[git] GCRYPT - branch, master, updated. libgcrypt-1.7.1-4-g5a5b055

by Werner Koch cvs at cvs.gnupg.org
Sat Jun 25 15:40:41 CEST 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  5a5b055b81ee60a22a846bdf2031516b1c24df98 (commit)
       via  3f98b1e92d5afd720d7cea5b4e8295c5018bf9ac (commit)
      from  0f3a069211d8d24a61aa0dc2cc6c4ef04cc4fab7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 5a5b055b81ee60a22a846bdf2031516b1c24df98
Author: Werner Koch <wk at gnupg.org>
Date:   Sat Jun 25 15:38:06 2016 +0200

    Improve robustness and help lint.
    
    * cipher/rsa.c (rsa_encrypt): Check for !DATA.
    * cipher/md.c (search_oid): Check early for !OID.
    (md_copy): Use gpg_err_code_from_syserror.  Replace chains of if(!err)
    tests.
    * cipher/cipher.c (search_oid): Check early for !OID.
    * src/misc.c (do_printhex): Allow for BUFFER==NULL even with LENGTH>0.
    * mpi/mpicoder.c (onecompl): Allow for A==NULL to help static
    analyzers.
    --
    
    The change for md_copy is to help static analyzers which have no idea
    that gpg_err_code_from_syserror will never return 0.  A gcc attribute
    returns_nonzero would be a nice to have.
    
    Some changes are due to the fact the macros like mpi_is_immutable
    gracefully handle a NULL arg but a static analyzer the considers that
    the function allows for a NULL arg.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/cipher.c b/cipher/cipher.c
index bdcbfbd..2b7bf21 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -175,8 +175,10 @@ search_oid (const char *oid, gcry_cipher_oid_spec_t *oid_spec)
   gcry_cipher_spec_t *spec;
   int i;
 
-  if (oid && ((! strncmp (oid, "oid.", 4))
-	      || (! strncmp (oid, "OID.", 4))))
+  if (!oid)
+    return NULL;
+
+  if (!strncmp (oid, "oid.", 4) || !strncmp (oid, "OID.", 4))
     oid += 4;
 
   spec = spec_from_oid (oid);
diff --git a/cipher/md.c b/cipher/md.c
index 344c1f2..a39e18a 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -198,8 +198,10 @@ search_oid (const char *oid, gcry_md_oid_spec_t *oid_spec)
   gcry_md_spec_t *spec;
   int i;
 
-  if (oid && ((! strncmp (oid, "oid.", 4))
-	      || (! strncmp (oid, "OID.", 4))))
+  if (!oid)
+    return NULL;
+
+  if (!strncmp (oid, "oid.", 4) || !strncmp (oid, "OID.", 4))
     oid += 4;
 
   spec = spec_from_oid (oid);
@@ -471,51 +473,48 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
   else
     bhd = xtrymalloc (n + sizeof (struct gcry_md_context));
 
-  if (! bhd)
-    err = gpg_err_code_from_errno (errno);
-
-  if (! err)
+  if (!bhd)
     {
-      bhd->ctx = b = (void *) ((char *) bhd + n);
-      /* No need to copy the buffer due to the write above. */
-      gcry_assert (ahd->bufsize == (n - sizeof (struct gcry_md_handle) + 1));
-      bhd->bufsize = ahd->bufsize;
-      bhd->bufpos = 0;
-      gcry_assert (! ahd->bufpos);
-      memcpy (b, a, sizeof *a);
-      b->list = NULL;
-      b->debug = NULL;
+      err = gpg_err_code_from_syserror ();
+      goto leave;
     }
 
