RPM Package Manager, CVS Repository http://rpm5.org/cvs/ ____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson Root: /v/rpm/cvs Email: j...@rpm5.org Module: rpm Date: 03-Apr-2016 22:43:05 Branch: rpm-5_4 Handle: 2016040320430500 Modified files: (Branch: rpm-5_4) rpm/lib rpmchecksig.c Log: - check pgpPktLen and rpmhkpLoad* return codes. Summary: Revision Changes Path 1.240.2.16 +21 -14 rpm/lib/rpmchecksig.c ____________________________________________________________________________ patch -p0 <<'@@ .' Index: rpm/lib/rpmchecksig.c ============================================================================ $ cvs diff -u -r1.240.2.15 -r1.240.2.16 rpmchecksig.c --- rpm/lib/rpmchecksig.c 19 Feb 2015 22:05:53 -0000 1.240.2.15 +++ rpm/lib/rpmchecksig.c 3 Apr 2016 20:43:05 -0000 1.240.2.16 @@ -161,18 +161,18 @@ /*@modifies *signid, fileSystem, internalState @*/ { HE_t he = (HE_t) memset(alloca(sizeof(*he)), 0, sizeof(*he)); - int rc = 1; + int rc = 1; /* assume failure */ int xx; he->tag = (rpmTag) sigtag; xx = headerGet(sigh, he, 0); if (xx && he->p.ptr != NULL) { pgpDig dig = pgpDigNew(RPMVSF_DEFAULT, PGPPUBKEYALGO_UNKNOWN); - /* XXX expose ppSignid() from rpmhkp.c? */ pgpPkt pp = (pgpPkt) alloca(sizeof(*pp)); - (void) pgpPktLen(he->p.ui8p, he->c, pp); - if (!rpmhkpLoadSignature(NULL, dig, pp)) { + if (pgpPktLen(he->p.ui8p, he->c, pp) > 0 + && !rpmhkpLoadSignature(NULL, dig, pp)) + { memcpy(signid, dig->signature.signid, sizeof(dig->signature.signid)); rc = 0; } @@ -566,9 +566,9 @@ (void) pgpPubkeyFingerprint(hkp->pkt, hkp->pktlen, hkp->keyid); memcpy(pubp->signid, hkp->keyid, sizeof(pubp->signid)); /* XXX useless */ - xx = pgpPktLen(hkp->pkt, hkp->pktlen, pp); - - xx = rpmhkpLoadKey(hkp, dig, 0, 0); + if (pgpPktLen(hkp->pkt, hkp->pktlen, pp) < 0 + || rpmhkpLoadKey(hkp, dig, 0, 0)) + goto exit; /* Validate pubkey self-signatures. */ if (validate) { @@ -592,8 +592,10 @@ /* XXX hack up a user id (if not already present) */ if (pubp->userid == NULL) { if (hkp->uidx >= 0 && hkp->uidx < hkp->npkts) { - size_t nb = pgpPktLen(hkp->pkts[hkp->uidx], hkp->pktlen, pp); + size_t nb; char * t; + if (pgpPktLen(hkp->pkts[hkp->uidx], hkp->pktlen, pp) < 0) + goto exit; nb = pp->hlen; t = (char *) memcpy(xmalloc(nb + 1), pp->u.u->userid, nb); t[nb] = '\0'; @@ -1149,9 +1151,13 @@ case RPMSIGTAG_RSA: case RPMSIGTAG_ECDSA: he->tag = she->tag; - xx = headerGet(sigh, he, 0); - xx = pgpPktLen(he->p.ui8p, he->c, pp); - xx = rpmhkpLoadSignature(NULL, dig, pp); + if (!headerGet(sigh, he, 0) + || pgpPktLen(he->p.ui8p, he->c, pp) < 0 + || rpmhkpLoadSignature(NULL, dig, pp)) + { + he->p.ptr = _free(he->p.ptr); + goto exit; + } he->p.ptr = _free(he->p.ptr); break; } @@ -1201,9 +1207,10 @@ if (nosignatures) continue; - xx = pgpPktLen(she->p.ui8p, she->c, pp); - xx = rpmhkpLoadSignature(NULL, dig, pp); - if (sigp->version != 3 && sigp->version != 4) { + if (pgpPktLen(she->p.ui8p, she->c, pp) < 0 + || rpmhkpLoadSignature(NULL, dig, pp) + || (sigp->version != 3 && sigp->version != 4)) + { rpmlog(RPMLOG_ERR, _("skipping package %s with unverifiable V%u signature\n"), fn, sigp->version); @@ . ______________________________________________________________________ RPM Package Manager http://rpm5.org CVS Sources Repository rpm-cvs@rpm5.org