[git] GnuPG - branch, master, updated. gnupg-2.1.2-33-g4bc3a2e
by Werner Koch
cvs at cvs.gnupg.org
Sun Mar 15 13:36:45 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 4bc3a2e954afc2ba7dbe79ba5f740184b7d4cd73 (commit)
via 3a35c9740ab792068ec4b3732ecfaa17bf4fc7f0 (commit)
via 3529dd8bb5bafc4e02915648d5f409bd27a9cc37 (commit)
via 95415bdec77a608e6052ba3e2a5d857a8e8f7689 (commit)
via c59b410cf1d5676de7061e5a183c01227aa8e760 (commit)
via ef0a3abf7305133d071bf1a94a7f461082f9a9aa (commit)
via 35db798c2df7f31b52a9dd9d55ea60ae1f325be9 (commit)
from efde50f92af241d8357db83e280a6ece62f6397f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4bc3a2e954afc2ba7dbe79ba5f740184b7d4cd73
Author: Werner Koch <wk at gnupg.org>
Date: Sun Mar 15 13:33:26 2015 +0100
g13: Fix pointer wrap check.
* g13/utils.c (find_tuple, next_tuple): Cast pointer to size_t before
doing an overflow check.
--
Detected by Stack 0.3:
bug: anti-simplify
model: |
%cmp4 = icmp ult i8* %add.ptr3, %s.0, !dbg !568
--> false
stack:
- /home/wk/s/gnupg/g13/utils.c:127:0
ncore: 1
core:
- /home/wk/s/gnupg/g13/utils.c:127:0
- pointer overflow
diff --git a/g13/utils.c b/g13/utils.c
index 6fe3e5a..4ab4799 100644
--- a/g13/utils.c
+++ b/g13/utils.c
@@ -124,14 +124,16 @@ find_tuple (tupledesc_t tupledesc, unsigned int tag, size_t *r_length)
s_end = s + tupledesc->datalen;
while (s < s_end)
{
- if (s+3 >= s_end || s + 3 < s)
+ /* We use addresses for the overflow check to avoid undefined
+ behaviour. size_t should work with all flat memory models. */
+ if ((size_t)s+3 >= (size_t)s_end || (size_t)s + 3 < (size_t)s)
break;
t = s[0] << 8;
t |= s[1];
n = s[2] << 8;
n |= s[3];
s += 4;
- if (s + n > s_end || s + n < s)
+ if ((size_t)s + n > (size_t)s_end || (size_t)s + n < (size_t)s)
break;
if (t == tag)
{
@@ -159,14 +161,14 @@ next_tuple (tupledesc_t tupledesc, unsigned int *r_tag, size_t *r_length)
s_end = s + tupledesc->datalen;
s += tupledesc->pos;
if (s < s_end
- && !(s+3 >= s_end || s + 3 < s))
+ && !((size_t)s + 3 >= (size_t)s_end || (size_t)s + 3 < (size_t)s))
{
t = s[0] << 8;
t |= s[1];
n = s[2] << 8;
n |= s[3];
s += 4;
- if (!(s + n > s_end || s + n < s))
+ if (!((size_t)s + n > (size_t)s_end || (size_t)s + n < (size_t)s))
{
tupledesc->pos = (s + n) - tupledesc->data;
*r_tag = t;
commit 3a35c9740ab792068ec4b3732ecfaa17bf4fc7f0
Author: Werner Koch <wk at gnupg.org>
Date: Sun Mar 15 13:11:44 2015 +0100
agent: Remove useless conditions in command.c.
* agent/command.c (cmd_setkeydesc): Remove NULL check.
(cmd_get_passphrase): Ditto.
(cmd_clear_passphrase): Ditto.
(cmd_get_confirmation): Ditto.
(cmd_getval): Ditto.
(cmd_putval): Ditto.
