[git] GPGME - branch, gpgme-1.4-branch, created. gpgme-1.4.3-9-g998e454
by Werner Koch
cvs at cvs.gnupg.org
Wed Jul 30 11:38:38 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, gpgme-1.4-branch has been created
at 998e454a320db77361feddf0dcc5ba39ebd9a49b (commit)
- Log -----------------------------------------------------------------
commit 998e454a320db77361feddf0dcc5ba39ebd9a49b
Author: Werner Koch <wk at gnupg.org>
Date: Wed Jul 30 11:36:03 2014 +0200
Release 1.4.4
* configure.ac: Change LT version to C22/A11/R1.
diff --git a/NEWS b/NEWS
index f68035d..d1adc24 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,20 @@
-Noteworthy changes in version 1.4.3 (2013-08-12)
-------------------------------------------------
+Noteworthy changes in version 1.4.4 (2014-07-30) [C22/A11/R1]
+-------------------------------------------------------------
+
+ Backported from 1.5.1:
+
+ * Fixed possible overflow in gpgsm and uiserver engines.
+ [CVE-2014-3564]
+
+ * Fixed possibled segv in gpgme_op_card_edit.
+
+ * Fixed minor memleaks and possible zombie processes.
+
+ * Fixed prototype inconsistencies and void pointer arithmetic.
+
+
+Noteworthy changes in version 1.4.3 (2013-08-12) [C22/A11/R0]
+-------------------------------------------------------------
* The default engine names are now taken from the output of gpgconf.
If gpgconf is not found the use of gpg 1 is assumed.
diff --git a/configure.ac b/configure.ac
index 92375e6..36bd035 100644
--- a/configure.ac
+++ b/configure.ac
@@ -29,7 +29,7 @@ min_automake_version="1.11"
# for the LT versions.
m4_define(mym4_version_major, [1])
m4_define(mym4_version_minor, [4])
-m4_define(mym4_version_micro, [3])
+m4_define(mym4_version_micro, [4])
# Below is m4 magic to extract and compute the revision number, the
# decimalized short revision number, a beta version string, and a flag
@@ -59,7 +59,7 @@ LIBGPGME_LT_CURRENT=22
# Subtract 2 from this value if you want to make the LFS transition an
# ABI break. [Note to self: Remove this comment with the next regular break.]
LIBGPGME_LT_AGE=11
-LIBGPGME_LT_REVISION=0
+LIBGPGME_LT_REVISION=1
# If the API is changed in an incompatible way: increment the next counter.
GPGME_CONFIG_API_VERSION=1
commit 1755f33a478aeb787f8cf0d55ad6c628c30ff473
Author: Werner Koch <wk at gnupg.org>
Date: Wed Jul 30 11:04:55 2014 +0200
Fix possible realloc overflow for gpgsm and uiserver engines.
* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):
--
After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded. Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order. This is not easy exploitable because libassuan constructs the
line. However a crash has been reported and thus it might be possible
to constructs an exploit.
CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka
Resolved conflicts:
NEWS - removed
diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
index cee20e3..a7888ca 100644
--- a/src/engine-gpgsm.c
+++ b/src/engine-gpgsm.c
@@ -837,7 +837,7 @@ status_handler (void *opaque, int fd)
else
{
*aline = newline;
- gpgsm->colon.attic.linesize += linelen + 1;
+ gpgsm->colon.attic.linesize = *alinelen + linelen + 1;
}
}
if (!err)
diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c
index bd140f9..350b609 100644
--- a/src/engine-uiserver.c
+++ b/src/engine-uiserver.c
@@ -698,7 +698,7 @@ status_handler (void *opaque, int fd)
else
{
*aline = newline;
- uiserver->colon.attic.linesize += linelen + 1;
+ uiserver->colon.attic.linesize = *alinelen + linelen + 1;
}
}
if (!err)
commit eee89ffd0193fd18114b5c3cb7d8544aa71b512a
Author: Werner Koch <wk at gnupg.org>
Date: Tue Apr 15 16:40:48 2014 +0200
w32: Fix another memleak on error.
* src/w32-io.c (create_reader): free CTX.
--
Found by Hans-Christoph Steiner with cppcheck.
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 3bc9f66..36f035a 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -896,6 +896,10 @@ build_argv (engine_gpg_t gpg)
close_notify_handler,
gpg))
{
+ /* We leak fd_data_map and the fds. This is not easy
+ to avoid and given that we reach this here only
+ after a malloc failure for a small object, it is
+ probably better not to do anything. */
return gpg_error (GPG_ERR_GENERAL);
}
/* If the data_type is FD, we have to do a dup2 here. */
diff --git a/src/w32-io.c b/src/w32-io.c
index 133d29e..f9e4313 100644
--- a/src/w32-io.c
+++ b/src/w32-io.c
@@ -425,6 +425,7 @@ create_reader (int fd)
if (fd < 0 || fd >= MAX_SLAFD || !fd_table[fd].used)
{
TRACE_SYSERR (EIO);
+ free (ctx);
return NULL;
}
TRACE_LOG4 ("fd=%d -> handle=%p socket=%d dupfrom=%d",
commit 27f052b9df75c3703d3ceabab2d2615e46665fe1
Author: Werner Koch <wk at gnupg.org>
Date: Tue Apr 15 16:40:48 2014 +0200
w32: Fix memleak in an error code paths.
