security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity
gnupg/g10
History
NIIBE Yutaka 9ba0e2c76c g10: Fix regexp sanitization. 
* g10/trustdb.c (sanitize_regexp): Only escape operators.

--

Backport from master commit:
	ccf3ba92087e79abdeaa0208795829b431c6f201

To sanitize a regular expression, quoting by backslash should be only
done for defined characters.  POSIX defines 12 characters including
dot and backslash.

Quoting other characters is wrong, in two ways; It may build an
operator like: \b, \s, \w when using GNU library.  Case ignored match
doesn't work, because quoting lower letter means literally and no
much to upper letter.

GnuPG-bug-id: 2923
Co-authored-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-12-04 19:34:43 +09:00
..
armor.c
gpg: Remove left-over debug message.
2015-02-26 09:38:58 +01:00
build-packet.c
gpg: Fix export porting of zero length user ID packets.
2017-03-30 10:49:41 +02:00
call-agent.c
gpg: Fix a couple of spelling errors
2014-06-24 14:37:26 +02:00
call-agent.h
A bunch of minor changes
2009-12-21 16:19:09 +00:00
card-util.c
g10: Fix card-edit/fetch to use keyserver_fetch.
2016-06-24 10:22:55 +09:00
ChangeLog-2011
Generate the ChangeLog from commit logs.
2011-12-02 19:28:02 +01:00
cipher.c
Add provisions to build with Libgcrypt 1.6.
2012-05-24 10:55:11 +02:00
comment.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
compress-bz2.c
Fix bug#1011.
2009-09-03 11:29:25 +00:00
compress.c
gpg: Avoid infinite loop in uncompressing garbled packets.
2014-06-20 20:24:52 +02:00
cpr.c
gpg: Print a new FAILURE status after most commands.
2015-09-08 15:31:51 +02:00
dearmor.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
decrypt.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
delkey.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
encode.c
gpg: Fix --version output and explicitly disable ECC.
2013-10-11 09:18:01 +02:00
encr-data.c
gpg: Remove useless diagnostic in MDC verification.
2014-06-03 08:05:54 +02:00
exec.c
w32: Almost everywhere include winsock2.h before windows.h.
2013-04-23 18:06:46 +02:00
exec.h
Changed to GPLv3.
2007-07-04 19:49:40 +00:00
export.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
filter.h
gpg: Print better diagnostics for keyserver operations.
2015-02-18 12:14:22 +01:00
free-packet.c
g10: fix cmp_public_key and cmp_secret_keys.
2015-04-30 17:02:42 +09:00
getkey.c
g10: fix --card-status creating stub.
2015-08-12 10:23:40 +09:00
gpg-w32info.rc
w32: Add icons and version information.
2013-05-07 21:17:04 +02:00
gpg.c
gpg: Avoid publishing the GnuPG version by default
2016-08-09 12:35:37 +02:00
gpg.h
gpg: Add kbnode_t for easier backporting.
2014-08-06 17:09:15 +02:00
gpgv.c
gpgv: Tweak default options for extra security.
2016-07-09 10:38:25 +09:00
helptext.c
Created help files form the current po entries.
2007-12-04 15:00:14 +00:00
import.c
gpg: Remove an unused variable.
2015-02-18 14:20:21 +01:00
kbnode.c
Changed to GPLv3.
2007-07-04 19:49:40 +00:00
keydb.c
gpg: Detect Keybox files and print a diagnostic.
2013-01-03 20:21:20 +01:00
keydb.h
A bunch of minor changes
2009-12-21 16:19:09 +00:00
keyedit.c
gpg: Print a warning if the subkey expiration may not be what you want.
2015-01-26 14:55:24 +01:00
keygen.c
g10: Fix keysize with --expert.
2016-07-06 11:55:56 +09:00
keyid.c
gpg: Print PGP-2 fingerprint instead of all zeroes.
2015-06-17 08:38:48 +02:00
keylist.c
gpg: Improve 'General key info' line of --card-status.
2015-09-29 13:45:20 +09:00
