1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

358 Commits

Author SHA1 Message Date
Daniel Kahn Gillmor
e7cbce8fb2 avoid future chance of using uninitialized memory
* util/iobuf.c: (iobuf_open): initialize len

--

Cherry-pick 367b073ab5.

In iobuf_open, IOBUFCTRL_DESC and IOBUFCTRL_INIT commands are invoked
(via file_filter()) on fcx, passing in a pointer to an uninitialized
len.

With these two commands, file_filter doesn't actually do anything with
the value of len, so there's no actual risk of use of uninitialized
memory in the code as it stands.

However, some static analysis tools might flag this situation with a
warning, and initializing the value doesn't hurt anything, so i think
this trivial cleanup is warranted.

Debian-Bug-Id: 773469
2015-01-13 11:06:43 +09:00
Werner Koch
297f2ac645 Release 1.4.17 2014-06-23 17:15:09 +02:00
Werner Koch
f10b184e48 gpg: Limit the nesting level of I/O filters.
* until/iobuf.c (MAX_NESTING_FILTER): New.
(iobuf_push_filter2): Limit the nesting level.
--

This is a more general fix for the nested compression packet bug.  In
particular this helps g10/import.c:read_block to stop pushing
compression filters onto an iobuf stream.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 20:45:49 +02:00
Werner Koch
fb5c9deaa5 Release 1.4.14. 2013-07-25 10:44:26 +02:00
NIIBE Yutaka
212a325d42 gpg: signal handling fix
* include/dotlock.h (dotlock_remove_lockfiles_reclaim): New.
  (dotlock_destroy, dotlock_remove_lockfiles): Add a flag to reclaim
  memory or not.
* util/dotlock.c (dotlock_create): Use
  dotlock_remove_lockfiles_reclaim for atexit.
  (dotlock_destroy_unix, dotlock_destroy)
  (dotlock_remove_lockfiles): Add a reclaim flag.
  (dotlock_remove_lockfiles_reclaim): New.
* g10/signal.c (got_fatal_signal): Disable flag of reclaim memory to
  avoid non-async-face call.
* g10/keydb.c (maybe_create_keyring): Follow the API change.
* g10/gpgv.c: Follow the API change.

--

signal handler got_fatal_signal should not call non-async-signal-safe
functions.  When malloc is interrupted by a signal, it screws up.

This issue is reported:
https://bugs.g10code.com/gnupg/issue1515
http://bugs.debian.org/399904
2013-07-12 17:26:55 +09:00
David Shaw
6c3a76cca0 Part of issue 1447: Pass proper Host header when SRV is used.
* common/http.c (send_request, connect_server): Set proper Host header
  (no :port, host is that of the SRV) when SRV is used in the
  curl-shim.

Backported from cbe98b2cb1
2012-12-19 11:43:28 -05:00
Werner Koch
3d56d486e1 Remove trailing white space from some files
--
2012-12-19 14:05:56 +01:00
Werner Koch
550983f8fb Adjust to GNU coding standards
--

A variable definition with initialization shall have only one variable
per type.
2012-12-19 14:03:25 +01:00
Werner Koch
58004340cc Fix last commit
* util/http.c (connect_server): Bump SRVINDEX and not SRV.
2012-12-19 13:57:29 +01:00
David Shaw
f2f12f41ef Fix issue 1446: honor ports given in SRV responses.
* common/http.c (send_request, connect_server, http_open): Use a
  struct srv instead of a single srvtag so we can pass the chosen host
  and port back to the caller.
  (connect_server): Use the proper port in the HAVE_GETADDRINFO case.

* keyserver/curl-shim.c (curl_easy_perform): Use struct srv and log
  chosen host and port.

* keyserver/gpgkeys_hkp.c (main): Properly take the port given by SRV.

Backported from ba9e974f1f
2012-12-18 21:58:53 -05:00
Werner Koch
8044a5acea Add meta option ignore-invalid-option.
* util/argparse.c (iio_item_def_s, IIO_ITEM_DEF): New.
(initialize): Init field IIO_LIST.
(ignore_invalid_option_p): New.
(ignore_invalid_option_add): New.
(ignore_invalid_option_clear): New.
(optfile_parse): Implement meta option.
--

This option is currently of no use.  However, as soon as it has been
deployed in all stable versions of GnuPG, it will allow the use of the
same configuration file with an old and a new version of GnuPG.  For
example: If a new version implements the option "foobar", and a user
uses it in gpg.conf, an old version of gpg would bail out with the
error "invalid option".  To avoid that the following line can be put
above that option in gpg.conf

  ignore-invalid-option foobar

This meta option may be given several times or several option names
may be given as arguments (space delimited).  Note that this option is
not available on the command line.