* src/w32-io.c (create_writer): Free CTX in cased of bad FD.
* src/w32-util.c (_gpgme_mkstemp): Free TMPNAME in case of a failed
mkstemp.
--
Found by Hans-Christoph Steiner with cppcheck.
diff --git a/src/w32-io.c b/src/w32-io.c
index d896ec0..133d29e 100644
--- a/src/w32-io.c
+++ b/src/w32-io.c
@@ -794,6 +794,7 @@ create_writer (int fd)
if (fd < 0 || fd >= MAX_SLAFD || !fd_table[fd].used)
{
TRACE_SYSERR (EIO);
+ free (ctx);
return NULL;
}
TRACE_LOG4 ("fd=%d -> handle=%p socket=%d dupfrom=%d",
diff --git a/src/w32-util.c b/src/w32-util.c
index 4cee1cb..2dc7655 100644
--- a/src/w32-util.c
+++ b/src/w32-util.c
@@ -660,7 +660,10 @@ _gpgme_mkstemp (int *fd, char **name)
strcpy (stpcpy (tmpname, tmp), "\\gpgme-XXXXXX");
*fd = mkstemp (tmpname);
if (fd < 0)
- return -1;
+ {
+ free (tmpname);
+ return -1;
+ }
*name = tmpname;
return 0;
commit 1e488d3fd854bd9e340629ba9047d7385c1f3792
Author: Werner Koch <wk at gnupg.org>
Date: Tue Apr 15 12:25:45 2014 +0200
Fix possible zombie processes.
* src/posix-io.c (_gpgme_io_waitpid): Protect waitpid agains EINTR.
(_gpgme_io_dup): Likewise.
(_gpgme_io_connect): Likewise.
--
GnuPG-bug-id: 1630
diff --git a/src/posix-io.c b/src/posix-io.c
index ceb8831..c315539 100644
--- a/src/posix-io.c
+++ b/src/posix-io.c
@@ -340,10 +340,15 @@ int
_gpgme_io_waitpid (int pid, int hang, int *r_status, int *r_signal)
{
int status;
+ pid_t ret;
*r_status = 0;
*r_signal = 0;
- if (_gpgme_ath_waitpid (pid, &status, hang? 0 : WNOHANG) == pid)
+ do
+ ret = _gpgme_ath_waitpid (pid, &status, hang? 0 : WNOHANG);
+ while (ret == (pid_t)(-1) && errno == EINTR);
+
+ if (ret == pid)
{
if (WIFSIGNALED (status))
{
@@ -714,7 +719,11 @@ _gpgme_io_sendmsg (int fd, const struct msghdr *msg, int flags)
int
_gpgme_io_dup (int fd)
{
- int new_fd = dup (fd);
+ int new_fd;
+
+ do
+ new_fd = dup (fd);
+ while (new_fd == -1 && errno == EINTR);
TRACE1 (DEBUG_SYSIO, "_gpgme_io_dup", fd, "new fd==%i", new_fd);
@@ -744,7 +753,9 @@ _gpgme_io_connect (int fd, struct sockaddr *addr, int addrlen)
TRACE_BEG2 (DEBUG_SYSIO, "_gpgme_io_connect", fd,
"addr=%p, addrlen=%i", addr, addrlen);
- res = ath_connect (fd, addr, addrlen);
+ do
+ res = ath_connect (fd, addr, addrlen);
+ while (res == -1 && errno == EINTR);
return TRACE_SYSRES (res);
}
commit a175922f8a8a422aba08175c88c60cbc96113791
Author: Werner Koch <wk at gnupg.org>
Date: Tue Mar 11 13:58:38 2014 +0100
Avoid pointer arithmetic on void pointer.
* src/gpgme.c (gpgme_io_writen): Use new var buffer.
--
Reported-by: Albert Chin
diff --git a/src/gpgme.c b/src/gpgme.c
index b0ef03c..51b68a5 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -678,8 +678,9 @@ gpgme_io_write (int fd, const void *buffer, size_t count)
written or an error is return. Returns: 0 on success or -1 on
error and the sets errno. */
int
-gpgme_io_writen (int fd, const void *buffer, size_t count)
+gpgme_io_writen (int fd, const void *buffer_arg, size_t count)
{
+ const char *buffer = buffer_arg;
int ret = 0;
TRACE_BEG2 (DEBUG_GLOBAL, "gpgme_io_writen", fd,
"buffer=%p, count=%u", buffer, count);
commit 97f9bec6d0d0a3fb4dab96b30349d25cf00a1af5
Author: Werner Koch <wk at gnupg.org>
Date: Tue Mar 11 13:54:21 2014 +0100
Change implementation return type to match the definition.
