security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity
gnupg/g10
History
Werner Koch ec81c437e7
gpg: Fix expand GPG groups when resolving a key 
* g10/expand-group.c (expand_group): Add arg prepend_input.
* g10/pkclist.c (build_pk_list): Adjust for it.
* g10/getkey.c (key_byname): Keep the expanded names in the CTX and
don't premature free them.
(get_pubkey_byname): Append the namelist to the extra_list.
--

The original patch didn't kept the expanded list in the context and
also would duplicate names which are not group names.  The latter does
not really harm but the former lead to a use after free.  Original
patch was applied just a few weeks ago.

Fixes-commit: e825aea2ba
Signed-off-by: Werner Koch <wk@gnupg.org>
 		2019-09-30 14:08:13 +02:00
..
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
Makefile.am Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:20:07 +09:00
build-packet.c gpg: Rework the signature subpacket iteration function. 2019-09-05 20:38:23 +02:00
call-agent.c gpg: New option --use-only-openpgp-card 2019-08-21 14:13:51 +02:00
call-agent.h card: Fix showing KDF object attribute. 2019-07-19 13:26:49 +09:00
call-dirmngr.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
call-keyboxd.c kbx,gpg: Allow lookup using a UBID. 2019-09-27 10:05:07 +02:00
card-util.c gpg: Use modern spelling for the female salutation. 2019-08-22 10:24:16 +02:00
cipher-aead.c g10: Fix log_debug formatting. 2018-11-08 12:14:23 +09:00
cipher-cfb.c gpg: Remove MDC options 2018-05-29 12:42:52 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c spelling: Fix "synchronize" 2019-06-23 20:21:02 -04:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c common: Allow a readlimit for iobuf_esopen. 2019-09-10 15:45:58 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
dek.h gpg: More check for symmetric key encryption. 2019-07-18 11:02:34 +09:00
delkey.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
distsigkey.gpg build: Update distsigkey.gpg 2017-11-22 20:54:47 +01:00
ecdh.c Fix the previous commit. 2019-03-14 08:23:38 +09:00
encrypt.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
exec.c gpg: photoid: Move functions from exec.c. 2019-07-25 11:21:58 +09:00
exec.h gpg: photoid: Move functions from exec.c. 2019-07-25 11:21:58 +09:00
expand-group.c gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
export.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
filter.h g10/armor: use libgcrypt's CRC24 implementation 2018-11-08 21:31:12 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
gpg.h gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgcompose.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-15 20:41:38 +01:00
key-check.c gpg: Improve import's repair-key duplicate signature detection. 2018-06-07 18:41:17 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Rework the signature subpacket iteration function. 2019-09-05 20:38:23 +02:00
key-clean.h headers: fix spelling 2018-10-25 16:53:05 -04:00
keydb-private.h gpg: First rough implementation of keyboxd access for key lookup. 2019-09-10 16:05:54 +02:00
keydb.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
keydb.h gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
keyedit.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
keyedit.h gpg: During secret key import print "sec" instead of "pub". 2019-03-15 19:14:34 +01:00
keygen.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
keyid.c gpg: Cache a once computed fingerprint in PKT_public_key. 2019-04-12 11:11:09 +02:00
keylist.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
keyring.c gpg: Fix keyring retrieval. 2019-07-10 15:06:54 +09:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
main.h gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
mainproc.c gpg: Rework the signature subpacket iteration function. 2019-09-05 20:38:23 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
misc.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
objcache.c doc: Minor doc updates and a typo fix. 2019-09-25 16:21:30 +02:00
objcache.h gpg: Fix getting User ID. 2019-07-11 12:32:44 +09:00
openfile.c gpg: Rename a misnomed arg in open_outfile. 2018-01-28 18:59:18 +01:00
options.h Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
packet.h gpg: Rework the signature subpacket iteration function. 2019-09-05 20:38:23 +02:00
parse-packet.c gpg: Fix a recently introduced printf format buglet. 2019-09-27 15:57:52 +02:00
passphrase.c gpg: Move S2K encoding function to a shared file. 2019-01-26 23:10:38 +01:00
photoid.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
photoid.h gpg: A little clean up. 2019-07-23 12:04:21 +09:00
pkclist.c gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c gpg: Return the last error for pubkey decryption. 2019-07-05 15:16:08 +09:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
sig-check.c sm: Add yet inactive options to support authenticode 2019-04-30 08:28:54 +02:00
sign.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
skclist.c gpg: Improve the code to decrypt using PIV cards. 2019-04-03 17:45:35 +02:00
t-keydb-get-keyblock.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
tdbio.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
test.c tests: Locate resources and scripts relative to top source dir. 2017-04-24 14:14:05 +02:00
textfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
tofu.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
verify.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00