1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

Check for garbled packets

This commit is contained in:
Werner Koch 2001-09-18 09:40:31 +00:00
parent 6c09d0f462
commit e46ad749f9
9 changed files with 155 additions and 28 deletions

View File

@ -29,6 +29,12 @@
We should add an abstraction layer so that adding support for
different certificate structures will become easier.
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
an event log so that other software can display a key history or
alike with GnuPG results. This should be connected to the keyrings.
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives

23
TODO
View File

@ -1,5 +1,5 @@
* 12345678! does not work anymore
* 12345678! does not work anymore. Same for +wordlist.
* Always use the primary key to sign other keys.
@ -64,10 +64,6 @@
* Replace the printing of the user name by [self-signature] when
appropriate so that a key listing does not get clobbered.
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
an event log so that other software can display a key history or
alike with GnuPG results. This should be connected to the keyrings.
* Using --list-only to check for recipients while decrypting may
yield an error about an unknown packet.
@ -82,6 +78,11 @@
* Allow to update key signatures.
* For FreeBSD only: spit out a message that rndcontrol (8) should be
used to enable the use of IRQs for entropy gathering.
* --passphrase-fd can't work with -cs: document this or find a way
to work around.
Scheduled for 1.1
-----------------
@ -91,8 +92,6 @@ Scheduled for 1.1
* With option -i prompt before adding a key to the keyring and show some
info what we are about to add.
* Speed up calculation of key validation.
* --disable-asm should still assemble _udiv_qrnnd when needed
* Skip RO keyrings when importing a key.
@ -105,6 +104,9 @@ Scheduled for 1.1
* Get new assembler stuff from gmp 3.1
* Use new-format headers for compressed packets.
Nice to have
------------
@ -113,9 +115,6 @@ Nice to have
* Print a warning if the directory mode is wrong.
* Do a real fix for bug #7 or document that it is a PGP 5 error.
* preferences of hash algorithms are not yet used.
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
or use POSIX.4 realtime signals. Overhaul the interface and the
test program. Use it with the test suite?
* add test cases for invalid data (scrambled armor or other random data)
* add checking of armor trailers
* the pubkey encrypt functions should do some sanity checks.
@ -124,8 +123,6 @@ Nice to have
* for messages created with "-t", it might make sense to append the
verification status of the message to the output (i.e. write something to
the --output file and not only to stderr.
* configure option where to find zlib
* Evaluate whether it make sense to replace the namehashs either by
using the user ID directly or by using pointers into the trustdb.

View File

@ -1,3 +1,20 @@
2001-09-18 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse): Stop on impossible packet lengths.
2001-09-17 Werner Koch <wk@gnupg.org>
* mainproc.c (print_notation_data): Wrap notation data status lines
after 50 chars.
* mainproc.c (proc_pubkey_enc): Make option try-all-secrets work.
By disastry@saiknes.lv.
2001-09-14 Werner Koch <wk@gnupg.org>
* parse-packet.c (dump_sig_subpkt): List key server preferences
and show the revocable flag correctly. Contributed by Davod Shaw.
2001-09-09 Werner Koch <wk@gnupg.org>
* keyedit.c (keyedit_menu): No need to define another p.

View File

@ -300,6 +300,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
|| enc->pubkey_algo == PUBKEY_ALGO_DSA
|| is_RSA(enc->pubkey_algo) ) {
if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
|| opt.try_all_secrets
|| !seckey_available( enc->keyid )) ) {
if( opt.list_only )
result = -1;
@ -746,7 +747,7 @@ print_notation_data( PKT_signature *sig )
print_string( log_stream(), p+n1, n2, 0 );
putc( '\n', log_stream() );
write_status_buffer ( STATUS_NOTATION_NAME, p , n1, 0 );
write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 20 );
write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 50 );
}
if( (p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &n ) )) {
log_info(_("Policy: ") );