(backported from commit 41d564333d)
2012-12-18 18:26:56 +01:00
Werner Koch
e33e74e3a4 Fix potential heap corruption in "gpg -v --version"
* g10/gpg.c (build_list): Rewrite to cope with buffer overflow in
certain locales.
* util/membuf.c (put_membuf_str): New.
(get_membuf): Make LEN optional.
--

This fixes an obvious bug in locales where the translated string is
longer than the original.  The bug could be exhibited by using
LANG=ru_RU.utf8 gpg -v --version.

En passant we also removed the trailing white space on continued
lines.

Reported-by: Dmitry V. Levin" <ldv at altlinux.org>
2012-12-15 11:28:00 +01:00
Werner Koch
a76efe1b05 Fix typos spotted during translations
* g10/gpg.c: uppercase after Syntax
* util/secmem.c (print_warn): Update URL.
2012-08-24 16:37:44 +02:00
Werner Koch
3a22b622c8 Allow building with the 32 bit mingw-w64 toolchain.
* scripts/autogen.sh <--build-w32>: Support i686-w64-mingw32 and use
it by default if installed.
* keyserver/gpgkeys_ldap.c (my_ldap_start_tls_s): Define macro
depending on compiler version.
(main): Use new macro.
* util/miscutil.c [!HAVE_TIMEGM]: Add prototype for the timegm
autoconf replacement function.
--

It seems that the LDAP keyserver helper build with the old mingw32
toolchain never worked correctly for LDAPS.  The prototype there for
ldap_start_tls_s is plainly wrong for Windows.  Anyway I included
special support so not to break building with the old compiler.
2012-01-12 18:10:30 +01:00
Werner Koch
b9333cd890 Replace file locking by the new portable dotlock code.
* include/dotlock.h: New.  From current gnupg master.
* util/dotlock.c: Ditto.  Include util.h.  The major changes done in
master are: Factor Unix and W32 specific code out into specific
functions.  Define HAVE_POSIX_SYSTEM.  Rearrange some functions.
(disable_dotlock): Rename to dotlock_disable.
(create_dotlock): Rename to dotlock_create and add a dummy arg.
(destroy_dotlock): Rename to dotlock_destroy.
(make_dotlock): Rename to dotlock_take.
(release_dotlock): Rename to dotlock_release.
(remove_lockfiles): Rename to dotlock_remove_lockfiles.
2012-01-10 15:16:44 +01:00
Werner Koch
dccdcef319 Update copyright years.
* util/argparse.c (default_strusage): Update printed copyright year.
2012-01-10 11:51:19 +01:00
Werner Koch
667ba59ec5 Use gcc pragmas to suppress some warnings.
* configure.ac (AH_BOTTOM): Add GNUPG_GCC_VERSION macro.
* util/estream-printf.c (pr_float): Use new gcc pragma to ignore a
warning about a non-literal format.
* util/miscutil.c (asctimestamp): Ditto.
* cipher/md.c (md_stop_debug): Use new gcc pragme to ignore a warning
* about a set but unused variable.
2012-01-10 11:31:00 +01:00
Werner Koch
76b73caf91 Rename all ChangeLog files to ChangeLog-2011.
* ChangeLog: New file.
2011-12-02 19:42:56 +01:00
Werner Koch
43c7d1c7cc On VMS use --batch by default if in batch mode.
This problem was identified and solved by Steven M. Schweda.
Note that the vms specific code is not part of this repository.
See http://antinode.info/dec/sw/gnupg.html for the VMS port.
2011-09-12 15:28:28 +02:00
Werner Koch
a95143e225 Removed some set but unused vars. 2011-08-09 10:54:22 +02:00
Werner Koch
c156a636c6 Fix bug#1307
This is a backport of the fixes for 2.0.  There is only one real bug,
the other changes are for clarity and for more picky compilers.
2011-08-09 10:12:36 +02:00
Werner Koch
a6b47500ac Detect unsigned time_t and adjust y2038 detection. 2010-10-27 10:59:11 +00:00
Werner Koch
6764837956 The rest of the VMS changes. 2010-09-28 15:55:24 +00:00
Werner Koch
aa29ba1689 Minor changes to help the VMS port 2010-09-28 10:07:30 +00:00
Werner Koch
a1fc3a5d9e Preparing a release candidate 2010-09-23 08:15:45 +00:00
Werner Koch
198c5c5587 Fix bug 1179 2010-05-12 16:06:38 +00:00
Werner Koch
7956620485 Fix a W32 problem 2009-09-03 15:27:30 +00:00
Werner Koch
91272a546f Update zH_TW and check for stdint.h 2009-09-03 08:59:41 +00:00
Werner Koch
20fe42d10b Restructured the compat functions and changed its license.
New fucntion xstrconcat for future use.
2009-08-25 20:00:24 +00:00
Werner Koch
f5f0171d55 Fix compiler size warning for debug output 2009-08-18 10:46:34 +00:00
Werner Koch
f52ef6d450 * miscutil.c (print_string2): Loose check for control characters
to better cope with utf-8.  The range 0x80..0x9f is nowadays not
  anymore accidently used for control charaters.  Fixes bug#1103.
2009-08-18 10:16:07 +00:00
David Shaw
00310b1aa8 Try and detect mis-coded Latin1 and convert it to UTF8. Whether the
heuristics succeed or not, the resulting string must be valid UTF8 as
LDAP requires that.  This is bug 1055.
2009-08-12 05:01:08 +00:00
David Shaw
63fb9d249a * srv.c (getsrv): Fix type-punning warning. (main): Allow testing any
SRV.
2009-07-23 19:05:19 +00:00
Werner Koch
3459c6b015 First set of changes to backport the new card code from 2.0.
For compatibility reasons a few new files had to be added.
Also added estream-printf as this is now used in app-openpgp.c and provides
a better and generic asprintf implementation than the hack we used for the
W32 code in ttyio.c.  Card code is not yet finished.
2009-07-21 14:30:13 +00:00
David Shaw
e8436d575e Avoid caches to get the most recent copy of the key. This is bug
#1061
2009-05-26 14:15:56 +00:00
Werner Koch
0bbe6eda34 Fixed bug1058. 2009-05-22 15:38:49 +00:00
Werner Koch
418e61a824 Improve dotlocking.
Implement locking for W32.
2009-05-05 15:32:16 +00:00
Werner Koch
631a0de335 Backport of Creation-Date parameter for unattended key generation. 2009-05-05 11:44:56 +00:00
David Shaw
2933e3d094 * srv.h: Move to include/srv.h.
* http.c (send_request): Pass in srvtag...  (http_open): ...from here.
2009-04-06 03:18:07 +00:00
David Shaw
a929f4c78e * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): Add
a CURLOPT_SRVTAG_GPG_HACK (passed through the the http engine).

