1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

Check for garbled packets

This commit is contained in:
Werner Koch 2001-09-18 09:40:31 +00:00
parent 6c09d0f462
commit e46ad749f9
9 changed files with 155 additions and 28 deletions

View File

@ -29,6 +29,12 @@
We should add an abstraction layer so that adding support for We should add an abstraction layer so that adding support for
different certificate structures will become easier. different certificate structures will become easier.
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
an event log so that other software can display a key history or
alike with GnuPG results. This should be connected to the keyrings.
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives This file is free software; as a special exception the author gives

23
TODO
View File

@ -1,5 +1,5 @@
* 12345678! does not work anymore * 12345678! does not work anymore. Same for +wordlist.
* Always use the primary key to sign other keys. * Always use the primary key to sign other keys.
@ -64,10 +64,6 @@
* Replace the printing of the user name by [self-signature] when * Replace the printing of the user name by [self-signature] when
appropriate so that a key listing does not get clobbered. appropriate so that a key listing does not get clobbered.
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
an event log so that other software can display a key history or
alike with GnuPG results. This should be connected to the keyrings.
* Using --list-only to check for recipients while decrypting may * Using --list-only to check for recipients while decrypting may
yield an error about an unknown packet. yield an error about an unknown packet.
@ -82,6 +78,11 @@
* Allow to update key signatures. * Allow to update key signatures.
* For FreeBSD only: spit out a message that rndcontrol (8) should be
used to enable the use of IRQs for entropy gathering.
* --passphrase-fd can't work with -cs: document this or find a way
to work around.
Scheduled for 1.1 Scheduled for 1.1
----------------- -----------------
@ -91,8 +92,6 @@ Scheduled for 1.1
* With option -i prompt before adding a key to the keyring and show some * With option -i prompt before adding a key to the keyring and show some
info what we are about to add. info what we are about to add.
* Speed up calculation of key validation.
* --disable-asm should still assemble _udiv_qrnnd when needed * --disable-asm should still assemble _udiv_qrnnd when needed
* Skip RO keyrings when importing a key. * Skip RO keyrings when importing a key.
@ -105,6 +104,9 @@ Scheduled for 1.1
* Get new assembler stuff from gmp 3.1 * Get new assembler stuff from gmp 3.1
* Use new-format headers for compressed packets.
Nice to have Nice to have
------------ ------------
@ -113,9 +115,6 @@ Nice to have
* Print a warning if the directory mode is wrong. * Print a warning if the directory mode is wrong.
* Do a real fix for bug #7 or document that it is a PGP 5 error. * Do a real fix for bug #7 or document that it is a PGP 5 error.
* preferences of hash algorithms are not yet used. * preferences of hash algorithms are not yet used.
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
or use POSIX.4 realtime signals. Overhaul the interface and the
test program. Use it with the test suite?
* add test cases for invalid data (scrambled armor or other random data) * add test cases for invalid data (scrambled armor or other random data)
* add checking of armor trailers * add checking of armor trailers
* the pubkey encrypt functions should do some sanity checks. * the pubkey encrypt functions should do some sanity checks.
@ -124,8 +123,6 @@ Nice to have
* for messages created with "-t", it might make sense to append the * for messages created with "-t", it might make sense to append the
verification status of the message to the output (i.e. write something to verification status of the message to the output (i.e. write something to
the --output file and not only to stderr. the --output file and not only to stderr.
* configure option where to find zlib
* Evaluate whether it make sense to replace the namehashs either by
using the user ID directly or by using pointers into the trustdb.

View File

@ -1,3 +1,20 @@
2001-09-18 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse): Stop on impossible packet lengths.
2001-09-17 Werner Koch <wk@gnupg.org>
* mainproc.c (print_notation_data): Wrap notation data status lines
after 50 chars.
* mainproc.c (proc_pubkey_enc): Make option try-all-secrets work.
By disastry@saiknes.lv.
2001-09-14 Werner Koch <wk@gnupg.org>
* parse-packet.c (dump_sig_subpkt): List key server preferences
and show the revocable flag correctly. Contributed by Davod Shaw.
2001-09-09 Werner Koch <wk@gnupg.org> 2001-09-09 Werner Koch <wk@gnupg.org>
* keyedit.c (keyedit_menu): No need to define another p. * keyedit.c (keyedit_menu): No need to define another p.