--
Detected by Stack 0.3.
diff --git a/agent/command.c b/agent/command.c
index ca28e9b..96fbf19 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -718,7 +718,7 @@ cmd_setkeydesc (assuan_context_t ctx, char *line)
if (p)
*p = 0; /* We ignore any garbage; we might late use it for other args. */
- if (!desc || !*desc)
+ if (!*desc)
return set_error (GPG_ERR_ASS_PARAMETER, "no description given");
/* Note, that we only need to replace the + characters and should
@@ -1481,7 +1481,7 @@ cmd_get_passphrase (assuan_context_t ctx, char *line)
}
}
}
- if (!cacheid || !*cacheid || strlen (cacheid) > 50)
+ if (!*cacheid || strlen (cacheid) > 50)
return set_error (GPG_ERR_ASS_PARAMETER, "invalid length of cacheID");
if (!desc)
return set_error (GPG_ERR_ASS_PARAMETER, "no description given");
@@ -1596,7 +1596,7 @@ cmd_clear_passphrase (assuan_context_t ctx, char *line)
p = strchr (cacheid, ' ');
if (p)
*p = 0; /* ignore garbage */
- if (!cacheid || !*cacheid || strlen (cacheid) > 50)
+ if (!*cacheid || strlen (cacheid) > 50)
return set_error (GPG_ERR_ASS_PARAMETER, "invalid length of cacheID");
agent_put_cache (cacheid, opt_normal ? CACHE_MODE_NORMAL : CACHE_MODE_USER,
@@ -1635,7 +1635,7 @@ cmd_get_confirmation (assuan_context_t ctx, char *line)
if (p)
*p = 0; /* We ignore any garbage -may be later used for other args. */
- if (!desc || !*desc)
+ if (!*desc)
return set_error (GPG_ERR_ASS_PARAMETER, "no description given");
if (!strcmp (desc, "X"))
@@ -2568,7 +2568,7 @@ cmd_getval (assuan_context_t ctx, char *line)
if (*p)
return set_error (GPG_ERR_ASS_PARAMETER, "too many arguments");
}
- if (!key || !*key)
+ if (!*key)
return set_error (GPG_ERR_ASS_PARAMETER, "no key given");
@@ -2635,7 +2635,7 @@ cmd_putval (assuan_context_t ctx, char *line)
valuelen = percent_plus_unescape_inplace (value, 0);
}
}
- if (!key || !*key)
+ if (!*key)
return set_error (GPG_ERR_ASS_PARAMETER, "no key given");
commit 3529dd8bb5bafc4e02915648d5f409bd27a9cc37
Author: Werner Koch <wk at gnupg.org>
Date: Sun Mar 15 13:04:48 2015 +0100
agent: Fix length test in sshcontrol parser.
* agent/command-ssh.c (ssh_search_control_file): Check S before
upcasing it.
--
In contradiction to the comment we did not check the length of HEXGRIP
and thus the GPG_ERR_INV_LENGTH was never triggered.
Detected by Stack 0.3:
bug: anti-simplify
model: |
%cmp8 = icmp ne i32 %i.0, 40, !dbg !986
--> false
stack:
- /home/wk/s/gnupg/agent/command-ssh.c:1226:0
ncore: 2
core:
- /home/wk/s/gnupg/agent/command-ssh.c:1225:0
- buffer overflow
- /home/wk/s/gnupg/agent/command-ssh.c:1225:0
- buffer overflow
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 2b51207..fffdb00 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -1220,7 +1220,7 @@ ssh_search_control_file (ssh_control_file_t cf,
/* We need to make sure that HEXGRIP is all uppercase. The easiest
way to do this and also check its length is by copying to a
second buffer. */
- for (i=0, s=hexgrip; i < 40; s++, i++)
+ for (i=0, s=hexgrip; i < 40 && *s; s++, i++)
uphexgrip[i] = *s >= 'a'? (*s & 0xdf): *s;
uphexgrip[i] = 0;
if (i != 40)
commit 95415bdec77a608e6052ba3e2a5d857a8e8f7689
Author: Werner Koch <wk at gnupg.org>
Date: Sun Mar 15 12:57:13 2015 +0100
agent: Remove useless conditions.
* agent/genkey.c (agent_ask_new_passphrase): Remove useless condition.
* agent/command-ssh.c (ssh_identity_register): Ditto.
