[git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-19-g88ac956
by Werner Koch
cvs at cvs.gnupg.org
Mon Jun 2 12:29:54 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-0 has been updated
via 88ac9568364b399b896de2d6f2432b1cb73415a8 (commit)
from b896fccaada0caf1987eb95ac99dd6b4ca609c4b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 88ac9568364b399b896de2d6f2432b1cb73415a8
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jun 2 11:47:25 2014 +0200
gpg: Fix bug parsing a zero length user id.
* g10/getkey.c (get_user_id): Do not call xmalloc with 0.
* common/xmalloc.c (xmalloc, xcalloc): Take extra precaution not to
pass 0 to the arguments.
--
The problem did not occur in 1.x because over there the xmalloc makes
sure to allocate at least one byte. With 2.x for most calls the
xmalloc of Libgcrypt is used and Libgcrypt returns an error insteead
of silent allocating a byte. Thus gpg 2.x bailed out with an
"Fatal: out of core while allocating 0 bytes".
The extra code in xmalloc.c is for more robustness for the other
xmalloc calls.
(cherry picked from commit 99972bd6e9abea71f270284f49997de5f00208af)
Resolved conflicts:
g10/getkey.c - ignore whitespace changes.
diff --git a/g10/getkey.c b/g10/getkey.c
index 5e8c1c9..c0184c2 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3035,27 +3035,35 @@ get_long_user_id_string( u32 *keyid )
char*
get_user_id( u32 *keyid, size_t *rn )
{
- user_id_db_t r;
- char *p;
- int pass=0;
+ user_id_db_t r;
+ char *p;
+ int pass = 0;
- /* try it two times; second pass reads from key resources */
- do {
- for(r=user_id_db; r; r = r->next ) {
- keyid_list_t a;
- for (a=r->keyids; a; a= a->next ) {
- if( a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1] ) {
- p = xmalloc( r->len );
- memcpy(p, r->name, r->len );
- *rn = r->len;
- return p;
- }
- }
- }
- } while( ++pass < 2 && !get_pubkey( NULL, keyid ) );
- p = xstrdup( user_id_not_found_utf8 () );
- *rn = strlen(p);
- return p;
+ /* Try it two times; second pass reads from key resources. */
+ do
+ {
+ for (r = user_id_db; r; r = r->next)
+ {
+ keyid_list_t a;
+ for (a = r->keyids; a; a = a->next)
+ {
+ if (a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1])
+ {
+ /* An empty string as user id is possible. Make
+ sure that the malloc allocates one byte and does
+ not bail out. */
+ p = xmalloc (r->len? r->len : 1);
+ memcpy (p, r->name, r->len);
+ *rn = r->len;
+ return p;
+ }
+ }
+ }
+ }
+ while (++pass < 2 && !get_pubkey (NULL, keyid));
+ p = xstrdup (user_id_not_found_utf8 ());
+ *rn = strlen (p);
+ return p;
}
char*
diff --git a/jnlib/xmalloc.c b/jnlib/xmalloc.c
index eb6d5ab..244f764 100644
--- a/jnlib/xmalloc.c
+++ b/jnlib/xmalloc.c
@@ -36,7 +36,15 @@ out_of_core(void)
void *
xmalloc( size_t n )
{
- void *p = malloc( n );
+ void *p;
+
+ /* Make sure that xmalloc (0) works. This is the same behaviour
+ has in gpg 2.x. Note that in contrast to this code, Libgcrypt
+ (and thus most xmallocs in gpg 2.x) detect the !n and bail out. */
+ if (!n)
+ n = 1;
+
+ p = malloc( n );
if( !p )
out_of_core();
return p;
@@ -54,7 +62,14 @@ xrealloc( void *a, size_t n )
void *
xcalloc( size_t n, size_t m )
{
- void *p = calloc( n, m );
+ void *p;
+
+ if (!n)
+ n = 1;
+ if (!m)
+ m = 1;
+
+ p = calloc( n, m );
if( !p )
out_of_core();
return p;
-----------------------------------------------------------------------
Summary of changes:
g10/getkey.c | 48 ++++++++++++++++++++++++++++--------------------
jnlib/xmalloc.c | 19 +++++++++++++++++--
2 files changed, 45 insertions(+), 22 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list