security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

common: Use new function to print status strings. 

* common/asshelp2.c (vprint_assuan_status_strings): New.
(print_assuan_status_strings): New.
* agent/command.c (agent_write_status): Replace by call to new
function.
* dirmngr/server.c (dirmngr_status): Ditto.
* g13/server.c (g13_status): Ditto.
* g13/sh-cmd.c (g13_status): Ditto.
* sm/server.c (gpgsm_status2): Ditto.
* scd/command.c (send_status_info): Bump up N.
--

This fixes a potential overflow if LFs are passed to the status
string functions.  This is actually not the case and would be wrong
because neither the truncating in libassuan or our escaping is not the
Right Thing.  In any case the functions need to be more robust and
comply to the promised interface.  Thus the code has been factored out
to a helper function and N has been bumped up correctly and checked in
all cases.

For some uses this changes the behaviour in the error case (i.e. CR or
LF passed): It will now always be C-escaped and not passed to
libassuan which would truncate the line at the first LF.

Reported-by: private_pers
This commit is contained in:
Werner Koch 2018-02-14 12:21:23 +01:00
parent 25f3b69129
commit f19ff78f0f
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
8 changed files with 90 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
agent/command.c
View File

@ -293,50 +293,19 @@ parse_keygrip (assuan_context_t ctx, const char *string, unsigned char *buf)
/* Write an Assuan status line. KEYWORD is the first item on the
status line. The following arguments are all separated by a space
in the output. The last argument must be a NULL. Linefeeds and
carriage returns characters (which are not allowed in an Assuan
status line) are silently quoted in C-style. */
* status line. The following arguments are all separated by a space
* in the output. The last argument must be a NULL. Linefeeds and
* carriage returns characters (which are not allowed in an Assuan
* status line) are silently quoted in C-style. */
gpg_error_t
agent_write_status (ctrl_t ctrl, const char *keyword, ...)
{
gpg_error_t err = 0;
gpg_error_t err;
va_list arg_ptr;
const char *text;
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
char buf[950], *p;
size_t n;
va_start (arg_ptr, keyword);
p = buf;
n = 0;
while ( (text = va_arg (arg_ptr, const char *)) )
{
if (n)
{
*p++ = ' ';
n++;
}
for ( ; *text && n < DIM (buf)-3; n++, text++)
{
if (*text == '\n')
{
*p++ = '\\';
*p++ = 'n';
}
else if (*text == '\r')
{
*p++ = '\\';
*p++ = 'r';
}
else
*p++ = *text;
}
}
*p = 0;
err = assuan_write_status (ctx, keyword, buf);
err = vprint_assuan_status_strings (ctx, keyword, arg_ptr);
va_end (arg_ptr);
return err;
}

7
common/asshelp.h
View File

@ -93,5 +93,12 @@ gpg_error_t vprint_assuan_status (assuan_context_t ctx,
const char *format,
va_list arg_ptr) GPGRT_ATTR_PRINTF(3,0);
gpg_error_t vprint_assuan_status_strings (assuan_context_t ctx,
const char *keyword,
va_list arg_ptr);
gpg_error_t print_assuan_status_strings (assuan_context_t ctx,
const char *keyword,
...) GPGRT_ATTR_SENTINEL(1);
#endif /*GNUPG_COMMON_ASSHELP_H*/

63
common/asshelp2.c
View File

@ -71,3 +71,66 @@ print_assuan_status (assuan_context_t ctx,
va_end (arg_ptr);
return err;
}
/* Helper function to print a list of strings as an assuan status
* line. KEYWORD is the first item on the status line. ARG_PTR is a
* list of strings which are all separated by a space in the output.
* The last argument must be a NULL. Linefeeds and carriage returns
* characters (which are not allowed in an Assuan status line) are
* silently quoted in C-style. */
gpg_error_t
vprint_assuan_status_strings (assuan_context_t ctx,
const char *keyword, va_list arg_ptr)
{
gpg_error_t err = 0;
const char *text;
char buf[950], *p;
size_t n;
p = buf;
n = 0;
while ((text = va_arg (arg_ptr, const char *)) && n < DIM (buf)-3 )
{
if (n)
{
*p++ = ' ';
n++;
}
for ( ; *text && n < DIM (buf)-3; n++, text++)
{
if (*text == '\n')
{
*p++ = '\\';
*p++ = 'n';
n++;
}
else if (*text == '\r')
{
*p++ = '\\';
*p++ = 'r';
n++;
}
else
*p++ = *text;
}
}
*p = 0;
err = assuan_write_status (ctx, keyword, buf);
return err;
}
/* See vprint_assuan_status_strings. */
gpg_error_t
print_assuan_status_strings (assuan_context_t ctx, const char *keyword, ...)
{
va_list arg_ptr;
gpg_error_t err;
va_start (arg_ptr, keyword);
err = vprint_assuan_status_strings (ctx, keyword, arg_ptr);
va_end (arg_ptr);
return err;
}

