[git] GnuPG - branch, master, updated. gnupg-2.1.2-68-gbec10ae
by Werner Koch
cvs at cvs.gnupg.org
Thu Mar 26 00:56:42 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via bec10ae4b5a870303c800cdf3cd906044613fc2d (commit)
via 6c701af121782c2feb4ee51e559a7420df00471f (commit)
via 99ef9cd7f589b51921bfbe8d52735c104ef260e3 (commit)
from 674e9a02aba85be769d780509313ef1080526027 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bec10ae4b5a870303c800cdf3cd906044613fc2d
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 25 19:39:27 2015 +0100
dirmngr: Fix resource leaks and check rare errors.
* dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Fix resource
leak.
(ks_ldap_search): Check error from es_fopenmem. Use LDAP_ERR where
required.
(modlist_dump): Check error from es_fopenmem.
(uncescape): s/int/size_t/. Use existing macros.
(extract_attributes): Use existing trim function.
(ks_ldap_put): Do not segv on error from modlist_dump.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c
index a17a312..bf56d35 100644
--- a/dirmngr/ks-engine-ldap.c
+++ b/dirmngr/ks-engine-ldap.c
@@ -329,6 +329,7 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
/* XXX: Should we include disabled / revoke options? */
KEYDB_SEARCH_DESC desc;
char *f = NULL;
+ char *freeme = NULL;
gpg_error_t err = classify_user_id (keyspec, &desc, 1);
if (err)
@@ -338,31 +339,31 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
{
case KEYDB_SEARCH_MODE_EXACT:
f = xasprintf ("(pgpUserID=%s)",
- ldap_escape_filter (desc.u.name));
+ (freeme = ldap_escape_filter (desc.u.name)));
break;
case KEYDB_SEARCH_MODE_SUBSTR:
if (! only_exact)
f = xasprintf ("(pgpUserID=*%s*)",
- ldap_escape_filter (desc.u.name));
+ (freeme = ldap_escape_filter (desc.u.name)));
break;
case KEYDB_SEARCH_MODE_MAIL:
if (! only_exact)
f = xasprintf ("(pgpUserID=*<%s>*)",
- ldap_escape_filter (desc.u.name));
+ (freeme = ldap_escape_filter (desc.u.name)));
break;
case KEYDB_SEARCH_MODE_MAILSUB:
if (! only_exact)
f = xasprintf ("(pgpUserID=*<*%s*>*)",
- ldap_escape_filter (desc.u.name));
+ (freeme = ldap_escape_filter (desc.u.name)));
break;
case KEYDB_SEARCH_MODE_MAILEND:
if (! only_exact)
f = xasprintf ("(pgpUserID=*<*%s>*)",
- ldap_escape_filter (desc.u.name));
+ (freeme = ldap_escape_filter (desc.u.name)));
break;
case KEYDB_SEARCH_MODE_SHORT_KID:
@@ -388,6 +389,8 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
break;
}
+ xfree (freeme);
+
if (! f)
{
log_error ("Unsupported search mode.\n");
@@ -398,6 +401,8 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
return 0;
}
+
+
/* Connect to an LDAP server and interrogate it.
@@ -1028,6 +1033,11 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
/* Even if we have no results, we want to return a stream. */
fp = es_fopenmem(0, "rw");
+ if (!fp)
+ {
+ err = gpg_error_from_syserror ();
+ goto out;
+ }
{
char **vals;
@@ -1052,7 +1062,7 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
xfree (filter);
filter = NULL;
- if (err != LDAP_SUCCESS && err != LDAP_SIZELIMIT_EXCEEDED)
+ if (ldap_err != LDAP_SUCCESS && ldap_err != LDAP_SIZELIMIT_EXCEEDED)
{
err = ldap_err_to_gpg_err (ldap_err);
@@ -1076,7 +1086,7 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
}
}
- if (err == LDAP_SIZELIMIT_EXCEEDED)
+ if (ldap_err == LDAP_SIZELIMIT_EXCEEDED)
{
if (count == 1)
log_error ("gpgkeys: search results exceeded server limit."
