gnupg/keyserver (ChangeLog gpgkeys_hkp.c gpgkeys_oldhkp.c ksutil.h)

cvs user dshaw cvs at cvs.gnupg.org
Mon May 2 02:28:39 CEST 2005


    Date: Monday, May 2, 2005 @ 02:46:39
  Author: dshaw
    Path: /cvs/gnupg/gnupg/keyserver

Modified: ChangeLog gpgkeys_hkp.c gpgkeys_oldhkp.c ksutil.h

* gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and
comments as to the size of MAX_LINE and MAX_URL.


------------------+
 ChangeLog        |    5 +++++
 gpgkeys_hkp.c    |   12 +++++++++---
 gpgkeys_oldhkp.c |    4 ++++
 ksutil.h         |   12 +++++-------
 4 files changed, 23 insertions(+), 10 deletions(-)


Index: gnupg/keyserver/ChangeLog
diff -u gnupg/keyserver/ChangeLog:1.125 gnupg/keyserver/ChangeLog:1.126
--- gnupg/keyserver/ChangeLog:1.125	Sun Apr 17 04:18:32 2005
+++ gnupg/keyserver/ChangeLog	Mon May  2 02:46:39 2005
@@ -1,3 +1,8 @@
+2005-05-01  David Shaw  <dshaw at jabberwocky.com>
+
+	* gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup
+	and comments as to the size of MAX_LINE and MAX_URL.
+
 2005-04-16  David Shaw  <dshaw at jabberwocky.com>
 
 	* gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
Index: gnupg/keyserver/gpgkeys_hkp.c
diff -u gnupg/keyserver/gpgkeys_hkp.c:1.51 gnupg/keyserver/gpgkeys_hkp.c:1.52
--- gnupg/keyserver/gpgkeys_hkp.c:1.51	Sun Apr 17 04:18:32 2005
+++ gnupg/keyserver/gpgkeys_hkp.c	Mon May  2 02:46:39 2005
@@ -72,7 +72,7 @@
 send_key(int *eof)
 {
   CURLcode res;
-  char request[MAX_URL+100];
+  char request[MAX_URL];
   int begin=0,end=0,ret=KEYSERVER_INTERNAL_ERROR;
   char keyid[17];
   char line[MAX_LINE];
@@ -80,7 +80,6 @@
   size_t keylen=8,keymax=8;
 
   key=malloc(9);
-  strcpy(key,"keytext=");
   if(!key)
     {
       fprintf(console,"gpgkeys: out of memory\n");
@@ -88,6 +87,8 @@
       goto fail;
     }
 
+  strcpy(key,"keytext=");
+
   /* Read and throw away input until we see the BEGIN */
 
   while(fgets(line,MAX_LINE,input)!=NULL)
@@ -216,6 +217,9 @@
       return KEYSERVER_NOT_SUPPORTED;
     }
 
+  /* Note that the size of request is MAX_URL which already implies a
+     1024 byte PATH.  MAX_URL+100 is absurdly safe. */
+
   strcpy(request,"http://");
   strcat(request,opt->host);
   strcat(request,":");
@@ -273,7 +277,9 @@
 
   searchkey_encoded=curl_escape(searchkey,0);
 
-  request=malloc(MAX_URL+100+strlen(searchkey_encoded));
+  /* Note that MAX_URL already implies a 1024 byte PATH, so this is
+     safe. */
+  request=malloc(MAX_URL+strlen(searchkey_encoded));
   if(!request)
     {
       fprintf(console,"gpgkeys: out of memory\n");
Index: gnupg/keyserver/gpgkeys_oldhkp.c
diff -u gnupg/keyserver/gpgkeys_oldhkp.c:1.1 gnupg/keyserver/gpgkeys_oldhkp.c:1.2
--- gnupg/keyserver/gpgkeys_oldhkp.c:1.1	Sat Apr 16 20:50:46 2005
+++ gnupg/keyserver/gpgkeys_oldhkp.c	Mon May  2 02:46:39 2005
@@ -37,6 +37,10 @@
 #include "keyserver.h"
 #include "ksutil.h"
 
+#define GET    0
+#define SEND   1
+#define SEARCH 2
+
 extern char *optarg;
 extern int optind;
 
Index: gnupg/keyserver/ksutil.h
diff -u gnupg/keyserver/ksutil.h:1.10 gnupg/keyserver/ksutil.h:1.11
--- gnupg/keyserver/ksutil.h:1.10	Sun Apr 17 03:52:04 2005
+++ gnupg/keyserver/ksutil.h	Mon May  2 02:46:39 2005
@@ -27,13 +27,11 @@
 #include <curl/curl.h>
 #endif
 
-#define GET    0
-#define SEND   1
-#define SEARCH 2
-
-/* MAX_LINE must be 1 larger than the largest item we expect to
-   receive. */
-#define MAX_LINE    1080
+/* MAX_LINE must be at least 1 larger than the largest item we expect
+   to receive, including the name tag ("COMMAND", "PORT", etc) and
+   space between.  In practice, that means it should be
+   strlen("OPAQUE")+1+sizeof_opaque+1 */
+#define MAX_LINE       (6+1+1024+1)
 
 #define MAX_COMMAND    6
 #define MAX_OPTION   256




More information about the Gnupg-commits mailing list