security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-06 21:51:07 +01:00
Code Activity

Fixed a possible W32 bufferoverflow

Browse Source
This commit is contained in:
Werner Koch 2001-06-06 18:58:05 +00:00
parent 44d09ca58a
commit e38f5c8326
14 changed files with 240 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
THANKS
View File

@ -4,6 +4,7 @@ code. Here is a list of those people. Help me keep it complete and free of
errors.
Adam Mitchell adam@cafe21.org
Albert Chin china@thewrittenword.com
Alec Habig habig@budoe2.bu.edu
Allan Clark allanc@sco.com
Anand Kumria wildfire@progsoc.uts.edu.au

2
TODO
View File

@ -1,4 +1,6 @@
* set default charset from nl_langinfo.
* check all mpi_read() for error returns.
* --preserve-perms so that permissions set on a secring don't get changed.

2
VERSION
View File

@ -1 +1 @@
1.0.6
1.0.6a

4
checks/ChangeLog
View File

@ -1,3 +1,7 @@
2001-05-30 Werner Koch <wk@gnupg.org>
* multisig.test (IFS): Reset IFS just before the test.
2001-04-30 Werner Koch <wk@gnupg.org>
* multisig.test: Add an set +x to avoid ksh problems

4
checks/multisig.test
View File

@ -123,7 +123,9 @@ save_IFS="${IFS}"
IFS=""
for i in "$sig_1ls1ls_valid" "$sig_ls_valid" "$sig_sl_valid"; do
echo "$i" | $srcdir/run-gpg --dearmor >x
IFS="${save_IFS}"
../g10/gpg --homedir . --verify x 2>/dev/null || error "valid is invalid"
IFS=""
done
#for i in "$sig_11lss_valid_but_is_not" "$sig_11lss11lss_valid_but_is_not" \
# "$sig_ssl_valid_but_is_not"; do
@ -136,7 +138,9 @@ set +e
for i in "$sig_1lsls_invalid" "$sig_lsls_invalid" \
"$sig_lss_invalid" "$sig_slsl_invalid" ; do
echo "$i" | $srcdir/run-gpg --dearmor >x
IFS="${save_IFS}"
../g10/gpg --homedir . --verify <x 2>/dev/null && error "invalid is valid"
IFS=""
done
IFS="${save_IFS}"

98
gnupg.txt Normal file
View File

@ -0,0 +1,98 @@
%%comments:
Copyright (C) 2000, 2001 Free Software Foundation, Inc.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.1 or
any later version published by the Free Software Foundation; with no
Invariant Sections, with no Front-Cover Texts, and with no Back-Cover
Texts. A copy of the license is included in the file COPYING.
%%name: GnuPG
%%short-description: Complete implementation of the OpenPGP Internet standard.
%%full-description: A complete and free replacement for PGP. The
program does not use any patented algorithms, and can be used as a
filter program. Can handle all OpenPGP messages and messages generated
by PGP 5.0 and newer unless they use the IDEA algorithm.
Supports ElGamal (signature and encrytion), DSA, AES, 3DES, Blowfish,
Twofish, CAST5, MD5, SHA-1, RIPE-MD-160 and TIGER, and has language
support for sixteen different languages.
It is believed to be fully OpenPGP (as defined in RFC2440) conform,
and has integrated support for HKP keyservers. There are a lot of
useful extra features like anonymous message recipients.
%%category: security, administration, email
%%license: GPL
%%maintainer: Werner Koch <wk@gnupg.org>
%%interface: Command line
%%updated: 1 Jun 2001
%%keywords: PGP, security, decryption, encryption, digital signatures
%%programs:
%%GNU: yes
%%web-page: http://www.gnupg.org/
%%support: Paid extension/consulting from http://www.g10code.com
%%doc: English user manual available from:
http://www.gnupg.org/gph/index.html; Spanish user manual available from:
http://www.gnupg.org/gph/index.html; English HOWTO available from
http://www.dewinter.com/gnupg_howto/english/; French HOWTO available
from http://www.gnupg.org/howtos/fr/; German HOWTO available from
http://www.gnupg.org/howtos/de/; Spanish HOWTO available from
http://www.dewinter.com/gnupg_howto/spanish.
%%developers: Matthew Skala, Michael Roth, Niklas Hernaeus, Remi
Guyomarch, Werner Koch <wk@gnupg.org>.
%%contributors: J. Michael Ashley
%%sponsors: German Federal Ministry of Economics and Technology
%%source: ftp://ftp.gnupg.org/gcrypt/gnupg
%%debian: http://www.debian.org/Packages/stable/non-us/gnupg.html
%%redhat: http://www.megaloman.com/~hany/RPM/gnupg.html
%%repository: See http://www.gnupg.org/cvs-access.html
%%related: shred
%%source-language: C
%%supported-languages:
%%use-requirements:
%%build-prerequisites:
%%weak-prerequisites:
%%source-prerequisites:
%%version: 1.0.6 stable released on 29 May 2001
%%announce-list: announce@gnupg.org
%%announce-news:
%%help-list: gnupg-users@gnupg.org
%%help-news:
%%dev-list: gnupg-devel@gnupg.org
%%dev-news:
%%bug-list: bug-gnupg@gnupg.org