* src/gpgme.c (gpgme_get_sub_protocol): Change return type to
gpgme_protocol_t.
--
Yet another enum/int mismatch.
Reported-by: Albert Chin.
diff --git a/src/gpgme.c b/src/gpgme.c
index bbfcddc..b0ef03c 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -357,7 +357,7 @@ gpgme_set_sub_protocol (gpgme_ctx_t ctx, gpgme_protocol_t protocol)
}
-gpgme_error_t
+gpgme_protocol_t
gpgme_get_sub_protocol (gpgme_ctx_t ctx)
{
TRACE2 (DEBUG_CTX, "gpgme_get_sub_protocol", ctx,
commit 206bfb5a7953dcdebfdbc6fe6136240964659561
Author: Werner Koch <wk at gnupg.org>
Date: Wed Feb 12 20:36:08 2014 +0100
Fix type inconsistency between gpgme.h and gpgme.c.
* src/gpgme.c (gpgme_set_pinentry_mode): Fix type of MODE.
--
GnuPG-bug-id: 1617
diff --git a/src/gpgme.c b/src/gpgme.c
index a8de64b..bbfcddc 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -514,7 +514,7 @@ gpgme_get_keylist_mode (gpgme_ctx_t ctx)
/* Set the pinentry mode for CTX to MODE. */
gpgme_error_t
-gpgme_set_pinentry_mode (gpgme_ctx_t ctx, gpgme_keylist_mode_t mode)
+gpgme_set_pinentry_mode (gpgme_ctx_t ctx, gpgme_pinentry_mode_t mode)
{
TRACE1 (DEBUG_CTX, "gpgme_set_pinentry_mode", ctx, "pinentry_mode=%u",
(unsigned int)mode);
commit 3150aeba4095c79038761f035748485052b4b9eb
Author: Werner Koch <wk at gnupg.org>
Date: Mon Aug 19 20:40:10 2013 +0200
Fix possible segv in the gpgme_op_card_edit.
* src/edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start): Do not
deref a NULL KEY in TRACE_BEG.
diff --git a/src/edit.c b/src/edit.c
index 1f73078..72fa458 100644
--- a/src/edit.c
+++ b/src/edit.c
@@ -143,7 +143,7 @@ gpgme_op_edit_start (gpgme_ctx_t ctx, gpgme_key_t key,
TRACE_BEG5 (DEBUG_CTX, "gpgme_op_edit_start", ctx,
"key=%p (%s), fnc=%p fnc_value=%p, out=%p", key,
- (key->subkeys && key->subkeys->fpr) ?
+ (key && key->subkeys && key->subkeys->fpr) ?
key->subkeys->fpr : "invalid", fnc, fnc_value, out);
if (!ctx)
@@ -164,7 +164,7 @@ gpgme_op_edit (gpgme_ctx_t ctx, gpgme_key_t key,
TRACE_BEG5 (DEBUG_CTX, "gpgme_op_edit", ctx,
"key=%p (%s), fnc=%p fnc_value=%p, out=%p", key,
- (key->subkeys && key->subkeys->fpr) ?
+ (key && key->subkeys && key->subkeys->fpr) ?
key->subkeys->fpr : "invalid", fnc, fnc_value, out);
if (!ctx)
@@ -187,7 +187,7 @@ gpgme_op_card_edit_start (gpgme_ctx_t ctx, gpgme_key_t key,
TRACE_BEG5 (DEBUG_CTX, "gpgme_op_card_edit_start", ctx,
"key=%p (%s), fnc=%p fnc_value=%p, out=%p", key,
- (key->subkeys && key->subkeys->fpr) ?
+ (key && key->subkeys && key->subkeys->fpr) ?
key->subkeys->fpr : "invalid", fnc, fnc_value, out);
if (!ctx)
@@ -208,7 +208,7 @@ gpgme_op_card_edit (gpgme_ctx_t ctx, gpgme_key_t key,
TRACE_BEG5 (DEBUG_CTX, "gpgme_op_card_edit", ctx,
"key=%p (%s), fnc=%p fnc_value=%p, out=%p", key,
- (key->subkeys && key->subkeys->fpr) ?
+ (key && key->subkeys && key->subkeys->fpr) ?
key->subkeys->fpr : "invalid", fnc, fnc_value, out);
if (!ctx)
-----------------------------------------------------------------------
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
More information about the Gnupg-commits
mailing list