--
Detected by Stack 0.3:
bug: anti-simplify
model: |
%tobool22 = icmp ne i8* %arraydecay21, null, !dbg !717
--> true
stack:
- /home/wk/s/gnupg/agent/genkey.c:385:0
ncore: 1
core:
- /home/wk/s/gnupg/agent/genkey.c:362:0
- pointer overflow
bug: anti-simplify
model: |
%tobool35 = icmp ne i8* %arraydecay34, null, !dbg !1053
--> true
stack:
- /home/wk/s/gnupg/agent/command-ssh.c:3120:0
ncore: 1
core:
- /home/wk/s/gnupg/agent/command-ssh.c:3103:0
- pointer overflow
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 51d2c54..2b51207 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -3117,7 +3117,7 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec,
/* Unless the passphrase is empty or the pinentry told us that
it already did the repetition check, ask to confirm it. */
- if (pi->pin && *pi->pin && !pi->repeat_okay)
+ if (*pi->pin && !pi->repeat_okay)
{
err = agent_askpin (ctrl, description2, NULL, NULL, pi2);
if (err == -1)
diff --git a/agent/genkey.c b/agent/genkey.c
index d7b6007..ecf676e 100644
--- a/agent/genkey.c
+++ b/agent/genkey.c
@@ -382,7 +382,7 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
}
/* Unless the passphrase is empty or the pinentry told us that
it already did the repetition check, ask to confirm it. */
- if (pi->pin && *pi->pin && !pi->repeat_okay)
+ if (*pi->pin && !pi->repeat_okay)
{
err = agent_askpin (ctrl, text2, NULL, NULL, pi2);
if (err == -1)
commit c59b410cf1d5676de7061e5a183c01227aa8e760
Author: Werner Koch <wk at gnupg.org>
Date: Sun Mar 15 12:30:06 2015 +0100
gpg: Remove useless condition.
* g10/keylist.c (list_keyblock_colon): Remove useless condition (PK).
(list_keyblock_print): Likewise.
--
PK is already derefed above and thus testing for PK is dead code.
Detected by Stack 0.3:
bug: anti-simplify
model: |
%tobool200 = icmp ne %struct.PKT_public_key* %3, null, !dbg !1498
--> true
stack:
- /home/wk/s/gnupg/g10/keylist.c:1367:0
ncore: 1
core:
- /home/wk/s/gnupg/g10/keylist.c:1319:0
- null pointer dereference
bug: anti-simplify
model: |
%tobool102 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1462
--> true
stack:
- /home/wk/s/gnupg/g10/keylist.c:978:0
ncore: 1
core:
- /home/wk/s/gnupg/g10/keylist.c:955:0
- null pointer dereference
bug: anti-simplify
model: |
%tobool128 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1469
--> true
stack:
- /home/wk/s/gnupg/g10/keylist.c:990:0
ncore: 1
core:
- /home/wk/s/gnupg/g10/keylist.c:955:0
- null pointer dereference
diff --git a/g10/keylist.c b/g10/keylist.c
index 03b9bbb..925109a 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -975,7 +975,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque)
{
PKT_user_id *uid = node->pkt->pkt.user_id;
- if (pk && (uid->is_expired || uid->is_revoked)
+ if ((uid->is_expired || uid->is_revoked)
&& !(opt.list_options & LIST_SHOW_UNUSABLE_UIDS))
{
skip_sigs = 1;
@@ -988,7 +988,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque)
dump_attribs (uid, pk);
if ((uid->is_revoked || uid->is_expired)
- || ((opt.list_options & LIST_SHOW_UID_VALIDITY) && pk))
+ || (opt.list_options & LIST_SHOW_UID_VALIDITY))
{
const char *validity;
int indent;
@@ -1364,7 +1364,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
{
int uid_validity;
- if (pk && !ulti_hack)
+ if (!ulti_hack)
uid_validity = get_validity_info (pk, uid);
else
uid_validity = 'u';
commit ef0a3abf7305133d071bf1a94a7f461082f9a9aa
Author: Werner Koch <wk at gnupg.org>
Date: Sun Mar 15 12:15:55 2015 +0100
scd: Fix possible NULL deref in apdu.c
* scd/apdu.c (control_pcsc_direct): Take care of BUFLEN being NULL.