6
include/ChangeLog
View File

@ -1,3 +1,9 @@
2001-05-30 Werner Koch <wk@gnupg.org>
* ttyio.h (tty_printf): Add missing parenthesis for non gcc.
* http.h: Removed trailing comma to make old ccs happy. Both are
by Albert Chin.
2001-05-25 Werner Koch <wk@gnupg.org>
* ttyio.h (tty_printf): Add printf attribute.

2
include/http.h
View File

@ -51,7 +51,7 @@ typedef enum {
enum { /* put flag values into an enum, so that gdb can display them */
HTTP_FLAG_TRY_PROXY = 1,
HTTP_FLAG_NO_SHUTDOWN = 2,
HTTP_FLAG_NO_SHUTDOWN = 2
};
struct http_context {

2
include/ttyio.h
View File

@ -24,7 +24,7 @@ int tty_batchmode( int onoff );
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
void tty_printf (const char *fmt, ... ) __attribute__ ((format (printf,1,2)));
#else
void tty_printf const char *fmt, ... );
void tty_printf (const char *fmt, ... );
#endif
void tty_print_string( byte *p, size_t n );
void tty_print_utf8_string( byte *p, size_t n );

4
include/util.h
View File

@ -207,10 +207,12 @@ int strcasecmp( const char *, const char *b);
#define stricmp(a,b) strcasecmp( (a), (b) )
#endif
/*-- w32reg.c --*/
#ifdef __MINGW32__
/*-- w32reg.c --*/
char *read_w32_registry_string( const char *root,
const char *dir, const char *name );
/*-- strgutil.c --*/
int vasprintf ( char **result, const char *format, va_list args);
#endif
/**** other missing stuff ****/

10
util/ChangeLog
View File

@ -1,3 +1,13 @@
2001-06-06 Werner Koch <wk@gnupg.org>
* strgutil.c (vasprintf) [__MINGW32__]: New. Taken from libiberty.
* ttyio.c (tty_printf) [__MINGW32__]: Replaced the sprintf with
the new vasprintf.
2001-06-05 Werner Koch <wk@gnupg.org>
* dotlock.c (make_dotlock): Typo fixes.
2001-05-25 Werner Koch <wk@gnupg.org>
* ttyio.c (do_get): Fixed a serious format string bug. Thanks to

4
util/dotlock.c
View File

@ -237,7 +237,7 @@ make_dotlock( DOTLOCK h, long timeout )
continue;
}
else if( pid == getpid() ) {
log_info( "Oops: lock already hold by us\n");
log_info( "Oops: lock already held by us\n");
h->locked = 1;
return 0; /* okay */
}
@ -250,7 +250,7 @@ make_dotlock( DOTLOCK h, long timeout )
}
if( timeout == -1 ) {
struct timeval tv;
log_info( "waiting for lock (hold by %d%s) %s...\n",
log_info( "waiting for lock (held by %d%s) %s...\n",
pid, maybe_dead, maybe_deadlock(h)? "(deadlock?) ":"");

