two problems where fixes are needed

NIIBE Yutaka gniibe at fsij.org
Thu Oct 20 13:30:23 CEST 2016 

I found two things to fix.

(1) agent_write_private_key function in agent/findkey.c

It fails with "No such file or directory" well when FORCE=1 and there
is no file existed.

When FORCE=1, it opens by es_fopen with "rb+,mode=-rw", so that
it can examine the existing key.  But, it fails if there is
no file existed.  Error recovery is needed.


(2) snprintf and its second arg for the size.

In the commit 9a34e2142b426b98c73fd888102ea1596bbce62a, I fixed a
simple mistake of off-by-one error.  I was lazy (not to read the man
page of snprintf) when I write the original line, and cut&paste
existing code somehow.  Then, it resulted an error with "OPENPGP."
with no number.  Reading the man, I learned that snprintf assumes '\0'
at the end for the size.

Here are the list:

./build-aux/speedo/w32/g4wihelp.c:73:    snprintf (buf, sizeof buf - 1, "$R0=%s\r\n$R1=%s\r\n",
./build-aux/speedo/w32/g4wihelp.c:78:    snprintf (buf, sizeof buf - 1,
./build-aux/speedo/w32/g4wihelp.c:281:  snprintf (buf, sizeof (buf) - 1, "error: %s: ec=%d\r\n", str,
./build-aux/speedo/w32/g4wihelp.c:578:	  snprintf (buf, sizeof (buf) - 1,
./common/get-passphrase.c:184:  snprintf (line, DIM(line)-1,
./common/get-passphrase.c:253:  snprintf (line, DIM(line)-1, "CLEAR_PASSPHRASE %s", cache_id);
./g10/cpr.c:56:    snprintf (buf, sizeof buf -1, "%.20s X 100 100", what );
./g10/cpr.c:58:    snprintf (buf, sizeof buf -1, "%.20s %c %d %d",
./g10/cpr.c:359:              snprintf (buf+buflen, DIM(buf) - buflen - 1,
./g10/passphrase.c:350:      snprintf (buf, sizeof buf -1, "%d %d %d",
./g10/passphrase.c:450:  snprintf (buf, sizeof buf -1, "%08lX%08lX %08lX%08lX %d 0",
./g10/call-agent.c:729:      snprintf (line, DIM(line)-1, "SCD APDU %s", hexapdu);
./g10/call-agent.c:761:  snprintf (line, DIM(line)-1, "KEYTOCARD %s%s %s OPENPGP.%d %s",
./g10/call-agent.c:905:  snprintf (line, DIM(line)-1, "SCD WRITECERT %s", certidstr);
./g10/call-agent.c:959:  snprintf (line, DIM(line)-1, "SCD WRITEKEY --force OPENPGP.%d", keyno);
./g10/call-agent.c:1022:  snprintf (line, DIM(line)-1, "SCD GENKEY %s%s %s %d",
./g10/call-agent.c:1154:  snprintf (line, DIM(line)-1, "SCD READCERT %s", certidstr);
./g10/call-agent.c:1205:  snprintf (line, DIM(line)-1, "SCD PASSWD %s %d", reset, chvno);
./g10/call-agent.c:1233:  snprintf (line, DIM(line)-1, "SCD CHECKPIN %s", serialno);
./g10/call-agent.c:1304:  snprintf (line, DIM(line)-1,
./g10/call-agent.c:1361:  snprintf (line, DIM(line)-1, "CLEAR_PASSPHRASE %s", cache_id);
./g10/call-agent.c:1390:  snprintf (line, DIM(line)-1, "GET_CONFIRMATION %s", tmp);
./g10/call-agent.c:1577:  snprintf (line, DIM(line)-1, "KEYINFO %s", hexkeygrip);
./g10/call-agent.c:1764:  snprintf (line, DIM(line)-1, "READKEY %s%s", fromcard? "--card ":"",
./g10/call-agent.c:1829:  snprintf (line, DIM(line)-1, "SIGKEY %s", keygrip);