View File

@ -300,6 +300,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
|| enc->pubkey_algo == PUBKEY_ALGO_DSA || enc->pubkey_algo == PUBKEY_ALGO_DSA
|| is_RSA(enc->pubkey_algo) ) { || is_RSA(enc->pubkey_algo) ) {
if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1]) if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
|| opt.try_all_secrets
|| !seckey_available( enc->keyid )) ) { || !seckey_available( enc->keyid )) ) {
if( opt.list_only ) if( opt.list_only )
result = -1; result = -1;
@ -746,7 +747,7 @@ print_notation_data( PKT_signature *sig )
print_string( log_stream(), p+n1, n2, 0 ); print_string( log_stream(), p+n1, n2, 0 );
putc( '\n', log_stream() ); putc( '\n', log_stream() );
write_status_buffer ( STATUS_NOTATION_NAME, p , n1, 0 ); write_status_buffer ( STATUS_NOTATION_NAME, p , n1, 0 );
write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 20 ); write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 50 );
} }
if( (p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &n ) )) { if( (p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &n ) )) {
log_info(_("Policy: ") ); log_info(_("Policy: ") );

View File

@ -368,6 +368,14 @@ parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
} }
} }
if (pktlen == 0xffffffff) {
/* with a some probability this is caused by a problem in the
* the uncompressing layer - in some error cases it just loops
* and spits out 0xff bytes. */
log_error ("%s: garbled packet detected\n", iobuf_where(inp) );
g10_exit (2);
}
if( out && pkttype ) { if( out && pkttype ) {
if( iobuf_write( out, hdr, hdrlen ) == -1 ) if( iobuf_write( out, hdr, hdrlen ) == -1 )
rc = G10ERR_WRITE_FILE; rc = G10ERR_WRITE_FILE;
@ -766,7 +774,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
p = "regular expression"; p = "regular expression";
break; break;
case SIGSUBPKT_REVOCABLE: case SIGSUBPKT_REVOCABLE:
p = "revocable"; if( length )
printf("%srevocable", *buffer? "":"not ");
break; break;
case SIGSUBPKT_KEY_EXPIRE: case SIGSUBPKT_KEY_EXPIRE:
if( length >= 4 ) if( length >= 4 )
@ -829,7 +838,9 @@ dump_sig_subpkt( int hashed, int type, int critical,
printf(" %d", buffer[i] ); printf(" %d", buffer[i] );
break; break;
case SIGSUBPKT_KS_FLAGS: case SIGSUBPKT_KS_FLAGS:
p = "key server preferences"; fputs("key server preferences:",stdout);
for(i=0;i<length;i++)
printf(" %02X", buffer[i]);
break; break;
case SIGSUBPKT_PREF_KS: case SIGSUBPKT_PREF_KS:
p = "preferred key server"; p = "preferred key server";

View File

@ -1,3 +1,8 @@
2001-09-18 Werner Koch <wk@gnupg.org>
* gpgsplit.c: New option --uncompress.
(write_part): Handle old style uncompressing.
2001-06-20 Werner Koch <wk@gnupg.org> 2001-06-20 Werner Koch <wk@gnupg.org>
* gpgsplit.c: New. * gpgsplit.c: New.