@@ -1261,6 +1271,8 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
return err;
}
+
+
/* A modlist describes a set of changes to an LDAP entry. (An entry
consists of 1 or more attributes. Attributes are <name, value>
@@ -1399,9 +1411,12 @@ modlist_dump (LDAPMod **modlist, estream_t output)
LDAPMod **m;
int opened = 0;
+
if (! output)
{
output = es_fopenmem (0, "rw");
+ if (!output)
+ return NULL;
opened = 1;
}
@@ -1538,8 +1553,8 @@ modlists_join (LDAPMod ***one, LDAPMod **two)
static void
uncescape (char *str)
{
- int r = 0;
- int w = 0;
+ size_t r = 0;
+ size_t w = 0;
char *first = strchr (str, '\\');
if (! first)
@@ -1551,14 +1566,13 @@ uncescape (char *str)
while (str[r])
{
- /* XXX: What to do about bad escapes? */
+ /* XXX: What to do about bad escapes?
+ XXX: hextobyte already checks the string thus the hexdigitp
+ could be removed. */
if (str[r] == '\\' && str[r + 1] == 'x'
- && (('0' <= str[r + 2] && str[r + 2] <= '9')
- || ('a' <= str[r + 2] && str[r + 2] <= 'f')
- || ('A' <= str[r + 2] && str[r + 2] <= 'F'))
- && (('0' <= str[r + 3] && str[r + 3] <= '9')
- || ('a' <= str[r + 3] && str[r + 3] <= 'f')
- || ('A' <= str[r + 3] && str[r + 3] <= 'F')))
+ && str[r+2] && str[r+3]
+ && hexdigitp (str + r + 2)
+ && hexdigitp (str + r + 3))
{
int x = hextobyte (&str[r + 2]);
assert (0 <= x && x <= 0xff);
@@ -1582,8 +1596,6 @@ uncescape (char *str)
static void
extract_attributes (LDAPMod ***modlist, char *line)
{
- int i;
-
int field_count;
char **fields;
@@ -1592,8 +1604,7 @@ extract_attributes (LDAPMod ***modlist, char *line)
int is_pub, is_sub, is_uid, is_sig;
/* Remove trailing whitespace */
- for (i = strlen (line) - 1; i >= 0 && ascii_isspace (line[i]); i--)
- line[i] = '\0';
+ trim_trailing_spaces (line);
fields = strsplit (line, ':', '\0', &field_count);
if (field_count == 1)
@@ -1671,7 +1682,7 @@ extract_attributes (LDAPMod ***modlist, char *line)
char padded[6];
if (val < 99999 && val > 0)
{
- sprintf (padded, "%05u", val);
+ snprintf (padded, sizeof padded, "%05u", val);
size = padded;
}
}
@@ -1992,8 +2003,11 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri,
if (dump)
{
estream_t input = modlist_dump (modlist, NULL);
- copy_stream (input, dump);
- es_fclose (input);
+ if (input)
+ {
+ copy_stream (input, dump);
+ es_fclose (input);
+ }
}
/* Going on the assumption that modify operations are more frequent
commit 6c701af121782c2feb4ee51e559a7420df00471f
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 25 19:33:59 2015 +0100
dirmngr: Minor cleanups.
* dirmngr/ks-engine-ldap.c [__riscos__]: Remove doubled util.h.
(ldap_to_gpg_err): s/GPG_ERR_GENERAL/GPG_ERR_INTERNAL/.
(tm2ldaptime): Use snprintf.
(ldap_connect): Get error code prior to log_error and and use modern
function. Use xfree, xtrustrdup etc.
(modlist_lookup): Use GNUPG_GCC_A_USED.
(modlist_free): Use xfree.