99
util/strgutil.c
View File

@ -1,5 +1,5 @@
/* strgutil.c - string utilities
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
* Copyright (C) 1994, 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -638,3 +638,100 @@ memicmp( const char *a, const char *b, size_t n )
#endif
#ifdef __MINGW32__
/*
* Like vsprintf but provides a pointer to malloc'd storage, which
* must be freed by the caller (m_free). Taken from libiberty as
* found in gcc-2.95.2 and a little bit modernized.
* FIXME: Write a new CRT for W32.
*/
int
vasprintf ( char **result, const char *format, va_list args)
{
const char *p = format;
/* Add one to make sure that it is never zero, which might cause malloc
to return NULL. */
int total_width = strlen (format) + 1;
va_list ap;
/* this is not really portable but works under Windows */
memcpy ( &ap, &args, sizeof (va_list));
while (*p != '\0')
{
if (*p++ == '%')
{
while (strchr ("-+ #0", *p))
++p;
if (*p == '*')
{
++p;
total_width += abs (va_arg (ap, int));
}
else
{
char *endp;
total_width += strtoul (p, &endp, 10);
p = endp;
}
if (*p == '.')
{
++p;
if (*p == '*')
{
++p;
total_width += abs (va_arg (ap, int));
}
else
{
char *endp;
total_width += strtoul (p, &endp, 10);
p = endp;
}
}
while (strchr ("hlL", *p))
++p;
/* Should be big enough for any format specifier except %s
and floats. */
total_width += 30;
switch (*p)
{
case 'd':
case 'i':
case 'o':
case 'u':
case 'x':
case 'X':
case 'c':
(void) va_arg (ap, int);
break;
case 'f':
case 'e':
case 'E':
case 'g':
case 'G':
(void) va_arg (ap, double);
/* Since an ieee double can have an exponent of 307, we'll
make the buffer wide enough to cover the gross case. */
total_width += 307;
case 's':
total_width += strlen (va_arg (ap, char *));
break;
case 'p':
case 'n':
(void) va_arg (ap, char *);
break;
}
}
}
*result = m_alloc (total_width);
if (*result != NULL)
return vsprintf (*result, format, args);
else
return 0;
}
#endif /*__MINGW32__*/

36
util/ttyio.c
View File

@ -166,39 +166,21 @@ tty_printf( const char *fmt, ... )
va_start( arg_ptr, fmt ) ;
#ifdef __MINGW32__
{ static char *buf;
static size_t bufsize;
int n;
{
char *buf = NULL;
int n;
DWORD nwritten;
#if 0 /* the dox say, that there is a snprintf, but I didn't found
* it, so we use a static buffer for now */
do {
if( n == -1 || !buf ) {
m_free(buf);
bufsize += 200;
/* better check the new size; (we use M$ functions) */
if( bufsize > 50000 )
log_bug("vsnprintf probably failed\n");
buf = m_alloc( bufsize );
}
n = _vsnprintf(buf, bufsize-1, fmt, arg_ptr);
} while( n == -1 );
#else
if( !buf ) {
bufsize += 1000;
buf = m_alloc( bufsize );
}
n = vsprintf(buf, fmt, arg_ptr);
if( n == -1 )
log_bug("vsprintf() failed\n");
#endif
n = vasprintf(&buf, fmt, arg_ptr);
if( !buf )
log_bug("vasprintf() failed\n");
if( !WriteConsoleA( con.out, buf, n, &nwritten, NULL ) )
log_fatal("WriteConsole failed: rc=%d", (int)GetLastError() );
if( n != nwritten )
log_fatal("WriteConsole failed: %d != %d\n", n, nwritten );
log_fatal("WriteConsole failed: %d != %d\n", n, (int)nwritten );
last_prompt_len += n;
m_free (buf);
}
#else
last_prompt_len += vfprintf(ttyfp,fmt,arg_ptr) ;