keyring.c
gpg: Prevent an invalid memory read using a garbled keyring.
2015-02-12 18:58:36 +01:00
keyring.h
Make gpgv error message about a missing keyring more useful. This fixes
2009-04-03 10:34:22 +00:00
keyserver-internal.h
Changed to GPLv3.
2007-07-04 19:49:40 +00:00
keyserver.c
gpg: Print better diagnostics for keyserver operations.
2015-02-18 12:14:22 +01:00
main.h
gpg: Print a new FAILURE status after most commands.
2015-09-08 15:31:51 +02:00
mainproc.c
g10: Fix --list-packets.
2016-06-28 16:06:06 +09:00
Makefile.am
gpg: Do not link gpgv against libassuan.
2014-06-24 13:52:02 +02:00
mdfilter.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
misc.c
Use inline functions to convert buffer data to scalars.
2015-02-12 20:34:44 +01:00
openfile.c
gpg: Make the use of "--verify FILE" for detached sigs harder.
2014-11-14 09:36:19 +01:00
OPTIONS
See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch
2000-07-31 08:04:16 +00:00
options.h
g10: Fix --list-packets.
2016-06-28 16:06:06 +09:00
options.skel
gpg: Remove legacy keyserver examples from the template conf file.
2013-08-06 10:04:12 +02:00
packet.h
Fix bug#1122.
2009-09-03 20:51:55 +00:00
parse-packet.c
g10: Fix --list-packets.
2016-06-28 16:06:06 +09:00
passphrase.c
gpg: Allow for positional parameters in the passphrase prompt.
2014-08-26 10:16:44 +02:00
photoid.c
gpg: New %U expando for the photo viewer.
2014-06-03 08:55:31 +02:00
photoid.h
* main.h, mainproc.c (check_sig_and_print), keylist.c
2008-10-03 20:00:46 +00:00
pkclist.c
gpg: Use more specific reason codes for INV_RECP.
2014-06-24 10:08:39 +02:00
pkglue.c
Fix a for a bug fix in the latest Libgcrypt.
2011-06-13 14:35:30 +02:00
pkglue.h
Changed to GPLv3.
2007-07-04 19:49:40 +00:00
plaintext.c
gpg: Make the use of "--verify FILE" for detached sigs harder.
2014-11-14 09:36:19 +01:00
progress.c
Changed to GPLv3.
2007-07-04 19:49:40 +00:00
pubkey-enc.c
Add full Camellia support.
2009-06-05 14:11:03 +00:00
pubring.asc
See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch
2000-07-31 08:04:16 +00:00
revoke.c
Fixed a bunch of little bugs as reported by Fabian Keil.
2009-06-24 14:03:09 +00:00
rmd160.c
Add rmd160.c.
2008-12-12 12:01:20 +00:00
rmd160.h
Add missing header file.
2008-12-12 08:54:50 +00:00
seckey-cert.c
gpg: Consider that gcry_mpi_get_opaque may return NULL.
2015-06-02 17:41:30 +02:00
server.c
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
2010-02-12 15:15:34 +00:00
seskey.c
Add full Camellia support.
2009-06-05 14:11:03 +00:00
sig-check.c
g10: Fix checking key for signature validation.
2016-08-04 17:15:23 +09:00
sign.c
gpg: Obsolete --no-sig-create-check.
2015-09-01 07:43:54 +02:00
signal.c
Fix a signal cleanup problem.
2009-05-26 09:29:02 +00:00
skclist.c
Improved detection of bad/invalid signer keys.
2009-08-06 20:12:00 +00:00
t-rmd160.c
Make gpg not depend on the RIPE-MD160 implementaion in Libgcrypt.
2008-12-11 17:44:52 +00:00
tdbdump.c
Marked all unused args on non-W32 platforms.
2008-10-20 13:53:23 +00:00
tdbio.c
g10: Fix another race condition for trustdb access.
2016-06-15 08:56:12 +09:00
tdbio.h
gpg: Do not require a trustdb with --always-trust.
2013-10-11 09:25:58 +02:00
textfilter.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
trustdb.c
g10: Fix regexp sanitization.
2017-12-04 19:34:43 +09:00
trustdb.h
Changes to --min-cert-level should cause a trustdb rebuild (issue 1366)
2012-01-19 23:03:56 -05:00
verify.c
Marked all unused args on non-W32 platforms.
2008-10-20 13:53:23 +00:00