* http.h: Allow passing srvtag to http_open and http_open_document.

 * http.c (http_open, http_open_document): Allow passing srvtag to
http_open and http_open_document.
2009-04-03 03:59:07 +00:00
David Shaw
a5b708ba9c * http.c (connect_server): free (rather than xfree) the result of
getsrv().
2009-04-03 03:38:59 +00:00
David Shaw
0f8b0fc195 * Makefile.am: Make srv.c part of libcompat instead of libutil.
* srv.c (getsrv): Raise maximum packet size to 2048, as PACKETSZ is
too small these days.  Use libc malloc and free as we're part of
libcompat now which may not be linked to memory.c.
2009-04-03 03:33:57 +00:00
David Shaw
da66b1d69e * iobuf.c (fd_cache_synchronize): New. fsync() a file in cache.
(iobuf_ioctl): Called here, for ioctl 4.  (fd_cache_invalidate): Pass
return code from close() back to iobuf_ioctl().
2009-03-20 20:33:14 +00:00
David Shaw
f801e0f9a8 * http.c (do_parse_uri): Properly handle IPv6 literal addresses as per
RFC-2732.  Adapted from patch by Phil Pennock.
2009-03-13 17:51:05 +00:00
David Shaw
81723b397a * Makefile.am, http.c (start_server): Minor tweaks to get http-test
compiling again.
2009-03-13 17:27:35 +00:00
David Shaw
564436af6f * Makefile.am: Use $(CC) instead of "cc" to compile, as the user might
be overriding the compiler.
2008-09-05 21:01:17 +00:00
Werner Koch
6ae5af5d7a Fix possible NULL argument to printf 2008-08-19 19:36:04 +00:00
David Shaw
3f4fb20cc3 * argparse.c (default_strusage): Update copyright date. 2008-03-06 17:22:41 +00:00
Werner Koch
aa9aec7068 Comment typ fixes.
Workaround for bad translations of the capability menu.
2007-12-03 14:41:38 +00:00
Werner Koch
9a2a818887 Switched to GPLv3.
Updated gettext.
2007-10-23 10:48:09 +00:00