Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
gpg2
0001-Use-inline-functions-to-convert-buffer-dat...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Use-inline-functions-to-convert-buffer-data-to-scala.patch of Package gpg2
From 3627123dc8fdc551caca1c7944713fbf01feccf6 Mon Sep 17 00:00:00 2001 From: Werner Koch <wk@gnupg.org> Date: Thu, 12 Feb 2015 20:34:44 +0100 Subject: [PATCH] Use inline functions to convert buffer data to scalars. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * include/host2net.h (buf16_to_ulong, buf16_to_uint): New. (buf16_to_ushort, buf16_to_u16): New. (buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New. -- This fixes sign extension on shift problems. Hanno Böck found a case with an invalid read due to this problem. To fix that almost all uses of "<< 24" and "<< 8" are changed by this patch to use an inline function from host2net.h. (back ported from commit 2183683bd633818dd031b090b5530951de76f392) Signed-off-by: Werner Koch <wk@gnupg.org> --- common/iobuf.c | 3 +- g10/build-packet.c | 6 ++-- g10/getkey.c | 17 ++++----- g10/keygen.c | 14 ++++---- g10/keyid.c | 32 +++++++---------- g10/main.h | 1 - g10/misc.c | 11 ------ g10/parse-packet.c | 41 ++++++++++----------- g10/tdbio.c | 20 +++++------ g10/trustdb.c | 2 +- include/host2net.h | 100 +++++++++++++++++++++++++++++++++++++++++++-------- kbx/keybox-dump.c | 63 +++++++++++++++----------------- kbx/keybox-openpgp.c | 7 ++-- kbx/keybox-search.c | 85 ++++++++++++++++++++----------------------- kbx/keybox-update.c | 97 +++++++++++++++++++++++++------------------------ scd/apdu.c | 39 +++++++++----------- scd/app-openpgp.c | 3 +- scd/ccid-driver.c | 3 +- scd/pcsc-wrapper.c | 5 +-- tools/ccidmon.c | 36 +++++++++---------- 20 files changed, 310 insertions(+), 275 deletions(-) Index: gnupg-2.0.24/common/iobuf.c =================================================================== --- gnupg-2.0.24.orig/common/iobuf.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/common/iobuf.c 2015-11-19 14:48:55.839621751 +0100 @@ -42,6 +42,7 @@ #include "util.h" #include "sysutils.h" +#include "../include/host2net.h" #include "iobuf.h" /*-- Begin configurable part. --*/ @@ -872,7 +873,7 @@ block_filter (void *opaque, int control, } else if (c == 255) { - a->size = iobuf_get (chain) << 24; + a->size = (size_t)iobuf_get (chain) << 24; a->size |= iobuf_get (chain) << 16; a->size |= iobuf_get (chain) << 8; if ((c = iobuf_get (chain)) == -1) Index: gnupg-2.0.24/g10/build-packet.c =================================================================== --- gnupg-2.0.24.orig/g10/build-packet.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/build-packet.c 2015-11-19 14:48:55.839621751 +0100 @@ -33,6 +33,7 @@ #include "cipher.h" #include "i18n.h" #include "options.h" +#include "../include/host2net.h" static int do_user_id( IOBUF out, int ctb, PKT_user_id *uid ); static int do_public_key( IOBUF out, int ctb, PKT_public_key *pk ); @@ -631,8 +632,7 @@ delete_sig_subpkt (subpktarea_t *area, s if( n == 255 ) { if( buflen < 4 ) break; - n = (buffer[0] << 24) | (buffer[1] << 16) - | (buffer[2] << 8) | buffer[3]; + n = buf32_to_size_t (buffer); buffer += 4; buflen -= 4; } @@ -755,7 +755,7 @@ build_sig_subpkt (PKT_signature *sig, si /* This should never happen since we don't currently allow creating such a subpacket, but just in case... */ case SIGSUBPKT_SIG_EXPIRE: - if(buffer_to_u32(buffer)+sig->timestamp<=make_timestamp()) + if (buf32_to_u32 (buffer) + sig->timestamp <= make_timestamp()) sig->flags.expired=1; else sig->flags.expired=0; Index: gnupg-2.0.24/g10/getkey.c =================================================================== --- gnupg-2.0.24.orig/g10/getkey.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/getkey.c 2015-11-19 14:48:55.840621767 +0100 @@ -35,6 +35,7 @@ #include "trustdb.h" #include "i18n.h" #include "keyserver-internal.h" +#include "../include/host2net.h" #define MAX_PK_CACHE_ENTRIES PK_UID_CACHE_SIZE #define MAX_UID_CACHE_ENTRIES PK_UID_CACHE_SIZE @@ -1486,14 +1487,14 @@ merge_keys_and_selfsig( KBNODE keyblock p = parse_sig_subpkt( sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL ); if( pk ) { - ed = p? pk->timestamp + buffer_to_u32(p):0; + ed = p? pk->timestamp + buf32_to_u32(p):0; if( sig->timestamp > sigdate ) { pk->expiredate = ed; sigdate = sig->timestamp; } } else { - ed = p? sk->timestamp + buffer_to_u32(p):0; + ed = p? sk->timestamp + buf32_to_u32(p):0; if( sig->timestamp > sigdate ) { sk->expiredate = ed; sigdate = sig->timestamp; @@ -1618,8 +1619,8 @@ fixup_uidnode ( KBNODE uidnode, KBNODE s /* ditto for the key expiration */ p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); - if( p && buffer_to_u32(p) ) - uid->help_key_expire = keycreated + buffer_to_u32(p); + if( p && buf32_to_u32 (p) ) + uid->help_key_expire = keycreated + buf32_to_u32(p); else uid->help_key_expire = 0; @@ -1833,9 +1834,9 @@ merge_selfsigs_main(KBNODE keyblock, int key_usage=parse_key_usage(sig); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); - if( p && buffer_to_u32(p) ) + if( p && buf32_to_u32 (p) ) { - key_expire = keytimestamp + buffer_to_u32(p); + key_expire = keytimestamp + buf32_to_u32 (p); key_expire_seen = 1; } @@ -2257,8 +2258,8 @@ merge_selfsigs_subkey( KBNODE keyblock, subpk->pubkey_usage = key_usage; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); - if ( p && buffer_to_u32(p) ) - key_expire = keytimestamp + buffer_to_u32(p); + if ( p && buf32_to_u32 (p) ) + key_expire = keytimestamp + buf32_to_u32 (p); else key_expire = 0; subpk->has_expired = key_expire >= curtime? 0 : key_expire; Index: gnupg-2.0.24/g10/keygen.c =================================================================== --- gnupg-2.0.24.orig/g10/keygen.