View File

@ -368,6 +368,14 @@ parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
}
}
if (pktlen == 0xffffffff) {
/* with a some probability this is caused by a problem in the
* the uncompressing layer - in some error cases it just loops
* and spits out 0xff bytes. */
log_error ("%s: garbled packet detected\n", iobuf_where(inp) );
g10_exit (2);
}
if( out && pkttype ) {
if( iobuf_write( out, hdr, hdrlen ) == -1 )
rc = G10ERR_WRITE_FILE;
@ -766,7 +774,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
p = "regular expression";
break;
case SIGSUBPKT_REVOCABLE:
p = "revocable";
if( length )
printf("%srevocable", *buffer? "":"not ");
break;
case SIGSUBPKT_KEY_EXPIRE:
if( length >= 4 )
@ -829,7 +838,9 @@ dump_sig_subpkt( int hashed, int type, int critical,
printf(" %d", buffer[i] );
break;
case SIGSUBPKT_KS_FLAGS:
p = "key server preferences";
fputs("key server preferences:",stdout);
for(i=0;i<length;i++)
printf(" %02X", buffer[i]);
break;
case SIGSUBPKT_PREF_KS:
p = "preferred key server";

View File

@ -1,3 +1,8 @@
2001-09-18 Werner Koch <wk@gnupg.org>
* gpgsplit.c: New option --uncompress.
(write_part): Handle old style uncompressing.
2001-06-20 Werner Koch <wk@gnupg.org>
* gpgsplit.c: New.

