Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package otpclient for openSUSE:Factory checked in at 2023-11-03 22:20:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/otpclient (Old) and /work/SRC/openSUSE:Factory/.otpclient.new.17445 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "otpclient" Fri Nov 3 22:20:43 2023 rev:30 rq:1123143 version:3.2.1 Changes: -------- --- /work/SRC/openSUSE:Factory/otpclient/otpclient.changes 2023-10-25 18:04:40.998197539 +0200 +++ /work/SRC/openSUSE:Factory/.otpclient.new.17445/otpclient.changes 2023-11-03 22:21:37.131302657 +0100 @@ -1,0 +2,8 @@ +Fri Nov 3 08:50:47 UTC 2023 - Paolo Stivanin <i...@paolostivanin.com> + +- Update to 3.2.1: + * FIX: increase secure memory pool to 64 MB, if possible + * FIX: parsing of big aegis encrypted json (#309) + * FIX: better memory management + +------------------------------------------------------------------- Old: ---- v3.2.0.tar.gz v3.2.0.tar.gz.asc New: ---- v3.2.1.tar.gz v3.2.1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ otpclient.spec ++++++ --- /var/tmp/diff_new_pack.kjZwIh/_old 2023-11-03 22:21:37.823328114 +0100 +++ /var/tmp/diff_new_pack.kjZwIh/_new 2023-11-03 22:21:37.823328114 +0100 @@ -18,7 +18,7 @@ %define uclname OTPClient Name: otpclient -Version: 3.2.0 +Version: 3.2.1 Release: 0 Summary: Simple GTK+ client for managing TOTP and HOTP License: GPL-3.0-or-later ++++++ v3.2.0.tar.gz -> v3.2.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OTPClient-3.2.0/CMakeLists.txt new/OTPClient-3.2.1/CMakeLists.txt --- old/OTPClient-3.2.0/CMakeLists.txt 2023-10-25 09:29:16.000000000 +0200 +++ new/OTPClient-3.2.1/CMakeLists.txt 2023-11-03 08:25:56.000000000 +0100 @@ -1,5 +1,5 @@ cmake_minimum_required(VERSION 3.16) -project(OTPClient VERSION "3.2.0" LANGUAGES "C") +project(OTPClient VERSION "3.2.1" LANGUAGES "C") include(GNUInstallDirs) configure_file("src/common/version.h.in" "version.h") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OTPClient-3.2.0/data/com.github.paolostivanin.OTPClient.appdata.xml new/OTPClient-3.2.1/data/com.github.paolostivanin.OTPClient.appdata.xml --- old/OTPClient-3.2.0/data/com.github.paolostivanin.OTPClient.appdata.xml 2023-10-25 09:29:16.000000000 +0200 +++ new/OTPClient-3.2.1/data/com.github.paolostivanin.OTPClient.appdata.xml 2023-11-03 08:25:56.000000000 +0100 @@ -84,6 +84,15 @@ </content_rating> <releases> + <release version="3.2.1" date="2023-10-31"> + <description> + <p>OTPClient 3.2.1 fixes a couple of issues.</p> + <ul> + <li>FIX: increase secure memory pool to 64 MB, if possible</li> + <li>FIX: parsing of big aegis encrypted json</li> + </ul> + </description> + </release> <release version="3.2.0" date="2023-10-25"> <description> <p>OTPClient 3.2.0 fixes a couple of issues.</p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OTPClient-3.2.0/src/app.c new/OTPClient-3.2.1/src/app.c --- old/OTPClient-3.2.0/src/app.c 2023-10-25 09:29:16.000000000 +0200 +++ new/OTPClient-3.2.1/src/app.c 2023-11-03 08:25:56.000000000 +0100 @@ -179,7 +179,7 @@ } #endif - if (max_file_size < (96 * 1024) && get_warn_data () == TRUE) { + if (max_file_size < LOW_MEMLOCK_VALUE && get_warn_data () == TRUE) { if (show_memlock_warn_dialog (max_file_size, app_data->builder) == TRUE) { g_free (app_data->db_data); g_free (app_data); @@ -742,6 +742,7 @@ save_window_size (w, h); g_object_unref (app_data->builder); g_free (app_data); + gcry_control (GCRYCTL_TERM_SECMEM); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OTPClient-3.2.0/src/common/aegis.c new/OTPClient-3.2.1/src/common/aegis.c --- old/OTPClient-3.2.0/src/common/aegis.c 2023-10-25 09:29:16.000000000 +0200 +++ new/OTPClient-3.2.1/src/common/aegis.c 2023-11-03 08:25:56.000000000 +0100 @@ -98,6 +98,7 @@ g_free (key_nonce); g_free (key_tag); gcry_free (keybuf); + json_decref (json); return NULL; } @@ -108,6 +109,7 @@ g_free (key_nonce); g_free (key_tag); gcry_free (keybuf); + json_decref (json); return NULL; } @@ -121,6 +123,7 @@ gcry_free (master_key); gcry_free (keybuf); gcry_cipher_close (hd); + json_decref (json); return NULL; } gpg_error_t gpg_err = gcry_cipher_checktag (hd, key_tag, TAG_SIZE); @@ -133,6 +136,7 @@ gcry_free (master_key); gcry_free (keybuf); gcry_cipher_close (hd); + json_decref (json); return NULL; } @@ -151,20 +155,24 @@ g_free (tag); g_free (nonce); gcry_free (master_key); + json_decref (json); return NULL; } gsize out_len; - guchar *b64decoded_db = g_base64_decode_secure (json_string_value (json_object_get (json, "db")), &out_len); + guchar *b64decoded_db = g_base64_decode (json_string_value (json_object_get (json, "db")), &out_len); if (out_len > max_file_size) { g_set_error (err, file_too_big_gquark (), FILE_TOO_BIG, "File is too big"); g_free (tag); g_free (nonce); gcry_free (master_key); - gcry_free (b64decoded_db); + g_free (b64decoded_db); gcry_cipher_close (hd); + json_decref (json); return NULL; } + // we no longer need the json object, so we can free up some secure memory + json_decref (json); gchar *decrypted_db = gcry_calloc_secure (out_len, 1); gpg_err = gcry_cipher_decrypt (hd, decrypted_db, out_len, b64decoded_db, out_len); @@ -175,24 +183,30 @@ if (gpg_err != 0) { g_set_error (err, bad_tag_gquark (), BAD_TAG_ERRCODE, "Invalid TAG (database). Either the password is wrong or the file is corrupted."); clean_and_exit: + g_free (b64decoded_db); g_free (nonce); g_free (tag); gcry_free (master_key); gcry_free (decrypted_db); - gcry_free (b64decoded_db); gcry_cipher_close (hd); return NULL; } + g_free (b64decoded_db); g_free (nonce); g_free (tag); gcry_cipher_close (hd); gcry_free (master_key); - gcry_free (b64decoded_db); - GSList *otps = parse_json_data (decrypted_db, err); + // we remove the icon field (and the icon_mime while at it too) because it uses lots of secure memory for nothing + GRegex *regex = g_regex_new (".*\"icon\":(\\s)*\".*\",\\n|.*\"icon_mime\":(\\s)*\".*\",\\n", G_REGEX_MULTILINE, 0, NULL); + gchar *cleaned_db = secure_strdup (g_regex_replace (regex, decrypted_db, -1, 0, "", 0, NULL)); + g_regex_unref (regex); gcry_free (decrypted_db); + GSList *otps = parse_json_data (cleaned_db, err); + gcry_free (cleaned_db); + return otps; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OTPClient-3.2.0/src/common/common.c new/OTPClient-3.2.1/src/common/common.c --- old/OTPClient-3.2.0/src/common/common.c 2023-10-25 09:29:16.000000000 +0200 +++ new/OTPClient-3.2.1/src/common/common.c 2023-11-03 08:25:56.000000000 +0100 @@ -1,12 +1,10 @@ #include <glib.h> #include <sys/resource.h> #include <cotp.h> -#ifdef COTP_OLD_LIB -#include <baseencode.h> -#endif #include <glib/gi18n.h> #include "gcrypt.h" #include "jansson.h" +#include "common.h" #include "../google-migration.pb-c.h" gint32 @@ -17,13 +15,13 @@ if (getrlimit (RLIMIT_MEMLOCK, &r) == -1) { // couldn't get memlock limit, so falling back to a default, low value g_print ("[WARNING] your OS's memlock limit may be too low for you (64000 bytes). Please have a look at %s\n", link); - return 64000; + return LOW_MEMLOCK_VALUE; } else { - if (r.rlim_cur == -1 || r.rlim_cur > 4194304) { - // memlock is either unlimited or bigger than needed - return 4194304; + if (r.rlim_cur == -1 || r.rlim_cur > MEMLOCK_VALUE) { + // memlock is either unlimited or bigger than needed, so defaulting to 'MEMLOCK_VALUE' + return MEMLOCK_VALUE; } else { - // memlock is less than 4 MB + // memlock is less than 'MEMLOCK_VALUE' g_print ("[WARNING] your OS's memlock limit may be too low for you (current value: %d bytes).\n" "This may cause issues when importing third parties databases or dealing with tens of tokens.\n" "For information on how to increase the memlock value, please have a look at %s\n", (gint32)r.rlim_cur, link); @@ -36,8 +34,8 @@ gchar * init_libs (gint32 max_file_size) { - if (!gcry_check_version ("1.6.0")) { - return g_strdup ("The required version of GCrypt is 1.6.0 or greater."); + if (!gcry_check_version ("1.8.0")) { + return g_strdup ("The required version of GCrypt is 1.8.0 or greater."); } if (gcry_control (GCRYCTL_INIT_SECMEM, max_file_size, 0)) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OTPClient-3.2.0/src/common/common.h new/OTPClient-3.2.1/src/common/common.h --- old/OTPClient-3.2.0/src/common/common.h 2023-10-25 09:29:16.000000000 +0200 +++ new/OTPClient-3.2.1/src/common/common.h 2023-11-03 08:25:56.000000000 +0100 @@ -12,6 +12,9 @@ #define g_memdupX g_memdup #endif +#define LOW_MEMLOCK_VALUE 65536 //64KB +#define MEMLOCK_VALUE 67108864 //64MB + gint32 get_max_file_size_from_memlock (void); gchar *init_libs (gint32 max_file_size);