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/keygen.c 2015-11-19 14:48:55.840621767 +0100 @@ -42,6 +42,7 @@ #include "i18n.h" #include "keyserver-internal.h" #include "call-agent.h" +#include "host2net.h" /* The default algorithms. If you change them remember to change them also in gpg.c:gpgconf_list. You should also check that the value @@ -849,10 +850,7 @@ make_backsig (PKT_signature *sig,PKT_pub } else if(buf[1]==255) { - pktlen =buf[2] << 24; - pktlen|=buf[3] << 16; - pktlen|=buf[4] << 8; - pktlen|=buf[5]; + pktlen = buf32_to_size_t (buf+2); buf+=6; } else @@ -869,14 +867,14 @@ make_backsig (PKT_signature *sig,PKT_pub break; case 2: - pktlen =buf[mark++] << 24; - pktlen|=buf[mark++] << 16; + pktlen = (size_t)buf[mark++] << 24; + pktlen |= buf[mark++] << 16; case 1: - pktlen|=buf[mark++] << 8; + pktlen |= buf[mark++] << 8; case 0: - pktlen|=buf[mark++]; + pktlen |= buf[mark++]; } buf+=mark; Index: gnupg-2.0.24/g10/keyid.c =================================================================== --- gnupg-2.0.24.orig/g10/keyid.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/keyid.c 2015-11-19 14:48:55.840621767 +0100 @@ -34,6 +34,7 @@ #include "keydb.h" #include "i18n.h" #include "rmd160.h" +#include "host2net.h" int pubkey_letter( int algo ) @@ -175,9 +176,9 @@ v3_keyid (gcry_mpi_t a, u32 *ki) else { p = buffer + nbytes - 8; - ki[0] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3]; + ki[0] = buf32_to_u32 (p); p += 4; - ki[1] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3]; + ki[1] = buf32_to_u32 (p); } xfree (buffer); return ki[1]; @@ -271,15 +272,8 @@ keystr_from_desc(KEYDB_SEARCH_DESC *desc { u32 keyid[2]; - keyid[0] = ((unsigned char)desc->u.fpr[12] << 24 - | (unsigned char)desc->u.fpr[13] << 16 - | (unsigned char)desc->u.fpr[14] << 8 - | (unsigned char)desc->u.fpr[15]); - keyid[1] = ((unsigned char)desc->u.fpr[16] << 24 - | (unsigned char)desc->u.fpr[17] << 16 - | (unsigned char)desc->u.fpr[18] << 8 - | (unsigned char)desc->u.fpr[19]); - + keyid[0] = buf32_to_u32 (desc->u.fpr+12); + keyid[1] = buf32_to_u32 (desc->u.fpr+16); return keystr(keyid); } @@ -331,8 +325,8 @@ keyid_from_sk( PKT_secret_key *sk, u32 * if(md) { dp = gcry_md_read (md, 0); - keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; - keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; + keyid[0] = buf32_to_u32 (dp+12); + keyid[1] = buf32_to_u32 (dp+16); lowbits = keyid[1]; gcry_md_close (md); sk->keyid[0] = keyid[0]; @@ -386,8 +380,8 @@ keyid_from_pk( PKT_public_key *pk, u32 * if(md) { dp = gcry_md_read ( md, 0 ); - keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; - keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; + keyid[0] = buf32_to_u32 (dp+12); + keyid[1] = buf32_to_u32 (dp+16); lowbits = keyid[1]; gcry_md_close (md); pk->keyid[0] = keyid[0]; @@ -430,8 +424,8 @@ keyid_from_fingerprint( const byte *fpri } else { const byte *dp = fprint; - keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; - keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; + keyid[0] = buf32_to_u32 (dp+12); + keyid[1] = buf32_to_u32 (dp+16); } return keyid[1]; @@ -721,8 +715,8 @@ fingerprint_from_pk( PKT_public_key *pk, if (!array) array = xmalloc ( len ); memcpy (array, dp, len ); - pk->keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; - pk->keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; + pk->keyid[0] = buf32_to_u32 (dp+12); + pk->keyid[1] = buf32_to_u32 (dp+16); gcry_md_close( md); } Index: gnupg-2.0.24/g10/main.h =================================================================== --- gnupg-2.0.24.orig/g10/main.h 2015-11-19 14:48:55.829621596 +0100 +++ gnupg-2.0.24/g10/main.h 2015-11-19 14:48:55.841621782 +0100 @@ -80,7 +80,6 @@ int is_secured_filename (const char *fn u16 checksum_u16( unsigned n ); u16 checksum( byte *p, unsigned n ); u16 checksum_mpi( gcry_mpi_t a ); -u32 buffer_to_u32( const byte *buffer ); const byte *get_session_marker( size_t *rlen ); int map_cipher_openpgp_to_gcry (int algo); #define openpgp_cipher_open(_a,_b,_c,_d) gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d)) Index: gnupg-2.0.24/g10/misc.c =================================================================== --- gnupg-2.0.24.orig/g10/misc.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/misc.c 2015-11-19 14:48:55.841621782 +0100 @@ -276,17 +276,6 @@ checksum_mpi (gcry_mpi_t a) return csum; } -u32 -buffer_to_u32( const byte *buffer ) -{ - unsigned long a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; -} - void print_pubkey_algo_note( int algo ) { Index: gnupg-2.0.24/g10/parse-packet.c =================================================================== --- gnupg-2.0.24.orig/g10/parse-packet.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/parse-packet.c 2015-11-19 14:48:55.841621782 +0100 @@ -34,6 +34,7 @@ #include "options.h" #include "main.h" #include "i18n.h" +#include "host2net.h" static int mpi_print_mode; static int list_mode; @@ -82,7 +83,7 @@ static unsigned short read_16(IOBUF inp) { unsigned short a; - a = iobuf_get_noeof(inp) << 8; + a = (unsigned short)iobuf_get_noeof(inp) << 8; a |= iobuf_get_noeof(inp); return a; } @@ -91,7 +92,7 @@ static unsigned long read_32(IOBUF inp) { unsigned long a; - a = iobuf_get_noeof(inp) << 24; + a = (unsigned long)iobuf_get_noeof(inp) << 24; a |= iobuf_get_noeof(inp) << 16; a |= iobuf_get_noeof(inp) << 8; a |= iobuf_get_noeof(inp); @@ -449,7 +450,8 @@ parse( IOBUF inp, PACKET *pkt, int onlyk } else if( c == 255 ) { - pktlen = (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 24; + pktlen = + (unsigned long)(hdr[hdrlen++] = iobuf_get_noeof(inp)) << 24; pktlen |= (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 16; pktlen |= (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 8; if( (c = iobuf_get(inp)) == -1 ) @@ -946,14 +948,15 @@ dump_sig_subpkt( int hashed, int type, i switch( type ) { case SIGSUBPKT_SIG_CREATED: if( length >= 4 ) - fprintf (listfp, "sig created %s", strtimestamp( buffer_to_u32(buffer) ) ); + fprintf (listfp, "sig created %s", + strtimestamp (buf32_to_u32(buffer)) ); break; case SIGSUBPKT_SIG_EXPIRE: if( length >= 4 ) { - if(buffer_to_u32(buffer)) + if(buf32_to_u32(buffer)) fprintf (listfp, "sig expires after %s", - strtimevalue( buffer_to_u32(buffer) ) ); + strtimevalue( buf32_to_u32(buffer) ) ); else