--
sprintf has been replaced by snprintf to avoid warnings on some
platforms.
xfree et al. is required so that replacement functions are
used if defined. For example the Libgcrypt functions which may not be
fully compatible with standard free.
Impossible conditions should use GPG_ERR_INTERNAL.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c
index 68a1bb7..a17a312 100644
--- a/dirmngr/ks-engine-ldap.c
+++ b/dirmngr/ks-engine-ldap.c
@@ -49,10 +49,6 @@
#include "ks-engine.h"
#include "ldap-parse-uri.h"
-#ifdef __riscos__
-# include "util.h"
-#endif
-
#ifndef HAVE_TIMEGM
time_t timegm(struct tm *tm);
#endif
@@ -220,7 +216,7 @@ ldap_to_gpg_err (LDAP *ld)
#else
/* We should never get here since the LDAP library should always
have either ldap_get_option or ld_errno, but just in case... */
- return GPG_ERR_GENERAL;
+ return GPG_ERR_INTERNAL;
#endif
}
@@ -265,7 +261,7 @@ tm2ldaptime (struct tm *tm)
tmp.tm_year += 1900;
tmp.tm_mon ++;
- sprintf (buf, "%04d%02d%02d%02d%02d%02dZ",
+ snprintf (buf, sizeof buf, "%04d%02d%02d%02d%02d%02dZ",
tmp.tm_year,
tmp.tm_mon,
tmp.tm_mday,
@@ -435,7 +431,7 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
If no LDAP error occured, you still need to check that *basednp is
valid. If it is NULL, then the server does not appear to be an
- OpenPGP Keyserver. In this case, you also do not need to free
+ OpenPGP Keyserver. In this case, you also do not need to xfree
*pgpkeyattrp. */
static int
ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
@@ -476,9 +472,9 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
ldap_conn = ldap_init (uri->host, uri->port);
if (! ldap_conn)
{
+ err = gpg_err_code_from_syserror ();
log_error ("Failed to open connection to LDAP server (%s://%s:%d)\n",
uri->scheme, uri->host, uri->port);
- err = gpg_err_code_from_errno (errno);
goto out;
}
@@ -516,7 +512,7 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
/* XXX: We need an option to determine whether to abort if the
certificate is bad or not. Right now we conservatively
default to checking the certificate and aborting. */
- int check_cert = LDAP_OPT_X_TLS_HARD; // LDAP_OPT_X_TLS_NEVER
+ int check_cert = LDAP_OPT_X_TLS_HARD; /* LDAP_OPT_X_TLS_NEVER */
err = ldap_set_option (ldap_conn,
LDAP_OPT_X_TLS_REQUIRE_CERT, &check_cert);
@@ -587,10 +583,13 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
char **vals;
LDAPMessage *si_res;
- char *object = xasprintf ("cn=pgpServerInfo,%s", context[i]);
- err = ldap_search_s (ldap_conn, object, LDAP_SCOPE_BASE,
- "(objectClass=*)", attr2, 0, &si_res);
- free (object);
+ {
+ char *object = xasprintf ("cn=pgpServerInfo,%s",
+ context[i]);
+ err = ldap_search_s (ldap_conn, object, LDAP_SCOPE_BASE,
+ "(objectClass=*)", attr2, 0, &si_res);
+ xfree (object);
+ }
if (err == LDAP_SUCCESS)
{
@@ -598,7 +597,7 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
"pgpBaseKeySpaceDN");
if (vals)
{
- basedn = strdup (vals[0]);
+ basedn = xtrystrdup (vals[0]);
ldap_value_free (vals);
}
@@ -649,7 +648,7 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
vals = ldap_get_values (ldap_conn, si_res, "baseKeySpaceDN");
if (vals)
{
- basedn = strdup (vals[0]);
+ basedn = xtrystrdup (vals[0]);
