util/

* secmem.c (init_pool): Avoid assigning a negative value to a
	size_t.
./
	* acinclude.m4: Fix last change.  Make test self-conatined by
	checking for sysconf and getpagesize.  Remove indentation for the
	sake of broken C-89 cpps.

ChangeLog

@@ -1,3 +1,9 @@
+2007-04-16  Werner Koch  <wk@g10code.com>
+
+	* acinclude.m4: Fix last change.  Make test self-conatined by
+	checking for sysconf and getpagesize.  Remove indentation for the
+	sake of broken C-89 cpp.
+
 2007-04-16  David Shaw  <dshaw@jabberwocky.com>
 
 	* configure.ac: Add a HAVE_SHM conditional.

NEWS

@@ -11,7 +11,7 @@ Noteworthy changes in version 1.4.7 (2007-03-05)
       plaintext boundary status tags that GnuPG provides.  This change
       makes GnuPG reject such messages by default which makes those
       programs safe again.  --allow-multiple-messages returns to the
-      old behavior.
+      old behavior. [CVE-2007-1263].
 
     * [W32] The environment variable LANGUAGE may be used to override
       the language given by HKCU\Software\GNU\GnuPG:Lang.  The

acinclude.m4

@@ -406,27 +406,30 @@ define(GNUPG_CHECK_MLOCK,
         fi
     fi
     if test "$ac_cv_func_mlock" = "yes"; then
+        AC_CHECK_FUNCS(sysconf getpagesize)
         AC_MSG_CHECKING(whether mlock is broken)
           AC_CACHE_VAL(gnupg_cv_have_broken_mlock,
              AC_TRY_RUN([
-                #include <stdlib.h>
-                #include <unistd.h>
-                #include <errno.h>
-                #include <sys/mman.h>
-                #include <sys/types.h>
-                #include <fcntl.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+#include <sys/mman.h>
+#include <sys/types.h>
+#include <fcntl.h>
 
-                int main()
-                {
+int main()
+{
     char *pool;
     int err;
     long int pgsize;
 
-		#if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
+#if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
     pgsize = sysconf(_SC_PAGESIZE);
-		#elif defined(HAVE_GETPAGESIZE)
+#elif defined(HAVE_GETPAGESIZE)
     pgsize = getpagesize();
-		#endif
+#else
+    pgsize = -1;
+#endif
 
     if(pgsize==-1)
        pgsize = 4096;
@@ -441,7 +444,7 @@ define(GNUPG_CHECK_MLOCK,
         return 0; /* okay */
 
     return 1;  /* hmmm */
-                }
+}
 
             ],
             gnupg_cv_have_broken_mlock="no",

util/ChangeLog

@@ -1,3 +1,8 @@
+2007-04-16  Werner Koch  <wk@g10code.com>
+
+	* secmem.c (init_pool): Avoid assigning a negative value to a
+	size_t.
+
 2007-04-16  David Shaw  <dshaw@jabberwocky.com>
 
 	* secmem.c (init_pool): Use sysconf() if available to determine

util/secmem.c

@@ -219,7 +219,8 @@ lock_pool( void *p, size_t n )
 static void
 init_pool( size_t n)
 {
-    size_t pgsize=-1;
+    long int pgsize_val;
+    size_t pgsize;
 
     poolsize = n;
 
@@ -227,13 +228,14 @@ init_pool( size_t n)
 	log_bug("secure memory is disabled");
 
 #if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
-    pgsize = sysconf(_SC_PAGESIZE);
+    pgsize_val = sysconf (_SC_PAGESIZE);
 #elif defined(HAVE_GETPAGESIZE)
-    pgsize = getpagesize();
+    pgsize_val = getpagesize ();
+#else
+    pgsize_val = -1;
 #endif
+    pgsize = (pgsize_val != -1 && pgsize_val > 0)? pgsize_val : 4096;
 
-    if(pgsize==-1)
-      pgsize = 4096;
 
 #ifdef HAVE_MMAP
     poolsize = (poolsize + pgsize -1 ) & ~(pgsize-1);