./g10/call-agent.c:1837:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./g10/call-agent.c:1969:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./g10/call-agent.c:2062:  snprintf (line, DIM(line)-1, "KEYWRAP_KEY %s",
./g10/call-agent.c:2124:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./g10/call-agent.c:2185:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./g10/call-agent.c:2192:  snprintf (line, DIM(line)-1, "EXPORT_KEY %s%s%s %s",
./g10/call-agent.c:2244:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./g10/call-agent.c:2251:  snprintf (line, DIM(line)-1, "DELETE_KEY%s %s",
./g10/call-agent.c:2290:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./g10/call-agent.c:2298:    snprintf (line, DIM(line)-1, "PASSWD %s%s --verify %s",
./g10/call-agent.c:2303:    snprintf (line, DIM(line)-1, "PASSWD %s%s %s%s %s",
./g10/openfile.c:151:    snprintf (prompt, n-1, "%s [%s]: ", s, defname );
./g10/openfile.c:153:    snprintf (prompt, n-1, "%s: ", s );
./scd/app-openpgp.c:1875:      snprintf (prompt_buffer, promptsize-1, PROMPTSTRING, sigcount);
./agent/command.c:372:  snprintf (line, DIM(line)-1, "PINENTRY_LAUNCHED %lu", pid);
./agent/command.c:2563:  snprintf (keydata+keydatalen-1, 30, "(10:created-at10:%010lu))", timestamp);
./agent/call-pinentry.c:737:  snprintf (line, DIM(line)-1, "SETQUALITYBAR %s", tmpstr? tmpstr:"");
./agent/call-pinentry.c:766:  snprintf (line, DIM(line)-1, "SETQUALITYBAR_TT %s", tmpstr? tmpstr:"");
./agent/call-pinentry.c:890:    snprintf (line, DIM(line)-1, "SETKEYINFO %c/%s",
./agent/call-pinentry.c:895:    snprintf (line, DIM(line)-1, "SETKEYINFO --clear");
./agent/call-pinentry.c:902:  snprintf (line, DIM(line)-1, "SETDESC %s", desc_text);
./agent/call-pinentry.c:908:  snprintf (line, DIM(line)-1, "SETPROMPT %s",
./agent/call-pinentry.c:927:      snprintf (line, DIM(line)-1, "SETERROR %s", initial_errtext);
./agent/call-pinentry.c:937:      snprintf (line, DIM(line)-1, "SETREPEATERROR %s",
./agent/call-pinentry.c:959:          snprintf (line, DIM(line)-1, L_("SETERROR %s (try %d of %d)"),
./agent/call-pinentry.c:971:          snprintf (line, DIM(line)-1, "SETREPEAT %s", L_("Repeat:"));
./agent/call-pinentry.c:1103:    snprintf (line, DIM(line)-1, "SETKEYINFO %c/%s",
./agent/call-pinentry.c:1108:    snprintf (line, DIM(line)-1, "SETKEYINFO --clear");
./agent/call-pinentry.c:1117:    snprintf (line, DIM(line)-1, "SETDESC %s", desc);
./agent/call-pinentry.c:1119:    snprintf (line, DIM(line)-1, "RESET");
./agent/call-pinentry.c:1125:  snprintf (line, DIM(line)-1, "SETPROMPT %s", prompt);
./agent/call-pinentry.c:1140:      snprintf (line, DIM(line)-1, "SETERROR %s", errtext);
./agent/call-pinentry.c:1208:    snprintf (line, DIM(line)-1, "SETDESC %s", desc);
./agent/call-pinentry.c:1210:    snprintf (line, DIM(line)-1, "RESET");
./agent/call-pinentry.c:1224:      snprintf (line, DIM(line)-1, "SETOK %s", ok);
