Well, sdk stumbled upon it
(see docbooks-dsssl-1.79.tgz in snapshots right now)
Turns out that, if the archive is *exactly* a multiple of 64KB,
we will error out at EOF.
I believe keeping the check for short reads and exiting as
well for files that do not match 64KB lengths is the right thing
to do.
(note that this does not affect the security of actual packages
in any way, since the important verification, namely only passing
signed checksummed data through the pipe, is preserved)
0kay ?
Index: zsig.c
===================================================================
RCS file: /cvs/src/usr.bin/signify/zsig.c,v
retrieving revision 1.18
diff -u -p -r1.18 zsig.c
--- zsig.c 22 Dec 2019 06:37:25 -0000 1.18
+++ zsig.c 22 Apr 2023 09:00:11 -0000
@@ -160,6 +160,8 @@ copy_blocks(int fdout, int fdin, const c
if (more == 0)
break;
}
+ if (n == 0)
+ break;
SHA512_256Data(buffer, n, output);
if (endsha - sha < SHA512_256_DIGEST_STRING_LENGTH-1)
errx(4, "signature truncated");
