gpg: Fix trusted introducer for user-ids with only the mbox.

* g10/trustdb.c (check_regexp): Kludge to match user-ids with only an mbox. -- (Also re-indented the function) GnuPG-bug-id: 6238
2024-11-09 21:28:51 +01:00 · 2022-10-28 11:17:39 +02:00 · 2022-10-28 11:17:39 +02:00 · a9044b4a23
commit a9044b4a23
parent bd825ead36
1 changed files with 31 additions and 19 deletions
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -1669,38 +1669,50 @@ sanitize_regexp(const char *old)
  return new;
 }

+
 /* Used by validate_one_keyblock to confirm a regexp within a trust
-   signature.  Returns 1 for match, and 0 for no match or regex
-   error. */
+ * signature.  Returns 1 for match, and 0 for no match or regex
+ * error. */
 static int
-check_regexp(const char *expr,const char *string)
+check_regexp (const char *expr,const char *string)
 {
  int ret;
  char *regexp;
+  char *stringbuf = NULL;
+  regex_t pat;

-  regexp=sanitize_regexp(expr);
+  regexp = sanitize_regexp (expr);

-  {
-    regex_t pat;
+  ret = regcomp (&pat, regexp, (REG_ICASE|REG_EXTENDED));
+  if (!ret)
+    {
+      if (*regexp == '<' && !strchr (string, '<')
+          && is_valid_mailbox (string))
+        {
+          /* The R.E. starts with an angle bracket but STRING seems to
+           * be a plain mailbox (e.g. "foo@example.org").  The
+           * commonly used R.E. pattern "<[^>]+[@.]example\.org>$"
+           * won't be able to detect this.  Thus we enclose STRING
+           * into angle brackets for checking.  */
+          stringbuf = xstrconcat ("<", string, ">", NULL);
+          string = stringbuf;
+        }
+      ret = regexec (&pat, string, 0, NULL, 0);
+      regfree (&pat);
+    }

-    ret=regcomp(&pat,regexp,REG_ICASE|REG_EXTENDED);
-    if(ret==0)
-      {
-	ret=regexec(&pat,string,0,NULL,0);
-	regfree(&pat);
-      }
-    ret=(ret==0);
-  }
+  ret = !ret;

-  if(DBG_TRUST)
-    log_debug("regexp '%s' ('%s') on '%s': %s\n",
-	      regexp,expr,string,ret?"YES":"NO");
-
-  xfree(regexp);
+  if (DBG_TRUST)
+    log_debug ("regexp '%s' ('%s') on '%s'%s: %s\n",
+               regexp, expr, string, stringbuf? " (fixed)":"", ret? "YES":"NO");

+  xfree (regexp);
+  xfree (stringbuf);
  return ret;
 }

+
 /*
 * Return true if the key is signed by one of the keys in the given
 * key ID list.  User IDs with a valid signature are marked by node