View File

@ -33,12 +33,14 @@
#ifdef HAVE_DOSISH_SYSTEM #ifdef HAVE_DOSISH_SYSTEM
#include <fcntl.h> /* for setmode() */ #include <fcntl.h> /* for setmode() */
#endif #endif
#include <zlib.h>
#include "../g10/packet.h" #include "../g10/packet.h"
#include "util.h" #include "util.h"
static int opt_verbose; static int opt_verbose;
static const char *opt_prefix = ""; static const char *opt_prefix = "";
static int opt_uncompress;
static void g10_exit( int rc ); static void g10_exit( int rc );
static void split_packets (const char *fname); static void split_packets (const char *fname);
@ -47,6 +49,7 @@ static void split_packets (const char *fname);
enum cmd_and_opt_values { aNull = 0, enum cmd_and_opt_values { aNull = 0,
oVerbose = 'v', oVerbose = 'v',
oPrefix = 'p', oPrefix = 'p',
oUncompress = 500,
aTest }; aTest };
@ -56,6 +59,7 @@ static ARGPARSE_OPTS opts[] = {
{ oVerbose, "verbose", 0, "verbose" }, { oVerbose, "verbose", 0, "verbose" },
{ oPrefix, "prefix", 2, "|STRING|Prepend filenames with STRING" }, { oPrefix, "prefix", 2, "|STRING|Prepend filenames with STRING" },
{ oUncompress, "uncompress", 0, "uncompress a packet"},
{0} }; {0} };
@ -105,6 +109,7 @@ main( int argc, char **argv )
switch( pargs.r_opt ) { switch( pargs.r_opt ) {
case oVerbose: opt_verbose = 1; break; case oVerbose: opt_verbose = 1; break;
case oPrefix: opt_prefix = pargs.r.ret_str; break; case oPrefix: opt_prefix = pargs.r.ret_str; break;
case oUncompress: opt_uncompress = 1; break;
default : pargs.err = 2; break; default : pargs.err = 2; break;
} }
} }
@ -143,7 +148,9 @@ pkttype_to_string (int pkttype)
case PKT_SECRET_KEY : s = "secret_key"; break; case PKT_SECRET_KEY : s = "secret_key"; break;
case PKT_PUBLIC_KEY : s = "public_key"; break; case PKT_PUBLIC_KEY : s = "public_key"; break;
case PKT_SECRET_SUBKEY : s = "secret_subkey"; break; case PKT_SECRET_SUBKEY : s = "secret_subkey"; break;
case PKT_COMPRESSED : s = "compressed"; break; case PKT_COMPRESSED :
s = opt_uncompress? "uncompressed":"compressed";
break;
case PKT_ENCRYPTED : s = "encrypted"; break; case PKT_ENCRYPTED : s = "encrypted"; break;
case PKT_MARKER : s = "marker"; break; case PKT_MARKER : s = "marker"; break;
case PKT_PLAINTEXT : s = "plaintext"; break; case PKT_PLAINTEXT : s = "plaintext"; break;
@ -232,11 +239,13 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
g10_exit (1); g10_exit (1);
} }
for (p=hdr; hdrlen; p++, hdrlen--) { if (!opt_uncompress) {
if ( putc (*p, fpout) == EOF ) for (p=hdr; hdrlen; p++, hdrlen--) {
goto write_error; if ( putc (*p, fpout) == EOF )
goto write_error;
}
} }
first = 1; first = 1;
while (partial) { while (partial) {
size_t partlen; size_t partlen;
@ -311,13 +320,89 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
else { /* compressed: read to end */ else { /* compressed: read to end */
pktlen = 0; pktlen = 0;
partial = 0; partial = 0;
while ( (c=getc (fpin)) != EOF ) { hdrlen = 0;
if ( putc (c, fpout) == EOF ) if (opt_uncompress) {
goto write_error; z_stream zs;
byte *inbuf, *outbuf;
unsigned int inbufsize, outbufsize;
int algo, zinit_done, zrc, nread, count;
size_t n;
if ((c = getc (fpin)) == EOF)
goto read_error;
algo = c;
memset (&zs, 0, sizeof zs);
inbufsize = 2048;
inbuf = m_alloc (inbufsize);
outbufsize = 8192;
outbuf = m_alloc (outbufsize);
zs.avail_in = 0;
zinit_done = 0;
do {
if (zs.avail_in < inbufsize) {
n = zs.avail_in;
if (!n)
zs.next_in = inbuf;
count = inbufsize - n;
for (nread=0;
nread < count && (c=getc (fpin)) != EOF;
nread++) {
inbuf[n+nread] = c;
}
n += nread;
if (nread < count && algo == 1) {
inbuf[n] = 0xFF; /* chew dummy byte */
n++;
}
zs.avail_in = n;
}
zs.next_out = outbuf;
zs.avail_out = outbufsize;
if (!zinit_done) {
zrc = algo == 1? inflateInit2 ( &zs, -13)
: inflateInit ( &zs );
if (zrc != Z_OK) {
log_fatal ("zlib problem: %s\n", zs.msg? zs.msg :
zrc == Z_MEM_ERROR ? "out of core" :
zrc == Z_VERSION_ERROR ?
"invalid lib version" :
"unknown error" );
}
zinit_done = 1;
}
else {
#ifdef Z_SYNC_FLUSH
zrc = inflate (&zs, Z_SYNC_FLUSH);
#else
zrc = inflate (&zs, Z_PARTIAL_FLUSH);
#endif
if (zrc == Z_STREAM_END)
; /* eof */
else if (zrc != Z_OK && zrc != Z_BUF_ERROR) {
if (zs.msg)
log_fatal ("zlib inflate problem: %s\n", zs.msg );
else
log_fatal ("zlib inflate problem: rc=%d\n", zrc );
}
for (n=0; n < outbufsize - zs.avail_out; n++) {
if (putc (outbuf[n], fpout) == EOF )
goto write_error;
}
}
} while (zrc != Z_STREAM_END && zrc != Z_BUF_ERROR);
inflateEnd (&zs);
}
else {
while ( (c=getc (fpin)) != EOF ) {
if ( putc (c, fpout) == EOF )
goto write_error;
}
} }
if (!feof (fpin)) if (!feof (fpin))
goto read_error; goto read_error;
} }
} }