./agent/call-pinentry.c:1238:          snprintf (line, DIM(line)-1, "SETNOTOK %s", notok);
./agent/call-pinentry.c:1248:	  snprintf (line, DIM(line)-1, "SETCANCEL %s", notok);
./agent/call-pinentry.c:1285:    snprintf (line, DIM(line)-1, "SETDESC %s", desc);
./agent/call-pinentry.c:1287:    snprintf (line, DIM(line)-1, "RESET");
./agent/call-pinentry.c:1301:      snprintf (line, DIM(line)-1, "SETOK %s", ok_btn);
./agent/call-pinentry.c:1357:    snprintf (line, DIM(line)-1, "SETDESC %s", desc);
./agent/call-pinentry.c:1359:    snprintf (line, DIM(line)-1, "RESET");
./agent/call-pinentry.c:1367:      snprintf (line, DIM(line)-1, "SETOK %s", ok_btn);
./agent/call-pinentry.c:1468:  snprintf (line, DIM(line)-1, "CLEARPASSPHRASE %c/%s",
./agent/call-scd.c:949:  snprintf (line, DIM(line)-1, "PKDECRYPT %s", keyid);
./agent/call-scd.c:989:  snprintf (line, DIM(line)-1, "READCERT %s", id);
./agent/call-scd.c:1025:  snprintf (line, DIM(line)-1, "READKEY %s", id);
./agent/call-scd.c:1091:  snprintf (line, DIM(line)-1, "WRITEKEY %s%s", force ? "--force " : "", id);
./sm/certreqgen.c:722:      snprintf ((char*)keyparms, DIM (keyparms)-1,
./sm/call-agent.c:246:  snprintf (line, DIM(line)-1, "SIGKEY %s", keygrip);
./sm/call-agent.c:254:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./sm/call-agent.c:338:  snprintf (line, DIM(line)-1, "SCD PKSIGN %s %s", hashopt, keyid);
./sm/call-agent.c:432:  snprintf (line, DIM(line)-1, "SETKEY %s", keygrip);
./sm/call-agent.c:440:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./sm/call-agent.c:597:  snprintf (line, DIM(line)-1, "%sREADKEY %s",
./sm/call-agent.c:813:      snprintf (line, DIM(line)-1, "ISTRUSTED %s", hexfpr);
./sm/call-agent.c:827:      snprintf (line, DIM(line)-1, "ISTRUSTED %s", fpr);
./sm/call-agent.c:871:  snprintf (line, DIM(line)-1, "MARKTRUSTED %s S %s", fpr, dnfmt);
./sm/call-agent.c:898:  snprintf (line, DIM(line)-1, "HAVEKEY %s", hexkeygrip);
./sm/call-agent.c:1048:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./sm/call-agent.c:1056:  snprintf (line, DIM(line)-1, "PASSWD %s", hexkeygrip);
./sm/call-agent.c:1081:  snprintf (line, DIM(line)-1, "GET_CONFIRMATION %s", desc);
./sm/call-agent.c:1153:  snprintf (line, DIM(line)-1, "KEYINFO %s", hexkeygrip);
./sm/call-agent.c:1199:  snprintf (line, DIM(line)-1, "GET_PASSPHRASE --data%s -- X X X %s",
./sm/call-agent.c:1244:  snprintf (line, DIM(line)-1, "KEYWRAP_KEY %s",
./sm/call-agent.c:1338:      snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc);
./sm/call-agent.c:1345:  snprintf (line, DIM(line)-1, "EXPORT_KEY %s", keygrip);
./sm/call-dirmngr.c:218:      snprintf (line, DIM (line) - 1, "LDAPSERVER %s:%i:%s:%s:%s",
./sm/call-dirmngr.c:551:  snprintf (line, DIM(line)-1, "ISVALID%s %s",
./sm/call-dirmngr.c:806:  snprintf (line, DIM(line)-1, "LOOKUP%s %s",
./sm/call-dirmngr.c:864:  snprintf (line, DIM(line)-1, "LOOKUP --single --cache-only 0x%s", hexfpr);
--

More information about the Gnupg-devel mailing list