[git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.18-26-ged6287d

by Werner Koch cvs at cvs.gnupg.org
Tue Jan 13 03:33:20 CET 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-1-4 has been updated
       via  ed6287d2e1546ee0f4064675270da003f51e1b39 (commit)
       via  e7cbce8fb2b7417fd1048f916b3e3281f5b9dd7b (commit)
       via  e2e822d22526c1545e095bc24173b732137f5737 (commit)
       via  aab282855ada8dddee99c777c91829344e91f31a (commit)
      from  c83e250ef36c28a275de74d96e89898e9f99cb1e (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ed6287d2e1546ee0f4064675270da003f51e1b39
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Apr 18 14:40:43 2013 +0200

    doc: Formatting fixes.
    
    * doc/gpl.texi: Fix enumerate and re-indent examples.
    
    --
    
    Cherry-pick a part of ff6115227a1ced14e2fb3d160a12181b9dfbc502.
    
    Reported-by: Ian Abbott
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/doc/gpl.texi b/doc/gpl.texi
index 7f9a48a..0b802bc 100644
--- a/doc/gpl.texi
+++ b/doc/gpl.texi
@@ -659,12 +659,15 @@ an absolute waiver of all civil liability in connection with the
 Program, unless a warranty or assumption of liability accompanies a
 copy of the Program in return for a fee.
 
+ at end enumerate
+
 @iftex
 @heading END OF TERMS AND CONDITIONS
 @end iftex
 @ifinfo
 @center END OF TERMS AND CONDITIONS
 @end ifinfo
+
 @unnumberedsec How to Apply These Terms to Your New Programs
 
 If you develop a new program, and you want it to be of the greatest
@@ -675,9 +678,11 @@ terms.
 To do so, attach the following notices to the program.  It is safest
 to attach them to the start of each source file to most effectively
 state the exclusion of warranty; and each file should have at least
-the ``copyright'' line and a pointer to where the full notice is found.
- at smallexample
- at var{one line to give the program's name and a brief idea of what it does.}  
+the ``copyright'' line and a pointer to where the full notice is
+found.
+
+ at example
+ at var{one line to give the program's name and a brief idea of what it does.}
 Copyright (C) @var{year} @var{name of author}
 
 This program is free software: you can redistribute it and/or modify
@@ -692,17 +697,21 @@ General Public License for more details.
 
 You should have received a copy of the GNU General Public License
 along with this program.  If not, see @url{http://www.gnu.org/licenses/}.
- at end smallexample
+ at end example
 
+ at noindent
 Also add information on how to contact you by electronic and paper mail.
 
+ at noindent
 If the program does terminal interaction, make it output a short
 notice like this when it starts in an interactive mode:
 
 @smallexample
- at var{program} Copyright (C) @var{year} @var{name of author} 
-This program comes with ABSOLUTELY NO WARRANTY; for details type @samp{show w}.
-This is free software, and you are welcome to redistribute it under certain conditions; type @samp{show c} for details.
+ at var{program} Copyright (C) @var{year} @var{name of author}
+This program comes with ABSOLUTELY NO WARRANTY; for details
+type @samp{show w}.  This is free software, and you are
+welcome to redistribute it under certain conditions;
+type @samp{show c} for details.
 @end smallexample
 
 The hypothetical commands @samp{show w} and @samp{show c} should show
@@ -721,5 +730,3 @@ library, you may consider it more useful to permit linking proprietary
 applications with the library.  If this is what you want to do, use
 the GNU Lesser General Public License instead of this License.  But
 first, please read @url{http://www.gnu.org/philosophy/why-not-lgpl.html}.
-
- at end enumerate

commit e7cbce8fb2b7417fd1048f916b3e3281f5b9dd7b
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Fri Dec 19 17:53:36 2014 -0500

    avoid future chance of using uninitialized memory
    
    * util/iobuf.c: (iobuf_open): initialize len
    
    --
    
    Cherry-pick 367b073ab5f439ccf0750461d10c69f36998bd62.
    
    In iobuf_open, IOBUFCTRL_DESC and IOBUFCTRL_INIT commands are invoked
    (via file_filter()) on fcx, passing in a pointer to an uninitialized
    len.
    
    With these two commands, file_filter doesn't actually do anything with
    the value of len, so there's no actual risk of use of uninitialized
    memory in the code as it stands.
    
    However, some static analysis tools might flag this situation with a
    warning, and initializing the value doesn't hurt anything, so i think
    this trivial cleanup is warranted.
    
    Debian-Bug-Id: 773469

diff --git a/util/iobuf.c b/util/iobuf.c
index 35de020..a330460 100644
--- a/util/iobuf.c
+++ b/util/iobuf.c
@@ -1107,7 +1107,7 @@ iobuf_open( const char *fname )
     IOBUF a;
     FILEP_OR_FD fp;
     file_filter_ctx_t *fcx;
-    size_t len;
+    size_t len = 0;
     int print_only = 0;
     int fd;
 

commit e2e822d22526c1545e095bc24173b732137f5737
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Dec 22 12:44:13 2014 +0100

    doc: Fix memory leak in yat2m.
    
    * doc/yat2m.c (write_th): Free NAME.
    --
    
    Reported-by: Joshua Rogers <git at internot.info>

diff --git a/doc/yat2m.c b/doc/yat2m.c
index f780952..86c3c70 100644
--- a/doc/yat2m.c
+++ b/doc/yat2m.c
@@ -656,6 +656,7 @@ write_th (FILE *fp)
   *p++ = 0;
   fprintf (fp, ".TH %s %s %s \"%s\" \"%s\"\n",
            name, p, isodatestring (), opt_release, opt_source);
+  free (name);
   return 0;
 }
 

commit aab282855ada8dddee99c777c91829344e91f31a
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Dec 12 10:41:25 2014 +0100

    gpg: Fix possible read of unallocated memory
    
    * g10/parse-packet.c (can_handle_critical): Check content length
    before calling can_handle_critical_notation.
    --
    
    The problem was found by Jan Bee and gniibe proposed the used fix.
    Thanks.
    
    This bug can't be exploited: Only if the announced length of the
    notation is 21 or 32 a memcmp against fixed strings using that length
    would be done.  The compared data is followed by the actual signature
    and thus it is highly likely that not even read of unallocated memory
    will happen.  Nevertheless such a bug needs to be fixed.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 01600e4..e4e524c 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -1123,10 +1123,13 @@ can_handle_critical( const byte *buffer, size_t n, int type )
   switch( type )
     {
     case SIGSUBPKT_NOTATION:
-      if(n>=8)
-	return can_handle_critical_notation(buffer+8,(buffer[4]<<8)|buffer[5]);
-      else
-	return 0;
+      if (n >= 8)
+	{
+	  size_t notation_len = ((buffer[4] << 8) | buffer[5]);
+	  if (n - 8 >= notation_len)
+	    return can_handle_critical_notation (buffer + 8, notation_len);
+	}
+      return 0;
     case SIGSUBPKT_SIGNATURE:
     case SIGSUBPKT_SIG_CREATED:
     case SIGSUBPKT_SIG_EXPIRE:

-----------------------------------------------------------------------

Summary of changes:
 doc/gpl.texi       |   25 ++++++++++++++++---------
 doc/yat2m.c        |    1 +
 g10/parse-packet.c |   11 +++++++----
 util/iobuf.c       |    2 +-
 4 files changed, 25 insertions(+), 14 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list