return 0;
|
||||
for( i=0; i < 4; i++ )
|
||||
if( !isdigit(string[i]) )
|
||||
if( !digitp(string+i) )
|
||||
return 0;
|
||||
if( !isdigit(string[5]) || !isdigit(string[6]) )
|
||||
if( !digitp(string+5) || !digitp(string+6) )
|
||||
return 0;
|
||||
if( !isdigit(string[8]) || !isdigit(string[9]) )
|
||||
if( !digitp(string+8) || !digitp(string+9) )
|
||||
return 0;
|
||||
year = atoi(string);
|
||||
month = atoi(string+5);
|
||||
|
@ -1,5 +1,6 @@
|
||||
/* strgutil.c - string utilities
|
||||
* Copyright (C) 1994, 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
|
||||
* Copyright (C) 1994, 1998, 1999, 2000, 2001,
|
||||
* 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -825,7 +826,7 @@ strlwr(char *s)
|
||||
{
|
||||
char *p;
|
||||
for(p=s; *p; p++ )
|
||||
*p = tolower(*p);
|
||||
*p = tolower(*(unsigned char *)p);
|
||||
return s;
|
||||
}
|
||||
#endif
|
||||
@ -835,7 +836,8 @@ int
|
||||
strcasecmp( const char *a, const char *b )
|
||||
{
|
||||
for( ; *a && *b; a++, b++ ) {
|
||||
if( *a != *b && toupper(*a) != toupper(*b) )
|
||||
if( *a != *b
|
||||
&& toupper(*(const byte *)a) != toupper(*(const byte *)b) )
|
||||
break;
|
||||
}
|
||||
return *(const byte*)a - *(const byte*)b;
|
||||
@ -847,7 +849,8 @@ int
|
||||
strncasecmp( const char *a, const char *b, size_t n )
|
||||
{
|
||||
for( ; n && *a && *b; a++, b++, n--) {
|
||||
if( *a != *b && toupper(*a) != toupper(*b) )
|
||||
if( *a != *b
|
||||
&& toupper(*(const byte *)a) != toupper(*(const byte *)b) )
|
||||
break;
|
||||
}
|
||||
if (!n)
|
||||
|
Loading…
x
Reference in New Issue
Block a user