View File

@ -33,12 +33,14 @@
#ifdef HAVE_DOSISH_SYSTEM
#include <fcntl.h> /* for setmode() */
#endif
#include <zlib.h>
#include "../g10/packet.h"
#include "util.h"
static int opt_verbose;
static const char *opt_prefix = "";
static int opt_uncompress;
static void g10_exit( int rc );
static void split_packets (const char *fname);
@ -47,6 +49,7 @@ static void split_packets (const char *fname);
enum cmd_and_opt_values { aNull = 0,
oVerbose = 'v',
oPrefix = 'p',
oUncompress = 500,
aTest };
@ -56,6 +59,7 @@ static ARGPARSE_OPTS opts[] = {
{ oVerbose, "verbose", 0, "verbose" },
{ oPrefix, "prefix", 2, "|STRING|Prepend filenames with STRING" },
{ oUncompress, "uncompress", 0, "uncompress a packet"},
{0} };
@ -105,6 +109,7 @@ main( int argc, char **argv )
switch( pargs.r_opt ) {
case oVerbose: opt_verbose = 1; break;
case oPrefix: opt_prefix = pargs.r.ret_str; break;
case oUncompress: opt_uncompress = 1; break;
default : pargs.err = 2; break;
}
}
@ -143,7 +148,9 @@ pkttype_to_string (int pkttype)
case PKT_SECRET_KEY : s = "secret_key"; break;
case PKT_PUBLIC_KEY : s = "public_key"; break;
case PKT_SECRET_SUBKEY : s = "secret_subkey"; break;
case PKT_COMPRESSED : s = "compressed"; break;
case PKT_COMPRESSED :
s = opt_uncompress? "uncompressed":"compressed";
break;
case PKT_ENCRYPTED : s = "encrypted"; break;
case PKT_MARKER : s = "marker"; break;
case PKT_PLAINTEXT : s = "plaintext"; break;
@ -232,11 +239,13 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
g10_exit (1);
}
for (p=hdr; hdrlen; p++, hdrlen--) {
if ( putc (*p, fpout) == EOF )
goto write_error;
if (!opt_uncompress) {
for (p=hdr; hdrlen; p++, hdrlen--) {
if ( putc (*p, fpout) == EOF )
goto write_error;
}
}
first = 1;
while (partial) {
size_t partlen;
@ -311,13 +320,89 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
else { /* compressed: read to end */
pktlen = 0;
partial = 0;
while ( (c=getc (fpin)) != EOF ) {
if ( putc (c, fpout) == EOF )
goto write_error;
hdrlen = 0;
if (opt_uncompress) {
z_stream zs;
byte *inbuf, *outbuf;
unsigned int inbufsize, outbufsize;
int algo, zinit_done, zrc, nread, count;
size_t n;
if ((c = getc (fpin)) == EOF)
goto read_error;
algo = c;
memset (&zs, 0, sizeof zs);
inbufsize = 2048;
inbuf = m_alloc (inbufsize);
outbufsize = 8192;
outbuf = m_alloc (outbufsize);
zs.avail_in = 0;
zinit_done = 0;
do {
if (zs.avail_in < inbufsize) {
n = zs.avail_in;
if (!n)
zs.next_in = inbuf;
count = inbufsize - n;
for (nread=0;
nread < count && (c=getc (fpin)) != EOF;
nread++) {
inbuf[n+nread] = c;
}
n += nread;
if (nread < count && algo == 1) {
inbuf[n] = 0xFF; /* chew dummy byte */
n++;
}
zs.avail_in = n;
}
zs.next_out = outbuf;
zs.avail_out = outbufsize;
if (!zinit_done) {
zrc = algo == 1? inflateInit2 ( &zs, -13)
: inflateInit ( &zs );
if (zrc != Z_OK) {
log_fatal ("zlib problem: %s\n", zs.msg? zs.msg :
zrc == Z_MEM_ERROR ? "out of core" :
zrc == Z_VERSION_ERROR ?
"invalid lib version" :
"unknown error" );
}
zinit_done = 1;
}
else {
#ifdef Z_SYNC_FLUSH
zrc = inflate (&zs, Z_SYNC_FLUSH);
#else
zrc = inflate (&zs, Z_PARTIAL_FLUSH);
#endif
if (zrc == Z_STREAM_END)
; /* eof */
else if (zrc != Z_OK && zrc != Z_BUF_ERROR) {
if (zs.msg)
log_fatal ("zlib inflate problem: %s\n", zs.msg );
else
log_fatal ("zlib inflate problem: rc=%d\n", zrc );
}
for (n=0; n < outbufsize - zs.avail_out; n++) {
if (putc (outbuf[n], fpout) == EOF )
goto write_error;
}
}
} while (zrc != Z_STREAM_END && zrc != Z_BUF_ERROR);
inflateEnd (&zs);
}
else {
while ( (c=getc (fpin)) != EOF ) {
if ( putc (c, fpout) == EOF )
goto write_error;
}
}
if (!feof (fpin))
goto read_error;
}
}

View File

@ -1,3 +1,8 @@
2001-09-17 Werner Koch <wk@gnupg.org>
* miscutil.c (print_string): Use explicit ranges and not iscntrl().
(make_printable_string): Ditto.
2001-09-07 Werner Koch <wk@gnupg.org>
* strgutil.c (strsep): New, taken from glibc 2.2.1.

View File

@ -182,7 +182,7 @@ void
print_string( FILE *fp, const byte *p, size_t n, int delim )
{
for( ; n; n--, p++ )
if( iscntrl( *p ) || *p == delim ) {
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
putc('\\', fp);
if( *p == '\n' )
putc('n', fp);
@ -239,7 +239,7 @@ make_printable_string( const byte *p, size_t n, int delim )
/* first count length */
for(save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) {
if( iscntrl( *p ) || *p == delim ) {
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
if( *p=='\n' || *p=='\r' || *p=='\f'
|| *p=='\v' || *p=='\b' || !*p )
buflen += 2;
@ -254,7 +254,7 @@ make_printable_string( const byte *p, size_t n, int delim )
/* and now make the string */
d = buffer = m_alloc( buflen );
for( ; n; n--, p++ ) {
if( iscntrl( *p ) || *p == delim ) {
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
*d++ = '\\';
if( *p == '\n' )
*d++ = 'n';