ldap_value_free (vals);
}
@@ -1361,8 +1360,6 @@ modlist_add (LDAPMod ***modlistp, char *attr, const char *value)
{
modlist[nummods]->mod_values = xmalloc (sizeof(char *) * 2);
- /* XXX: Is this the right thing? Can a UTF8-encoded user ID
- have embedded nulls? */
modlist[nummods]->mod_values[0] = xstrdup (value);
modlist[nummods]->mod_values[1] = NULL;
}
@@ -1394,7 +1391,7 @@ modlist_lookup (LDAPMod **modlist, const char *attr)
/* Dump a modlist to a file. This is useful for debugging. */
static estream_t modlist_dump (LDAPMod **modlist, estream_t output)
- __attribute__ ((used));
+ GNUPG_GCC_A_USED;
static estream_t
modlist_dump (LDAPMod **modlist, estream_t output)
@@ -1488,14 +1485,14 @@ modlist_free (LDAPMod **modlist)
if (mod->mod_values)
{
for (ptr = mod->mod_values; *ptr; ptr++)
- free (*ptr);
+ xfree (*ptr);
- free (mod->mod_values);
+ xfree (mod->mod_values);
}
- free (mod);
+ xfree (mod);
}
- free (modlist);
+ xfree (modlist);
}
/* Append two onto the end of one. Two is not freed, but its pointers
@@ -1633,7 +1630,8 @@ extract_attributes (LDAPMod ***modlist, char *line)
if (is_pub)
{
- int disabled = 0, revoked = 0;
+ int disabled = 0;
+ int revoked = 0;
char *flags;
for (flags = fields[1]; *flags; flags ++)
switch (*flags)
diff --git a/dirmngr/ldap-parse-uri.c b/dirmngr/ldap-parse-uri.c
index 2a341ad..9a6d619 100644
--- a/dirmngr/ldap-parse-uri.c
+++ b/dirmngr/ldap-parse-uri.c
@@ -127,7 +127,7 @@ ldap_parse_uri (parsed_uri_t *purip, const char *uri)
len = 0;
-#define add(s) { if (s) len += strlen (s) + 1; }
+#define add(s) do { if (s) len += strlen (s) + 1; } while (0)
add (scheme);
add (host);
@@ -166,6 +166,11 @@ ldap_parse_uri (parsed_uri_t *purip, const char *uri)
if (password)
{
puri->query = calloc (sizeof (*puri->query), 1);
+ if (!puri->query)
+ {
+ err = gpg_err_code_from_syserror ();
+ goto out;
+ }
puri->query->name = "password";
copy (puri->query->value, password);
puri->query->valuelen = strlen (password) + 1;
@@ -221,7 +226,8 @@ ldap_escape_filter (const char *filter)
case ')':
case '\\':
case '/':
- sprintf (&escaped[escaped_i], "%%%02x", filter[filter_i]);
+ snprintf (&escaped[escaped_i], 4, "%%%02x",
+ ((const unsigned char *)filter)[filter_i]);
escaped_i += 3;
break;
commit 99ef9cd7f589b51921bfbe8d52735c104ef260e3
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 25 19:19:38 2015 +0100
common: Add macro GNUPG_GCC_A_USED.
* common/util.h (GNUPG_GCC_A_USED): New.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/util.h b/common/util.h
index 4761a28..d22820d 100644
--- a/common/util.h
+++ b/common/util.h
@@ -159,6 +159,12 @@
# define GNUPG_GCC_A_SENTINEL(a)
#endif
+#if __GNUC__ >= 4
+# define GNUPG_GCC_A_USED __attribute__ ((used))
+#else
+# define GNUPG_GCC_A_USED
+#endif
+
/* We need this type even if we are not using libreadline and or we
did not include libreadline in the current file. */
-----------------------------------------------------------------------
Summary of changes:
common/util.h | 6 +++
dirmngr/ks-engine-ldap.c | 104 ++++++++++++++++++++++++++---------------------
dirmngr/ldap-parse-uri.c | 10 ++++-
3 files changed, 72 insertions(+), 48 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list