+  bhd->ctx = b = (void *) ((char *) bhd + n);
+  /* No need to copy the buffer due to the write above. */
+  gcry_assert (ahd->bufsize == (n - sizeof (struct gcry_md_handle) + 1));
+  bhd->bufsize = ahd->bufsize;
+  bhd->bufpos = 0;
+  gcry_assert (! ahd->bufpos);
+  memcpy (b, a, sizeof *a);
+  b->list = NULL;
+  b->debug = NULL;
+
   /* Copy the complete list of algorithms.  The copied list is
      reversed, but that doesn't matter. */
-  if (!err)
+  for (ar = a->list; ar; ar = ar->next)
     {
-      for (ar = a->list; ar; ar = ar->next)
+      if (a->flags.secure)
+        br = xtrymalloc_secure (ar->actual_struct_size);
+      else
+        br = xtrymalloc (ar->actual_struct_size);
+      if (!br)
         {
-          if (a->flags.secure)
-            br = xtrymalloc_secure (ar->actual_struct_size);
-          else
-            br = xtrymalloc (ar->actual_struct_size);
-          if (!br)
-            {
-	      err = gpg_err_code_from_errno (errno);
-              md_close (bhd);
-              break;
-            }
-
-          memcpy (br, ar, ar->actual_struct_size);
-          br->next = b->list;
-          b->list = br;
+          err = gpg_err_code_from_syserror ();
+          md_close (bhd);
+          goto leave;
         }
+
+      memcpy (br, ar, ar->actual_struct_size);
+      br->next = b->list;
+      b->list = br;
     }
 
-  if (a->debug && !err)
+  if (a->debug)
     md_start_debug (bhd, "unknown");
 
-  if (!err)
-    *b_hd = bhd;
+  *b_hd = bhd;
 
+ leave:
   return err;
 }
 
diff --git a/cipher/rsa.c b/cipher/rsa.c
index ce8e215..b6c7374 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -1247,7 +1247,7 @@ rsa_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
     goto leave;
   if (DBG_CIPHER)
     log_mpidump ("rsa_encrypt data", data);
-  if (mpi_is_opaque (data))
+  if (!data || mpi_is_opaque (data))
     {
       rc = GPG_ERR_INV_DATA;
       goto leave;
diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c
index e315576..4c63a14 100644
--- a/mpi/mpicoder.c
+++ b/mpi/mpicoder.c
@@ -403,14 +403,16 @@ onecompl (gcry_mpi_t a)
   mpi_ptr_t ap;
   mpi_size_t n;
   unsigned int i;
-  unsigned int nbits = mpi_get_nbits (a);
+  unsigned int nbits;
 
-  if (mpi_is_immutable (a))
+  if (!a || mpi_is_immutable (a))
     {
       mpi_immutable_failed ();
       return;
     }
 
+  nbits = mpi_get_nbits (a);
+
   mpi_normalize (a);
   ap = a->d;
   n = a->nlimbs;
diff --git a/src/misc.c b/src/misc.c
index ac64d70..413d7d8 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -291,7 +291,7 @@ do_printhex (const char *text, const char *text2,
           log_debug ("%*s  ", (int)strlen(text), "");
         }
     }
-  if (length)
+  if (length && buffer)
     {
       const unsigned char *p = buffer;
       for (; length--; p++)

commit 3f98b1e92d5afd720d7cea5b4e8295c5018bf9ac
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Jun 23 10:29:08 2016 +0200

    cipher: Improve fatal error message for bad use of gcry_md_read.
    
    * cipher/md.c (md_read): Use _gcry_fatal_error instead of BUG.
    --
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/md.c b/cipher/md.c
index d0ef00f..344c1f2 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -847,7 +847,7 @@ md_read( gcry_md_hd_t a, int algo )
 	    return r->spec->read (&r->context.c);
 	  }
     }
-  BUG();
+  _gcry_fatal_error (GPG_ERR_DIGEST_ALGO, "request algo not in md context");
   return NULL;
 }
 

-----------------------------------------------------------------------

Summary of changes:
 cipher/cipher.c |  6 +++--
 cipher/md.c     | 69 ++++++++++++++++++++++++++++-----------------------------
 cipher/rsa.c    |  2 +-
 mpi/mpicoder.c  |  6 +++--
 src/misc.c      |  2 +-
 5 files changed, 44 insertions(+), 41 deletions(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org




More information about the Gnupg-commits mailing list