[git] GCRYPT - branch, master, updated. libgcrypt-1.7.1-4-g5a5b055
by Werner Koch
cvs at cvs.gnupg.org
Sat Jun 25 15:40:41 CEST 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 5a5b055b81ee60a22a846bdf2031516b1c24df98 (commit)
via 3f98b1e92d5afd720d7cea5b4e8295c5018bf9ac (commit)
from 0f3a069211d8d24a61aa0dc2cc6c4ef04cc4fab7 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5a5b055b81ee60a22a846bdf2031516b1c24df98
Author: Werner Koch <wk at gnupg.org>
Date: Sat Jun 25 15:38:06 2016 +0200
Improve robustness and help lint.
* cipher/rsa.c (rsa_encrypt): Check for !DATA.
* cipher/md.c (search_oid): Check early for !OID.
(md_copy): Use gpg_err_code_from_syserror. Replace chains of if(!err)
tests.
* cipher/cipher.c (search_oid): Check early for !OID.
* src/misc.c (do_printhex): Allow for BUFFER==NULL even with LENGTH>0.
* mpi/mpicoder.c (onecompl): Allow for A==NULL to help static
analyzers.
--
The change for md_copy is to help static analyzers which have no idea
that gpg_err_code_from_syserror will never return 0. A gcc attribute
returns_nonzero would be a nice to have.
Some changes are due to the fact the macros like mpi_is_immutable
gracefully handle a NULL arg but a static analyzer the considers that
the function allows for a NULL arg.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/cipher/cipher.c b/cipher/cipher.c
index bdcbfbd..2b7bf21 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -175,8 +175,10 @@ search_oid (const char *oid, gcry_cipher_oid_spec_t *oid_spec)
gcry_cipher_spec_t *spec;
int i;
- if (oid && ((! strncmp (oid, "oid.", 4))
- || (! strncmp (oid, "OID.", 4))))
+ if (!oid)
+ return NULL;
+
+ if (!strncmp (oid, "oid.", 4) || !strncmp (oid, "OID.", 4))
oid += 4;
spec = spec_from_oid (oid);
diff --git a/cipher/md.c b/cipher/md.c
index 344c1f2..a39e18a 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -198,8 +198,10 @@ search_oid (const char *oid, gcry_md_oid_spec_t *oid_spec)
gcry_md_spec_t *spec;
int i;
- if (oid && ((! strncmp (oid, "oid.", 4))
- || (! strncmp (oid, "OID.", 4))))
+ if (!oid)
+ return NULL;
+
+ if (!strncmp (oid, "oid.", 4) || !strncmp (oid, "OID.", 4))
oid += 4;
spec = spec_from_oid (oid);
@@ -471,51 +473,48 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
else
bhd = xtrymalloc (n + sizeof (struct gcry_md_context));
- if (! bhd)
- err = gpg_err_code_from_errno (errno);
-
- if (! err)
+ if (!bhd)
{
- bhd->ctx = b = (void *) ((char *) bhd + n);
- /* No need to copy the buffer due to the write above. */
- gcry_assert (ahd->bufsize == (n - sizeof (struct gcry_md_handle) + 1));
- bhd->bufsize = ahd->bufsize;
- bhd->bufpos = 0;
- gcry_assert (! ahd->bufpos);
- memcpy (b, a, sizeof *a);
- b->list = NULL;
- b->debug = NULL;
+ err = gpg_err_code_from_syserror ();
+ goto leave;
}
+ bhd->ctx = b = (void *) ((char *) bhd + n);
+ /* No need to copy the buffer due to the write above. */
+ gcry_assert (ahd->bufsize == (n - sizeof (struct gcry_md_handle) + 1));
+ bhd->bufsize = ahd->bufsize;
+ bhd->bufpos = 0;
+ gcry_assert (! ahd->bufpos);
+ memcpy (b, a, sizeof *a);
+ b->list = NULL;
+ b->debug = NULL;
+
/* Copy the complete list of algorithms. The copied list is
reversed, but that doesn't matter. */
- if (!err)
+ for (ar = a->list; ar; ar = ar->next)
{
- for (ar = a->list; ar; ar = ar->next)
+ if (a->flags.secure)
+ br = xtrymalloc_secure (ar->actual_struct_size);
+ else
+ br = xtrymalloc (ar->actual_struct_size);
+ if (!br)
{
- if (a->flags.secure)
- br = xtrymalloc_secure (ar->actual_struct_size);
- else
- br = xtrymalloc (ar->actual_struct_size);
- if (!br)
- {
- err = gpg_err_code_from_errno (errno);
- md_close (bhd);
- break;
- }
-
- memcpy (br, ar, ar->actual_struct_size);
- br->next = b->list;
- b->list = br;
+ err = gpg_err_code_from_syserror ();
+ md_close (bhd);
+ goto leave;
}
+
+ memcpy (br, ar, ar->actual_struct_size);
+ br->next = b->list;
+ b->list = br;
}
- if (a->debug && !err)
+ if (a->debug)
md_start_debug (bhd, "unknown");
- if (!err)
- *b_hd = bhd;
+ *b_hd = bhd;
+ leave:
return err;
}
diff --git a/cipher/rsa.c b/cipher/rsa.c
index ce8e215..b6c7374 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -1247,7 +1247,7 @@ rsa_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
goto leave;
if (DBG_CIPHER)
log_mpidump ("rsa_encrypt data", data);
- if (mpi_is_opaque (data))
+ if (!data || mpi_is_opaque (data))
{
rc = GPG_ERR_INV_DATA;
goto leave;
diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c
index e315576..4c63a14 100644
--- a/mpi/mpicoder.c
+++ b/mpi/mpicoder.c
@@ -403,14 +403,16 @@ onecompl (gcry_mpi_t a)
mpi_ptr_t ap;
mpi_size_t n;
unsigned int i;
- unsigned int nbits = mpi_get_nbits (a);
+ unsigned int nbits;
- if (mpi_is_immutable (a))
+ if (!a || mpi_is_immutable (a))
{
mpi_immutable_failed ();
return;
}
+ nbits = mpi_get_nbits (a);
+
mpi_normalize (a);
ap = a->d;
n = a->nlimbs;
diff --git a/src/misc.c b/src/misc.c
index ac64d70..413d7d8 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -291,7 +291,7 @@ do_printhex (const char *text, const char *text2,
log_debug ("%*s ", (int)strlen(text), "");
}
}
- if (length)
+ if (length && buffer)
{
const unsigned char *p = buffer;
for (; length--; p++)
commit 3f98b1e92d5afd720d7cea5b4e8295c5018bf9ac
Author: Werner Koch <wk at gnupg.org>
Date: Thu Jun 23 10:29:08 2016 +0200
cipher: Improve fatal error message for bad use of gcry_md_read.
* cipher/md.c (md_read): Use _gcry_fatal_error instead of BUG.
--
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/cipher/md.c b/cipher/md.c
index d0ef00f..344c1f2 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -847,7 +847,7 @@ md_read( gcry_md_hd_t a, int algo )
return r->spec->read (&r->context.c);
}
}
- BUG();
+ _gcry_fatal_error (GPG_ERR_DIGEST_ALGO, "request algo not in md context");
return NULL;
}
-----------------------------------------------------------------------
Summary of changes:
cipher/cipher.c | 6 +++--
cipher/md.c | 69 ++++++++++++++++++++++++++++-----------------------------
cipher/rsa.c | 2 +-
mpi/mpicoder.c | 6 +++--
src/misc.c | 2 +-
5 files changed, 44 insertions(+), 41 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
More information about the Gnupg-commits
mailing list