19
dirmngr/server.c
View File

@ -2834,30 +2834,13 @@ dirmngr_status (ctrl_t ctrl, const char *keyword, ...)
{
gpg_error_t err = 0;
va_list arg_ptr;
const char *text;
assuan_context_t ctx;
va_start (arg_ptr, keyword);
if (ctrl->server_local && (ctx = ctrl->server_local->assuan_ctx))
{
char buf[950], *p;
size_t n;
p = buf;
n = 0;
while ( (text = va_arg (arg_ptr, const char *)) )
{
if (n)
{
*p++ = ' ';
n++;
}
for ( ; *text && n < DIM (buf)-2; n++)
*p++ = *text++;
}
*p = 0;
err = assuan_write_status (ctx, keyword, buf);
err = vprint_assuan_status_strings (ctx, keyword, arg_ptr);
}
va_end (arg_ptr);

21
g13/server.c
View File

@ -34,6 +34,7 @@
#include "mount.h"
#include "suspend.h"
#include "../common/server-help.h"
#include "../common/asshelp.h"
#include "../common/call-gpg.h"
@ -737,24 +738,8 @@ g13_status (ctrl_t ctrl, int no, ...)
}
else
{
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
char buf[950], *p;
size_t n;
p = buf;
n = 0;
while ( (text = va_arg (arg_ptr, const char *)) )
{
if (n)
{
*p++ = ' ';
n++;
}
for ( ; *text && n < DIM (buf)-2; n++)
*p++ = *text++;
}
*p = 0;
err = assuan_write_status (ctx, get_status_string (no), buf);
err = vprint_assuan_status_strings (ctrl->server_local->assuan_ctx,
get_status_string (no), arg_ptr);
}
va_end (arg_ptr);

28
g13/sh-cmd.c
View File

@ -28,6 +28,7 @@
#include "g13-syshelp.h"
#include <assuan.h>
#include "../common/i18n.h"
#include "../common/asshelp.h"
#include "keyblob.h"
@ -904,34 +905,13 @@ sh_encrypt_keyblob (ctrl_t ctrl, const void *keyblob, size_t keybloblen,
gpg_error_t
g13_status (ctrl_t ctrl, int no, ...)
{
gpg_error_t err = 0;
gpg_error_t err;
va_list arg_ptr;
const char *text;
va_start (arg_ptr, no);
if (1)
{
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
char buf[950], *p;
size_t n;
p = buf;
n = 0;
while ( (text = va_arg (arg_ptr, const char *)) )
{
if (n)
{
*p++ = ' ';
n++;
}
for ( ; *text && n < DIM (buf)-2; n++)
*p++ = *text++;
}
*p = 0;
err = assuan_write_status (ctx, get_status_string (no), buf);
}
err = vprint_assuan_status_strings (ctrl->server_local->assuan_ctx,
get_status_string (no), arg_ptr);
va_end (arg_ptr);
return err;
}

4
scd/command.c
View File

@ -1848,7 +1848,8 @@ send_status_info (ctrl_t ctrl, const char *keyword, ...)
p = buf;
n = 0;
while ( (value = va_arg (arg_ptr, const unsigned char *)) )
while ( (value = va_arg (arg_ptr, const unsigned char *))
&& n < DIM (buf)-2 )
{
valuelen = va_arg (arg_ptr, size_t);
if (!valuelen)
@ -1865,6 +1866,7 @@ send_status_info (ctrl_t ctrl, const char *keyword, ...)
{
sprintf (p, "%%%02X", *value);
p += 3;
n += 2;
}
else if (*value == ' ')
*p++ = '+';

21
sm/server.c
View File

@ -31,6 +31,7 @@
#include <assuan.h>
#include "../common/sysutils.h"
#include "../common/server-help.h"
#include "../common/asshelp.h"
#define set_error(e,t) assuan_set_error (ctx, gpg_error (e), (t))
@ -1426,24 +1427,8 @@ gpgsm_status2 (ctrl_t ctrl, int no, ...)
}
else
{
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
char buf[950], *p;
size_t n;
p = buf;
n = 0;
while ( (text = va_arg (arg_ptr, const char *)) )
{
if (n)
{
*p++ = ' ';
n++;
}
for ( ; *text && n < DIM (buf)-2; n++)
*p++ = *text++;
}
*p = 0;
err = assuan_write_status (ctx, get_status_string (no), buf);
err = vprint_assuan_status_strings (ctrl->server_local->assuan_ctx,
get_status_string (no), arg_ptr);
}
va_end (arg_ptr);