fprintf (listfp, "sig does not expire"); } @@ -981,9 +984,9 @@ dump_sig_subpkt( int hashed, int type, i case SIGSUBPKT_KEY_EXPIRE: if( length >= 4 ) { - if(buffer_to_u32(buffer)) + if(buf32_to_u32(buffer)) fprintf (listfp, "key expires after %s", - strtimevalue( buffer_to_u32(buffer) ) ); + strtimevalue( buf32_to_u32(buffer) ) ); else fprintf (listfp, "key does not expire"); } @@ -1006,8 +1009,8 @@ dump_sig_subpkt( int hashed, int type, i case SIGSUBPKT_ISSUER: if( length >= 8 ) fprintf (listfp, "issuer key ID %08lX%08lX", - (ulong)buffer_to_u32(buffer), - (ulong)buffer_to_u32(buffer+4) ); + buf32_to_ulong (buffer), + buf32_to_ulong (buffer+4)); break; case SIGSUBPKT_NOTATION: { @@ -1252,8 +1255,7 @@ enum_sig_subpkt( const subpktarea_t *pkt if( n == 255 ) { /* 4 byte length header */ if( buflen < 4 ) goto too_short; - n = (buffer[0] << 24) | (buffer[1] << 16) - | (buffer[2] << 8) | buffer[3]; + n = buf32_to_size_t (buffer); buffer += 4; buflen -= 4; } @@ -1476,7 +1478,7 @@ parse_signature( IOBUF inp, int pkttype, p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_CREATED, NULL ); if(p) - sig->timestamp = buffer_to_u32(p); + sig->timestamp = buf32_to_u32 (p); else if(!(sig->pubkey_algo>=100 && sig->pubkey_algo<=110) && opt.verbose) log_info ("signature packet without timestamp\n"); @@ -1484,16 +1486,16 @@ parse_signature( IOBUF inp, int pkttype, p = parse_sig_subpkt2( sig, SIGSUBPKT_ISSUER, NULL ); if(p) { - sig->keyid[0] = buffer_to_u32(p); - sig->keyid[1] = buffer_to_u32(p+4); + sig->keyid[0] = buf32_to_u32 (p); + sig->keyid[1] = buf32_to_u32 (p+4); } else if(!(sig->pubkey_algo>=100 && sig->pubkey_algo<=110) && opt.verbose) log_info ("signature packet without keyid\n"); p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_SIG_EXPIRE,NULL); - if(p && buffer_to_u32(p)) - sig->expiredate=sig->timestamp+buffer_to_u32(p); + if(p && buf32_to_u32 (p)) + sig->expiredate = sig->timestamp + buf32_to_u32 (p); if(sig->expiredate && sig->expiredate<=make_timestamp()) sig->flags.expired=1; @@ -2087,9 +2089,8 @@ parse_attribute_subpkts(PKT_user_id *uid if( n == 255 ) { /* 4 byte length header */ if( buflen < 4 ) goto too_short; - n = (buffer[0] << 24) | (buffer[1] << 16) - | (buffer[2] << 8) | buffer[3]; - buffer += 4; + n = buf32_to_size_t (buffer); + buffer += 4; buflen -= 4; } else if( n >= 192 ) { /* 2 byte special encoded length header */ Index: gnupg-2.0.24/g10/tdbio.c =================================================================== --- gnupg-2.0.24.orig/g10/tdbio.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/tdbio.c 2015-11-19 14:48:55.842621797 +0100 @@ -1223,13 +1223,13 @@ tdbio_read_record( ulong recnum, TRUSTRE rec->r.ver.trust_model = *p++; rec->r.ver.min_cert_level = *p++; p += 2; - rec->r.ver.created = buftoulong(p); p += 4; - rec->r.ver.nextcheck = buftoulong(p); p += 4; + rec->r.ver.created = buf32_to_ulong (p); p += 4; + rec->r.ver.nextcheck = buf32_to_ulong (p); p += 4; p += 4; p += 4; - rec->r.ver.firstfree =buftoulong(p); p += 4; + rec->r.ver.firstfree =buf32_to_ulong (p); p += 4; p += 4; - rec->r.ver.trusthashtbl =buftoulong(p); p += 4; + rec->r.ver.trusthashtbl =buf32_to_ulong (p); p += 4; if( recnum ) { log_error( _("%s: version record with recnum %lu\n"), db_name, (ulong)recnum ); @@ -1242,17 +1242,17 @@ tdbio_read_record( ulong recnum, TRUSTRE } break; case RECTYPE_FREE: - rec->r.free.next = buftoulong(p); p += 4; + rec->r.free.next = buf32_to_ulong (p); p += 4; break; case RECTYPE_HTBL: for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) { - rec->r.htbl.item[i] = buftoulong(p); p += 4; + rec->r.htbl.item[i] = buf32_to_ulong (p); p += 4; } break; case RECTYPE_HLST: - rec->r.hlst.next = buftoulong(p); p += 4; + rec->r.hlst.next = buf32_to_ulong (p); p += 4; for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) { - rec->r.hlst.rnum[i] = buftoulong(p); p += 4; + rec->r.hlst.rnum[i] = buf32_to_ulong (p); p += 4; } break; case RECTYPE_TRUST: @@ -1261,12 +1261,12 @@ tdbio_read_record( ulong recnum, TRUSTRE rec->r.trust.depth = *p++; rec->r.trust.min_ownertrust = *p++; p++; - rec->r.trust.validlist = buftoulong(p); p += 4; + rec->r.trust.validlist = buf32_to_ulong (p); p += 4; break; case RECTYPE_VALID: memcpy( rec->r.valid.namehash, p, 20); p+=20; rec->r.valid.validity = *p++; - rec->r.valid.next = buftoulong(p); p += 4; + rec->r.valid.next = buf32_to_ulong (p); p += 4; rec->r.valid.full_count = *p++; rec->r.valid.marginal_count = *p++; break; Index: gnupg-2.0.24/g10/trustdb.c =================================================================== --- gnupg-2.0.24.orig/g10/trustdb.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/g10/trustdb.c 2015-11-19 14:48:55.842621797 +0100 @@ -1627,7 +1627,7 @@ mark_usable_uid_certs (KBNODE keyblock, u32 expire; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL ); - expire = p? sig->timestamp + buffer_to_u32(p) : 0; + expire = p? sig->timestamp + buf32_to_u32 (p) : 0; if (expire==0 || expire > curtime ) { Index: gnupg-2.0.24/include/host2net.h =================================================================== --- gnupg-2.0.24.orig/include/host2net.h 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/include/host2net.h 2015-11-19 14:48:55.842621797 +0100 @@ -1,14 +1,24 @@ -/* host2net.h - Some macros - * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. +/* host2net.h - Endian conversion macros + * Copyright (C) 1998, 2014, 2015 Werner Koch * * This file is part of GnuPG. * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. + * This file is free software; you can redistribute it and/or modify + * it under the terms of either * - * GnuPG is distributed in the hope that it will be useful, + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. @@ -17,14 +27,11 @@ * along with this program; if not, see <http://www.gnu.org/licenses/>. */ -#ifndef G10_HOST2NET_H -#define G10_HOST2NET_H +#ifndef GNUPG_COMMON_HOST2NET_H +#define GNUPG_COMMON_HOST2NET_H #include "types.h" -#define