View File

@ -1,3 +1,8 @@
2001-09-17 Werner Koch <wk@gnupg.org>
* miscutil.c (print_string): Use explicit ranges and not iscntrl().
(make_printable_string): Ditto.
2001-09-07 Werner Koch <wk@gnupg.org> 2001-09-07 Werner Koch <wk@gnupg.org>
* strgutil.c (strsep): New, taken from glibc 2.2.1. * strgutil.c (strsep): New, taken from glibc 2.2.1.

View File

@ -182,7 +182,7 @@ void
print_string( FILE *fp, const byte *p, size_t n, int delim ) print_string( FILE *fp, const byte *p, size_t n, int delim )
{ {
for( ; n; n--, p++ ) for( ; n; n--, p++ )
if( iscntrl( *p ) || *p == delim ) { if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
putc('\\', fp); putc('\\', fp);
if( *p == '\n' ) if( *p == '\n' )
putc('n', fp); putc('n', fp);
@ -239,7 +239,7 @@ make_printable_string( const byte *p, size_t n, int delim )
/* first count length */ /* first count length */
for(save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) { for(save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) {
if( iscntrl( *p ) || *p == delim ) { if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
if( *p=='\n' || *p=='\r' || *p=='\f' if( *p=='\n' || *p=='\r' || *p=='\f'
|| *p=='\v' || *p=='\b' || !*p ) || *p=='\v' || *p=='\b' || !*p )
buflen += 2; buflen += 2;
@ -254,7 +254,7 @@ make_printable_string( const byte *p, size_t n, int delim )
/* and now make the string */ /* and now make the string */
d = buffer = m_alloc( buflen ); d = buffer = m_alloc( buflen );
for( ; n; n--, p++ ) { for( ; n; n--, p++ ) {
if( iscntrl( *p ) || *p == delim ) { if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
*d++ = '\\'; *d++ = '\\';
if( *p == '\n' ) if( *p == '\n' )
*d++ = 'n'; *d++ = 'n';