(control_pcsc_wrapped): Ditto.
--
pcsc_vendor_specific_init calls the above with BUFFER and BUFLEN as
NULL.
Reported by Stack 0.3:
bug: anti-dce
model: |
control_pcsc.exit77:
%retval.0.i.i76 = phi i32 [ %rc.0.i.i.i73, \
%pcsc_error_to_sw.exit.i.i74 ], [ 0, %if.end.i.i75 ]
%tobool198 = icmp ne i32 %retval.0.i.i76, 0, !dbg !728
br i1 %tobool198, label %if.then199, label %if.end200, !dbg !728
stack:
- /home/wk/s/gnupg/scd/apdu.c:1882:0
ncore: 1
core:
- /home/wk/s/gnupg/scd/apdu.c:1309:0
- buffer overflow
diff --git a/scd/apdu.c b/scd/apdu.c
index 5e7d27b..53cc4b9 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -1307,7 +1307,7 @@ control_pcsc_direct (int slot, pcsc_dword_t ioctl_code,
long err;
err = pcsc_control (reader_table[slot].pcsc.card, ioctl_code,
- cntlbuf, len, buffer, *buflen, buflen);
+ cntlbuf, len, buffer, buflen? *buflen:0, buflen);
if (err)
{
log_error ("pcsc_control failed: %s (0x%lx)\n",
@@ -1375,14 +1375,18 @@ control_pcsc_wrapped (int slot, pcsc_dword_t ioctl_code,
full_len = len;
- n = *buflen < len ? *buflen : len;
+ if (buflen)
+ n = *buflen < len ? *buflen : len;
+ else
+ n = 0;
if ((i=readn (slotp->pcsc.rsp_fd, buffer, n, &len)) || len != n)
{
log_error ("error receiving PC/SC CONTROL response: %s\n",
i? strerror (errno) : "premature EOF");
goto command_failed;
}
- *buflen = n;
+ if (buflen)
+ *buflen = n;
full_len -= len;
if (full_len)
commit 35db798c2df7f31b52a9dd9d55ea60ae1f325be9
Author: Werner Koch <wk at gnupg.org>
Date: Sun Mar 15 12:07:21 2015 +0100
common: Make openpgp_oid_to_str more robust.
* common/openpgp-oid.c (openpgp_oid_to_str): Take care of
gcry_mpi_get_opaque returning NULL. Remove useless condition !BUF.
--
It is possible that an opaque MPI stores just a NULL pointer. Take
care of that before incrementing the pointer. We return an error in
this case because at least a length byte is required.
Found due to hint from stack 0.3:
bug: anti-simplify
model: |
%tobool15 = icmp ne i8* %incdec.ptr, null, !dbg !567
--> true
stack:
- /home/wk/s/gnupg/common/openpgp-oid.c:220:0
ncore: 1
core:
- /home/wk/s/gnupg/common/openpgp-oid.c:212:0
- pointer overflow
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c
index ccb67bb..7a75801 100644
--- a/common/openpgp-oid.c
+++ b/common/openpgp-oid.c
@@ -192,7 +192,9 @@ openpgp_oid_to_str (gcry_mpi_t a)
valmask = (unsigned long)0xfe << (8 * (sizeof (valmask) - 1));
- if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
+ if (!a
+ || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)
+ || !(buf = gcry_mpi_get_opaque (a, &lengthi)))
{
gpg_err_set_errno (EINVAL);
return NULL;
@@ -217,7 +219,7 @@ openpgp_oid_to_str (gcry_mpi_t a)
string = p = xtrymalloc (length*(1+3)+2+1);
if (!string)
return NULL;
- if (!buf || !length)
+ if (!length)
{
*p = 0;
return string;
-----------------------------------------------------------------------
Summary of changes:
agent/command-ssh.c | 4 ++--
agent/command.c | 12 ++++++------
agent/genkey.c | 2 +-
common/openpgp-oid.c | 6 ++++--
g10/keylist.c | 6 +++---
g13/utils.c | 10 ++++++----
scd/apdu.c | 10 +++++++---
7 files changed, 29 insertions(+), 21 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list