buftoulong( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \ - (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3))) -#define buftoushort( p ) ((*((byte*)(p)) << 8) | (*((byte*)(p)+1))) #define ulongtobuf( p, a ) do { \ ((byte*)p)[0] = a >> 24; \ ((byte*)p)[1] = a >> 16; \ @@ -35,8 +42,71 @@ ((byte*)p)[0] = a >> 8; \ ((byte*)p)[1] = a ; \ } while(0) -#define buftou32( p) buftoulong( (p) ) -#define u32tobuf( p, a) ulongtobuf( (p), (a) ) -#endif /*G10_HOST2NET_H*/ +static inline unsigned long +buf16_to_ulong (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned long)p[0] << 8) | p[1]); +} + +static inline unsigned int +buf16_to_uint (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned int)p[0] << 8) | p[1]); +} + +static inline unsigned short +buf16_to_ushort (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned short)p[0] << 8) | p[1]); +} + +static inline u16 +buf16_to_u16 (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((u16)p[0] << 8) | p[1]); +} + +static inline size_t +buf32_to_size_t (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((size_t)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} + +static inline unsigned long +buf32_to_ulong (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned long)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} + +static inline unsigned int +buf32_to_uint (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned int)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} + +static inline u32 +buf32_to_u32 (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((u32)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} + + +#endif /*GNUPG_COMMON_HOST2NET_H*/ Index: gnupg-2.0.24/kbx/keybox-dump.c =================================================================== --- gnupg-2.0.24.orig/kbx/keybox-dump.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/kbx/keybox-dump.c 2015-11-19 14:48:55.843621813 +0100 @@ -25,6 +25,7 @@ #include "keybox-defs.h" #include <gcrypt.h> +#include "../include/host2net.h" /* Argg, we can't include ../common/util.h */ char *bin2hexcolon (const void *buffer, size_t length, char *stringbuf); @@ -33,21 +34,13 @@ char *bin2hexcolon (const void *buffer, static ulong get32 (const byte *buffer) { - ulong a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; + return buf32_to_ulong (buffer); } static ulong get16 (const byte *buffer) { - ulong a; - a = *buffer << 8; - a |= buffer[1]; - return a; + return buf16_to_ulong (buffer); } void @@ -93,9 +86,9 @@ dump_header_blob (const byte *buffer, si if ( memcmp (buffer+8, "KBXf", 4)) fprintf (fp, "[Error: invalid magic number]\n"); - n = get32 (buffer+16); + n = get32 (buffer+16); fprintf( fp, "created-at: %lu\n", n ); - n = get32 (buffer+20); + n = get32 (buffer+20); fprintf( fp, "last-maint: %lu\n", n ); return 0; @@ -117,7 +110,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE const byte *p; buffer = _keybox_get_blob_image (blob, &length); - + if (length < 32) { fprintf (fp, "[blob too short]\n"); @@ -125,7 +118,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE } n = get32( buffer ); - if (n > length) + if (n > length) fprintf (fp, "[blob larger than length - output truncated]\n"); else length = n; /* ignore the rest */ @@ -159,7 +152,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE fprintf (fp, "[blob too short]\n"); return -1; } - + n = get16 (buffer + 6); fprintf( fp, "Blob-Flags: %04lX", n); if (n) @@ -188,7 +181,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE fprintf( fp, "Data-Offset: %lu\n", rawdata_off ); fprintf( fp, "Data-Length: %lu\n", rawdata_len ); - if (rawdata_off > length || rawdata_len > length + if (rawdata_off > length || rawdata_len > length || rawdata_off+rawdata_off > length) fprintf (fp, "[Error: raw data larger than blob]\n"); @@ -207,7 +200,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE { int i; ulong kidoff, kflags; - + fprintf (fp, "Key-Fpr[%lu]: ", n ); for (i=0; i < 20; i++ ) fprintf (fp, "%02X", p[i]); @@ -220,7 +213,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE kflags = get16 (p + 24 ); fprintf( fp, "\nKey-Flags[%lu]: %04lX\n", n, kflags); } - + /* serial number */ fputs ("Serial-No: ", fp); nserial = get16 (p); @@ -244,7 +237,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE for (n=0; n < nuids; n++, p += uidinfolen) { ulong uidoff, uidlen, uflags; - + uidoff = get32( p ); uidlen = get32( p+4 ); if (type == BLOBTYPE_X509 && !n) @@ -284,7 +277,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE fprintf (fp, "Uid-Validity[%lu]: %d\n", n, p[10] ); } } - + nsigs = get16 (p); fprintf (fp, "Sig-Count: %lu\n", nsigs ); siginfolen = get16 (p + 2); @@ -294,7 +287,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE for (n=0; n < nsigs; n++, p += siginfolen) { ulong sflags; - + sflags = get32 (p); fprintf (fp, "Sig-Expire[%lu]: ", n ); if (!sflags) @@ -341,11 +334,11 @@ hash_blob_rawdata (KEYBOXBLOB blob, unsi ulong rawdata_off, rawdata_len; buffer = _keybox_get_blob_image (blob, &length); - + if (length < 32) return -1; n = get32 (buffer); - if (n < length) + if (n < length) length = n; /* Blob larger than length in header - ignore the rest. */ type = buffer[4]; @@ -364,11 +357,11 @@ hash_blob_rawdata (KEYBOXBLOB blob, unsi if (length < 40) return -1; - + rawdata_off = get32 (buffer + 8); rawdata_len = get32 (buffer + 12); - if (rawdata_off > length || rawdata_len > length + if (rawdata_off > length || rawdata_len > length || rawdata_off+rawdata_off > length) return -1; /* Out of bounds. */ @@ -408,7 +401,7 @@ update_stats (KEYBOXBLOB blob, struct fi } n = get32( buffer ); - if (n > length) + if (n > length) s->too_large_blobs++; else length = n; /* ignore the rest */ @@ -439,7 +432,7 @@ update_stats (KEYBOXBLOB blob, struct fi s->too_short_blobs++; return -1; } - + n = get16 (buffer + 6); if (n) { @@ -512,13 +505,13 @@ _keybox_dump_file (const char *filename, rc = 0; if (rc) fprintf (outfp, "error reading `%s': %s\n", filename, gpg_strerror (rc)); - + if (fp != stdin) fclose (fp); if (stats_only) { - fprintf (outfp, + fprintf (outfp, "Total number of blobs: %8lu\n" " header: %8lu\n" " empty: %8lu\n" @@ -551,9 +544,9 @@ _keybox_dump_file (const char *filename, -struct dupitem_s +struct dupitem_s { - unsigned long recno; + unsigned long recno; unsigned char digest[20]; }; @@ -563,7 +556,7 @@ cmp_dupitems (const void *arg_a, const v { struct dupitem_s *a = (struct dupitem_s *)arg_a; struct dupitem_s *b = (struct dupitem_s *)arg_b; - + return memcmp (a->digest, b->digest, 20); } @@ -581,7 +574,7 @@ _keybox_dump_find_dups (const char *file char fprbuf[3*20+1]; (void)print_them; - + memset (zerodigest, 0, sizeof zerodigest); if (!