security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Code Activity

util/

Browse Source 
* secmem.c (init_pool): Avoid assigning a negative value to a
	size_t.
./
	* acinclude.m4: Fix last change.  Make test self-conatined by
	checking for sysconf and getpagesize.  Remove indentation for the
	sake of broken C-89 cpps.
This commit is contained in:
Werner Koch 2007-04-16 15:37:45 +00:00
parent eec94ac312
commit d54ee32837
5 changed files with 60 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,9 @@
2007-04-16 Werner Koch <wk@g10code.com>
* acinclude.m4: Fix last change. Make test self-conatined by
checking for sysconf and getpagesize. Remove indentation for the
sake of broken C-89 cpp.
2007-04-16 David Shaw <dshaw@jabberwocky.com> 2007-04-16 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Add a HAVE_SHM conditional. * configure.ac: Add a HAVE_SHM conditional.

2
NEWS
View File

@ -11,7 +11,7 @@ Noteworthy changes in version 1.4.7 (2007-03-05)
plaintext boundary status tags that GnuPG provides. This change plaintext boundary status tags that GnuPG provides. This change
makes GnuPG reject such messages by default which makes those makes GnuPG reject such messages by default which makes those
programs safe again. --allow-multiple-messages returns to the programs safe again. --allow-multiple-messages returns to the
old behavior. old behavior. [CVE-2007-1263].
* [W32] The environment variable LANGUAGE may be used to override * [W32] The environment variable LANGUAGE may be used to override
the language given by HKCU\Software\GNU\GnuPG:Lang. The the language given by HKCU\Software\GNU\GnuPG:Lang. The

79
acinclude.m4
View File

@ -384,18 +384,18 @@ define(GNUPG_CHECK_MLOCK,
#include <sys/mman.h> #include <sys/mman.h>
#endif #endif
], [ ], [
int i; int i;
/* glibc defines this for functions which it implements /* glibc defines this for functions which it implements
* to always fail with ENOSYS. Some functions are actually * to always fail with ENOSYS. Some functions are actually
* named something starting with __ and the normal name * named something starting with __ and the normal name
* is an alias. */ * is an alias. */
#if defined (__stub_mlock) || defined (__stub___mlock) #if defined (__stub_mlock) || defined (__stub___mlock)
choke me choke me
#else #else
mlock(&i, 4); mlock(&i, 4);
#endif #endif
; return 0; ; return 0;
], ],
gnupg_cv_mlock_is_in_sys_mman=yes, gnupg_cv_mlock_is_in_sys_mman=yes,
gnupg_cv_mlock_is_in_sys_mman=no)]) gnupg_cv_mlock_is_in_sys_mman=no)])
@ -406,42 +406,45 @@ define(GNUPG_CHECK_MLOCK,
fi fi
fi fi
if test "$ac_cv_func_mlock" = "yes"; then if test "$ac_cv_func_mlock" = "yes"; then
AC_CHECK_FUNCS(sysconf getpagesize)
AC_MSG_CHECKING(whether mlock is broken) AC_MSG_CHECKING(whether mlock is broken)
AC_CACHE_VAL(gnupg_cv_have_broken_mlock, AC_CACHE_VAL(gnupg_cv_have_broken_mlock,
AC_TRY_RUN([ AC_TRY_RUN([
#include <stdlib.h> #include <stdlib.h>
#include <unistd.h> #include <unistd.h>
#include <errno.h> #include <errno.h>
#include <sys/mman.h> #include <sys/mman.h>
#include <sys/types.h> #include <sys/types.h>
#include <fcntl.h> #include <fcntl.h>
int main() int main()
{ {
char *pool; char *pool;
int err; int err;
long int pgsize; long int pgsize;
#if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE) #if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
pgsize = sysconf(_SC_PAGESIZE); pgsize = sysconf(_SC_PAGESIZE);
#elif defined(HAVE_GETPAGESIZE) #elif defined(HAVE_GETPAGESIZE)
pgsize = getpagesize(); pgsize = getpagesize();
#endif #else
pgsize = -1;
#endif
if(pgsize==-1) if(pgsize==-1)
pgsize = 4096; pgsize = 4096;
pool = malloc( 4096 + pgsize ); pool = malloc( 4096 + pgsize );
if( !pool ) if( !pool )
return 2; return 2;
pool += (pgsize - ((long int)pool % pgsize)); pool += (pgsize - ((long int)pool % pgsize));
err = mlock( pool, 4096 ); err = mlock( pool, 4096 );
if( !err || errno == EPERM ) if( !err || errno == EPERM )
return 0; /* okay */ return 0; /* okay */
return 1; /* hmmm */ return 1; /* hmmm */
} }
], ],
gnupg_cv_have_broken_mlock="no", gnupg_cv_have_broken_mlock="no",

5
util/ChangeLog
View File

@ -1,3 +1,8 @@
2007-04-16 Werner Koch <wk@g10code.com>
* secmem.c (init_pool): Avoid assigning a negative value to a
size_t.
2007-04-16 David Shaw <dshaw@jabberwocky.com> 2007-04-16 David Shaw <dshaw@jabberwocky.com>
* secmem.c (init_pool): Use sysconf() if available to determine * secmem.c (init_pool): Use sysconf() if available to determine

12
util/secmem.c
View File

@ -219,7 +219,8 @@ lock_pool( void *p, size_t n )
static void static void
init_pool( size_t n) init_pool( size_t n)
{ {
size_t pgsize=-1; long int pgsize_val;
size_t pgsize;
poolsize = n; poolsize = n;
@ -227,13 +228,14 @@ init_pool( size_t n)
log_bug("secure memory is disabled"); log_bug("secure memory is disabled");
#if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE) #if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
pgsize = sysconf(_SC_PAGESIZE); pgsize_val = sysconf (_SC_PAGESIZE);
#elif defined(HAVE_GETPAGESIZE) #elif defined(HAVE_GETPAGESIZE)
pgsize = getpagesize(); pgsize_val = getpagesize ();
#else
pgsize_val = -1;
#endif #endif
pgsize = (pgsize_val != -1 && pgsize_val > 0)? pgsize_val : 4096;
if(pgsize==-1)
pgsize = 4096;
#ifdef HAVE_MMAP #ifdef HAVE_MMAP
poolsize = (poolsize + pgsize -1 ) & ~(pgsize-1); poolsize = (poolsize + pgsize -1 ) & ~(pgsize-1);