(fp = open_file (&filename, outfp))) @@ -601,7 +594,7 @@ _keybox_dump_find_dups (const char *file while ( !(rc = _keybox_read_blob (&blob, fp)) ) { unsigned char digest[20]; - + if (hash_blob_rawdata (blob, digest)) fprintf (outfp, "error in blob %ld of `%s'\n", recno, filename); else if (memcmp (digest, zerodigest, 20)) @@ -668,7 +661,7 @@ _keybox_dump_cut_records (const char *fi KEYBOXBLOB blob; int rc; unsigned long recno = 0; - + if (!(fp = open_file (&filename, stderr))) return gpg_error_from_syserror (); Index: gnupg-2.0.24/kbx/keybox-openpgp.c =================================================================== --- gnupg-2.0.24.orig/kbx/keybox-openpgp.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/kbx/keybox-openpgp.c 2015-11-19 14:48:55.843621813 +0100 @@ -34,6 +34,7 @@ #include "keybox-defs.h" #include <gcrypt.h> +#include "../include/host2net.h" enum packet_types @@ -119,10 +120,8 @@ next_packet (unsigned char const **bufpt { if (len <4 ) return gpg_error (GPG_ERR_INV_PACKET); /* No length bytes. */ - pktlen = (*buf++) << 24; - pktlen |= (*buf++) << 16; - pktlen |= (*buf++) << 8; - pktlen |= (*buf++); + pktlen = buf32_to_ulong (buf); + buf += 4; len -= 4; } else /* Partial length encoding is not allowed for key packets. */ Index: gnupg-2.0.24/kbx/keybox-search.c =================================================================== --- gnupg-2.0.24.orig/kbx/keybox-search.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/kbx/keybox-search.c 2015-11-19 14:48:55.843621813 +0100 @@ -25,6 +25,7 @@ #include <errno.h> #include "../jnlib/stringhelp.h" /* ascii_xxxx() */ +#include "../include/host2net.h" #include "keybox-defs.h" #include <gcrypt.h> @@ -45,21 +46,13 @@ struct sn_array_s { static inline ulong get32 (const byte *buffer) { - ulong a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; + return buf32_to_ulong (buffer); } static inline ulong get16 (const byte *buffer) { - ulong a; - a = *buffer << 8; - a |= buffer[1]; - return a; + return buf16_to_ulong (buffer); } @@ -112,7 +105,7 @@ _keybox_get_flag_location (const unsigne *flag_off = 6; *flag_size = 2; break; - + case KEYBOX_FLAG_OWNERTRUST: case KEYBOX_FLAG_VALIDITY: case KEYBOX_FLAG_CREATED_AT: @@ -127,7 +120,7 @@ _keybox_get_flag_location (const unsigne if (pos+2 > length) return GPG_ERR_INV_OBJ; /* Out of bounds. */ /* Serial number. */ - nserial = get16 (buffer+pos); + nserial = get16 (buffer+pos); pos += 2 + nserial; if (pos+4 > length) return GPG_ERR_INV_OBJ; /* Out of bounds. */ @@ -135,7 +128,7 @@ _keybox_get_flag_location (const unsigne nuids = get16 (buffer + pos); pos += 2; uidinfolen = get16 (buffer + pos); pos += 2; if (uidinfolen < 12 ) - return GPG_ERR_INV_OBJ; + return GPG_ERR_INV_OBJ; pos += uidinfolen*nuids; if (pos+4 > length) return GPG_ERR_INV_OBJ ; /* Out of bounds. */ @@ -143,7 +136,7 @@ _keybox_get_flag_location (const unsigne nsigs = get16 (buffer + pos); pos += 2; siginfolen = get16 (buffer + pos); pos += 2; if (siginfolen < 4 ) - return GPG_ERR_INV_OBJ; + return GPG_ERR_INV_OBJ; pos += siginfolen*nsigs; if (pos+1+1+2+4+4+4+4 > length) return GPG_ERR_INV_OBJ ; /* Out of bounds. */ @@ -190,7 +183,7 @@ get_flag_from_image (const unsigned char case 4: *value = get32 (buffer + pos); break; default: ec = GPG_ERR_BUG; break; } - + return ec; } @@ -218,7 +211,7 @@ blob_cmp_sn (KEYBOXBLOB blob, const unsi return 0; /* out of bounds */ /*serial*/ - nserial = get16 (buffer+pos); + nserial = get16 (buffer+pos); off = pos + 2; if (off+nserial > length) return 0; /* out of bounds */ @@ -316,7 +309,7 @@ blob_cmp_name (KEYBOXBLOB blob, int idx, return 0; /* out of bounds */ /*serial*/ - nserial = get16 (buffer+pos); + nserial = get16 (buffer+pos); pos += 2 + nserial; if (pos+4 > length) return 0; /* out of bounds */ @@ -332,7 +325,7 @@ blob_cmp_name (KEYBOXBLOB blob, int idx, if (idx < 0) { /* compare all names starting with that (negated) index */ idx = -idx; - + for ( ;idx < nuids; idx++) { size_t mypos = pos; @@ -409,7 +402,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const ch return 0; /* out of bounds */ /*serial*/ - nserial = get16 (buffer+pos); + nserial = get16 (buffer+pos); pos += 2 + nserial; if (pos+4 > length) return 0; /* out of bounds */ @@ -428,7 +421,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const ch for (idx=1 ;idx < nuids; idx++) { size_t mypos = pos; - + mypos += idx*uidinfolen; off = get32 (buffer+mypos); len = get32 (buffer+mypos+4); @@ -439,7 +432,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const ch len--; /* one back */ if ( len < 3 || buffer[off+len] != '>') continue; /* not a proper email address */ - len--; + len--; if (substr) { if (ascii_memcasemem (buffer+off+1, len, name, namelen)) @@ -474,7 +467,7 @@ blob_x509_has_grip (KEYBOXBLOB blob, con unsigned char array[20]; unsigned char *rcp; size_t n; - + buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* Too short. */ @@ -527,7 +520,7 @@ blob_x509_has_grip (KEYBOXBLOB blob, con /* - The has_foo functions are used as helpers for search + The has_foo functions are used as helpers for search */ static inline int has_short_kid (KEYBOXBLOB blob, const unsigned char *kid) @@ -585,7 +578,7 @@ has_issuer_sn (KEYBOXBLOB blob, const ch return 0; namelen = strlen (name); - + return (blob_cmp_sn (blob, sn, snlen) && blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0)); } @@ -664,7 +657,7 @@ release_sn_array (struct sn_array_s *arr */ -int +int keybox_search_reset (KEYBOX_HANDLE hd) { if (!hd) @@ -683,13 +676,13 @@ keybox_search_reset (KEYBOX_HANDLE hd) } hd->error = 0; hd->eof = 0; - return 0; + return 0; } /* Note: When in ephemeral mode the search function does visit all blobs but in standard mode, blobs flagged as ephemeral are ignored. */ -int +int keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) { int rc; @@ -708,18 +701,18 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ hd->found.blob = NULL; } - if (hd->error) + if (hd->error) return hd->error; /* still in error state */ - if (hd->eof) + if (hd->eof) return -1; /* still EOF */ /* figure out what information we need */ need_words = any_skip = 0; - for (n=0; n < ndesc; n++) + for (n=0; n < ndesc; n++) { - switch (desc[n].mode) + switch (desc[n].mode) { - case KEYDB_SEARCH_MODE_WORDS: + case KEYDB_SEARCH_MODE_WORDS: need_words = 1; break; case KEYDB_SEARCH_MODE_FIRST: @@ -729,7 +722,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ default: break; } - if (desc[n].skipfnc) + if (desc[n].skipfnc) any_skip = 1; if (desc[n].snlen == -1 && !sn_array) { @@ -762,7 +755,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ int i, odd; size_t snlen; - for (n=0; n < ndesc; n++) + for (n=0; n < ndesc; n++) { if (!desc[n].sn) ; @@ -830,14 +823,14 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ if (!hd->ephemeral && (blobflags & 2)) continue; /* Not in ephemeral mode but blob is flagged ephemeral. */ - for (n=0; n < ndesc; n++) + for (n=0; n < ndesc; n++) { switch (desc[n].mode) { - case KEYDB_SEARCH_MODE_NONE: + case KEYDB_SEARCH_MODE_NONE: never_reached (); break; - case KEYDB_SEARCH_MODE_EXACT: + case KEYDB_SEARCH_MODE_EXACT: if (has_subject_or_alt (blob, desc[n].u.name, 0)) goto found; break; @@ -854,7 +847,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ goto found; break; case KEYDB_SEARCH_MODE_MAILEND: - case KEYDB_SEARCH_MODE_WORDS: + case KEYDB_SEARCH_MODE_WORDS: never_reached (); /* not yet implemented */ break; case KEYDB_SEARCH_MODE_ISSUER: @@ -876,7 +869,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ if (has_subject (blob, desc[n].u.name)) goto found; break; - case KEYDB_SEARCH_MODE_SHORT_KID: + case KEYDB_SEARCH_MODE_SHORT_KID: if (has_short_kid (blob, desc[n].u.kid)) goto found; break; @@ -893,20 +886,20 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ if (has_keygrip (blob, desc[n].u.grip)) goto found; break; - case KEYDB_SEARCH_MODE_FIRST: + case KEYDB_SEARCH_MODE_FIRST: goto found; break; - case KEYDB_SEARCH_MODE_NEXT: + case KEYDB_SEARCH_MODE_NEXT: goto found; break; - default: + default: rc = gpg_error (GPG_ERR_INV_VALUE); goto found; } } continue; - found: - for (n=any_skip?0:ndesc; n < ndesc; n++) + found: + for (n=any_skip?0:ndesc; n < ndesc; n++) { /* if (desc[n].skipfnc */ /* && desc[n].skipfnc (desc[n].skipfncvalue, aki)) */ @@ -915,7 +908,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ if (n == ndesc) break; /* got it */ } - + if (!rc) { hd->found.blob = blob; @@ -925,7 +918,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_ _keybox_release_blob (blob); hd->eof = 1; } - else + else { _keybox_release_blob (blob); hd->error = rc; Index: gnupg-2.0.24/kbx/keybox-update.c =================================================================== --- gnupg-2.0.24.orig/kbx/keybox-update.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/kbx/keybox-update.c 2015-11-19 14:48:55.844621828 +0100 @@ -26,6 +26,7 @@ #include <unistd.h> #include "keybox-defs.h" +#include "../include/host2net.h" #define EXTSEP_S "." @@ -65,12 +66,12 @@ fseeko (FILE * stream, off_t newpos, int static int create_tmp_file (const char *template, char **r_bakfname, char **r_tmpfname, FILE **r_fp) -{ +{ char *bakfname, *tmpfname; - + *r_bakfname = NULL; *r_tmpfname = NULL; - + # ifdef USE_ONLY_8DOT3 /* Here is another Windoze bug?: * you cant rename("pubring.kbx.tmp", "pubring.kbx"); @@ -87,7 +88,7 @@ create_tmp_file (const char *template, return gpg_error_from_syserror (); strcpy (bakfname, template); strcpy (bakfname+strlen(template)-4, EXTSEP_S "kb_"); - + tmpfname = xtrymalloc (strlen (template) + 1); if (!tmpfname) { @@ -98,14 +99,14 @@ create_tmp_file (const char *template, strcpy (tmpfname,template); strcpy (tmpfname + strlen (template)-4, EXTSEP_S "k__"); } - else + else { /* File does not end with kbx, thus we hope we are working on a modern file system and appending a suffix works. */ bakfname = xtrymalloc ( strlen (template) + 5); if (!bakfname) return gpg_error_from_syserror (); strcpy (stpcpy (bakfname, template), EXTSEP_S "kb_"); - + tmpfname = xtrymalloc ( strlen (template) + 5); if (!tmpfname) { @@ -120,7 +121,7 @@ create_tmp_file (const char *template, if (!bakfname) return gpg_error_from_syserror (); strcpy (stpcpy (bakfname,template),"~"); - + tmpfname = xtrymalloc ( strlen (template) + 5); if (!tmpfname) { @@ -172,7 +173,7 @@ rename_tmp_file (const char *bakfname, c /* First make a backup file except for secret keyboxes. */ if (!secret) - { + { #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__) remove (bakfname); #endif @@ -181,7 +182,7 @@ rename_tmp_file (const char *bakfname, c return gpg_error_from_syserror (); } } - + /* Then rename the file. */ #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__) remove (fname); @@ -199,7 +200,7 @@ rename_tmp_file (const char *bakfname, c } return rc; } - + return 0; } @@ -211,7 +212,7 @@ rename_tmp_file (const char *bakfname, c 3 = update */ static int -blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, +blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, int secret, off_t start_offset) { FILE *fp, *newfp; @@ -221,14 +222,14 @@ blob_filecopy (int mode, const char *fna char buffer[4096]; int nread, nbytes; - /* Open the source file. Because we do a rename, we have to check the + /* Open the source file. Because we do a rename, we have to check the permissions of the file */ if (access (fname, W_OK)) return gpg_error_from_syserror (); fp = fopen (fname, "rb"); if (mode == 1 && !fp && errno == ENOENT) - { + { /* Insert mode but file does not exist: Create a new keybox file. */ newfp = fopen (fname, "wb"); @@ -267,10 +268,10 @@ blob_filecopy (int mode, const char *fna fclose(fp); goto leave; } - + /* prepare for insert */ if (mode == 1) - { + { /* Copy everything to the new file. */ while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 ) { @@ -286,12 +287,12 @@ blob_filecopy (int mode, const char *fna goto leave; } } - + /* Prepare for delete or update. */ - if ( mode == 2 || mode == 3 ) - { + if ( mode == 2 || mode == 3 ) + { off_t current = 0; - + /* Copy first part to the new file. */ while ( current < start_offset ) { @@ -302,7 +303,7 @@ blob_filecopy (int mode, const char *fna if (!nread) break; current += nread; - + if (fwrite (buffer, nread, 1, newfp) != 1) { rc = gpg_error_from_syserror (); @@ -314,24 +315,24 @@ blob_filecopy (int mode, const char *fna rc = gpg_error_from_syserror (); goto leave; } - + /* Skip this blob. */ rc = _keybox_read_blob (NULL, fp); if (rc) return rc; } - + /* Do an insert or update. */ if ( mode == 1 || mode == 3 ) - { + { rc = _keybox_write_blob (blob, newfp); if (rc) return rc; } - + /* Copy the rest of the packet for an delete or update. */ if (mode == 2 || mode == 3) - { + { while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 ) { if (fwrite (buffer, nread, 1, newfp) != 1) @@ -346,7 +347,7 @@ blob_filecopy (int mode, const char *fna goto leave; } } - + /* Close both files. */ if (fclose(fp)) { @@ -370,7 +371,7 @@ blob_filecopy (int mode, const char *fna -#ifdef KEYBOX_WITH_X509 +#ifdef KEYBOX_WITH_X509 int keybox_insert_cert (KEYBOX_HANDLE hd, ksba_cert_t cert, unsigned char *sha1_digest) @@ -380,12 +381,12 @@ keybox_insert_cert (KEYBOX_HANDLE hd, ks KEYBOXBLOB blob; if (!hd) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); if (!hd->kb) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); fname = hd->kb->fname; if (!fname) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); /* Close this one otherwise we will mess up the position for a next search. Fixme: it would be better to adjust the position after @@ -439,12 +440,12 @@ keybox_set_flags (KEYBOX_HANDLE hd, int if (!hd->found.blob) return gpg_error (GPG_ERR_NOTHING_FOUND); if (!hd->kb) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); if (!hd->found.blob) return gpg_error (GPG_ERR_NOTHING_FOUND); fname = hd->kb->fname; if (!fname) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); off = _keybox_get_blob_fileoffset (hd->found.blob); if (off == (off_t)-1) @@ -454,7 +455,7 @@ keybox_set_flags (KEYBOX_HANDLE hd, int ec = _keybox_get_flag_location (buffer, length, what, &flag_pos, &flag_size); if (ec) return gpg_error (ec); - + off += flag_pos; _keybox_close_file (hd); @@ -476,7 +477,7 @@ keybox_set_flags (KEYBOX_HANDLE hd, int switch (flag_size) { - case 1: + case 1: case 2: case 4: if (fwrite (tmp+4-flag_size, flag_size, 1, fp) != 1) @@ -512,10 +513,10 @@ keybox_delete (KEYBOX_HANDLE hd) if (!hd->found.blob) return gpg_error (GPG_ERR_NOTHING_FOUND); if (!hd->kb) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); fname = hd->kb->fname; if (!fname) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); off = _keybox_get_blob_fileoffset (hd->found.blob); if (off == (off_t)-1) @@ -561,18 +562,18 @@ keybox_compress (KEYBOX_HANDLE hd) int skipped_deleted; if (!hd) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); if (!hd->kb) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); if (hd->secret) return gpg_error (GPG_ERR_NOT_IMPLEMENTED); fname = hd->kb->fname; if (!fname) - return gpg_error (GPG_ERR_INV_HANDLE); + return gpg_error (GPG_ERR_INV_HANDLE); _keybox_close_file (hd); - /* Open the source file. Because we do a rename, we have to check the + /* Open the source file. Because we do a rename, we have to check the permissions of the file */ if (access (fname, W_OK)) return gpg_error_from_syserror (); @@ -596,9 +597,8 @@ keybox_compress (KEYBOX_HANDLE hd) buffer = _keybox_get_blob_image (blob, &length); if (length > 4 && buffer[4] == BLOBTYPE_HEADER) { - u32 last_maint = ((buffer[20] << 24) | (buffer[20+1] << 16) - | (buffer[20+2] << 8) | (buffer[20+3])); - + u32 last_maint = buf32_to_u32 (buffer+20); + if ( (last_maint + 3*3600) > time (NULL) ) { fclose (fp); @@ -618,7 +618,7 @@ keybox_compress (KEYBOX_HANDLE hd) return rc;; } - + /* Processing loop. By reading using _keybox_read_blob we automagically skip any blobs flagged as deleted. Thus what we only have to do is to check all ephemeral flagged blocks whether @@ -663,24 +663,23 @@ keybox_compress (KEYBOX_HANDLE hd) continue; } - if (_keybox_get_flag_location (buffer, length, + if (_keybox_get_flag_location (buffer, length, KEYBOX_FLAG_BLOB, &pos, &size) || size != 2) { rc = gpg_error (GPG_ERR_BUG); break; } - blobflags = ((buffer[pos] << 8) | (buffer[pos+1])); + blobflags = buf16_to_uint (buffer+pos); if ((blobflags & KEYBOX_FLAG_BLOB_EPHEMERAL)) { /* This is an ephemeral blob. */ - if (_keybox_get_flag_location (buffer, length, + if (_keybox_get_flag_location (buffer, length, KEYBOX_FLAG_CREATED_AT, &pos, &size) || size != 4) created_at = 0; /* oops. */ else - created_at = ((buffer[pos] << 24) | (buffer[pos+1] << 16) - | (buffer[pos+2] << 8) | (buffer[pos+3])); + created_at = buf32_to_u32 (buffer+pos); if (created_at && created_at < cut_time) { Index: gnupg-2.0.24/scd/apdu.c =================================================================== --- gnupg-2.0.24.orig/scd/apdu.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/scd/apdu.c 2015-11-19 14:48:55.844621828 +0100 @@ -58,6 +58,7 @@ #include "scdaemon.h" #include "exechelp.h" #endif /* GNUPG_MAJOR_VERSION != 1 */ +#include "../include/host2net.h" #include "iso7816.h" #include "apdu.h" @@ -1013,15 +1014,14 @@ pcsc_get_status_wrapped (int slot, unsig i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("pcsc_status failed: %s (0x%lx)\n", @@ -1181,15 +1181,14 @@ pcsc_send_apdu_wrapped (int slot, unsign i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("pcsc_transmit failed: %s (0x%lx)\n", @@ -1321,15 +1320,14 @@ control_pcsc_wrapped (int slot, pcsc_dwo i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("pcsc_control failed: %s (0x%lx)\n", @@ -1458,15 +1456,14 @@ close_pcsc_reader_wrapped (int slot) i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) log_error ("pcsc_close failed: %s (0x%lx)\n", pcsc_error_string (err), err); @@ -1647,7 +1644,7 @@ reset_pcsc_reader_wrapped (int slot) i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); @@ -1661,8 +1658,7 @@ reset_pcsc_reader_wrapped (int slot) sw = SW_HOST_GENERAL_ERROR; goto command_failed; } - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("PC/SC RESET failed: %s (0x%lx)\n", @@ -1753,9 +1749,9 @@ pcsc_vendor_specific_init (int slot) if (l == 1) v = p[0]; else if (l == 2) - v = ((p[0] << 8) | p[1]); + v = buf16_to_uint (p); else if (l == 4) - v = ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); + v = buf32_to_uint (p); if (code == FEATURE_VERIFY_PIN_DIRECT) reader_table[slot].pcsc.verify_ioctl = v; @@ -1814,9 +1810,9 @@ pcsc_vendor_specific_init (int slot) if (l == 1) v = p[0]; else if (l == 2) - v = ((p[1] << 8) | p[0]); + v = (((unsigned int)p[1] << 8) | p[0]); else if (l == 4) - v = ((p[3] << 24) | (p[2] << 16) | (p[1] << 8) | p[0]); + v = (((unsigned int)p[3] << 24) | (p[2] << 16) | (p[1] << 8) | p[0]); if (tag == PCSCv2_PART10_PROPERTY_bMinPINSize) reader_table[slot].pcsc.pinmin = v; @@ -2112,7 +2108,7 @@ open_pcsc_reader_wrapped (const char *po i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); @@ -2125,8 +2121,7 @@ open_pcsc_reader_wrapped (const char *po (unsigned long)len); goto command_failed; } - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { Index: gnupg-2.0.24/scd/app-openpgp.c =================================================================== --- gnupg-2.0.24.orig/scd/app-openpgp.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/scd/app-openpgp.c 2015-11-19 14:48:55.845621844 +0100 @@ -66,6 +66,7 @@ #include "iso7816.h" #include "app-common.h" #include "tlv.h" +#include "../include/host2net.h" /* A table describing the DOs of the card. */ @@ -805,7 +806,7 @@ send_fprtime_if_not_null (ctrl_t ctrl, c char numbuf1[50], numbuf2[50]; unsigned long value; - value = (stamp[0] << 24) | (stamp[1]<<16) | (stamp[2]<<8) | stamp[3]; + value = buf32_to_ulong (stamp); if (!value) return; sprintf (numbuf1, "%d", number); Index: gnupg-2.0.24/scd/ccid-driver.c =================================================================== --- gnupg-2.0.24.orig/scd/ccid-driver.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/scd/ccid-driver.c 2015-11-19 14:48:55.846621859 +0100 @@ -94,6 +94,7 @@ #include "scdaemon.h" #include "iso7816.h" #include "ccid-driver.h" +#include "../include/host2net.h" #define DRVNAME "ccid-driver: " @@ -316,7 +317,7 @@ static int send_escape_cmd (ccid_driver_ static unsigned int convert_le_u32 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); + return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24); } Index: gnupg-2.0.24/scd/pcsc-wrapper.c =================================================================== --- gnupg-2.0.24.orig/scd/pcsc-wrapper.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/scd/pcsc-wrapper.c 2015-11-19 14:48:55.846621859 +0100 @@ -273,7 +273,7 @@ read_32 (FILE *fp) fprintf (stderr, PGM ": premature EOF while parsing request\n"); exit (1); } - return (c1 << 24) | (c2 << 16) | (c3 << 8) | c4; + return ((unsigned long)c1 << 24) | (c2 << 16) | (c3 << 8) | c4; } @@ -760,7 +760,8 @@ handle_control (unsigned char *argbuf, s if (arglen < 4) bad_request ("CONTROL"); - ioctl_code = (argbuf[0] << 24) | (argbuf[1] << 16) | (argbuf[2] << 8) | argbuf[3]; + ioctl_code = (((pcsc_dword_t)argbuf[0] << 24) + | (argbuf[1] << 16) | (argbuf[2] << 8) | argbuf[3]); argbuf += 4; arglen -= 4; Index: gnupg-2.0.24/tools/ccidmon.c =================================================================== --- gnupg-2.0.24.orig/tools/ccidmon.c 2014-06-24 13:50:15.000000000 +0200 +++ gnupg-2.0.24/tools/ccidmon.c 2015-11-19 14:48:55.846621859 +0100 @@ -52,7 +52,7 @@ static int debug; static int skip_escape; static int usb_bus, usb_dev; static int sniffusb; - + /* Error counter. */ static int any_error; @@ -142,19 +142,19 @@ err (const char *format, ...) /* Convert a little endian stored 4 byte value into an unsigned integer. */ -static unsigned int +static unsigned int convert_le_u32 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); + return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24); } /* Convert a little endian stored 2 byte value into an unsigned integer. */ -static unsigned int +static unsigned int convert_le_u16 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8); + return buf[0] | (buf[1] << 8); } @@ -182,7 +182,7 @@ print_pr_data (const unsigned char *data putchar ('\n'); } - + static void print_p2r_header (const char *name, const unsigned char *msg, size_t msglen) { @@ -359,7 +359,7 @@ print_p2r_unknown (const unsigned char * { char buf[100]; - snprintf (buf, sizeof buf, "Unknown PC_to_RDR command 0x%02X", + snprintf (buf, sizeof buf, "Unknown PC_to_RDR command 0x%02X", msglen? msg[0]:0); print_p2r_header (buf, msg, msglen); if (msglen < 10) @@ -466,7 +466,7 @@ print_r2p_slotstatus (const unsigned cha msg[9] == 3? " (stopped)":""); print_pr_data (msg, msglen, 10); } - + static void print_r2p_parameters (const unsigned char *msg, size_t msglen) @@ -527,7 +527,7 @@ print_r2p_unknown (const unsigned char * { char buf[100]; - snprintf (buf, sizeof buf, "Unknown RDR_to_PC command 0x%02X", + snprintf (buf, sizeof buf, "Unknown RDR_to_PC command 0x%02X", msglen? msg[0]:0); print_r2p_header (buf, msg, msglen); if (msglen < 10) @@ -571,7 +571,7 @@ flush_data (void) { if (!databuffer.count) return; - + if (verbose) printf ("Address: %s\n", databuffer.address); if (databuffer.is_bi) @@ -684,7 +684,7 @@ parse_line (char *line, unsigned int lin p = strtok (NULL, " "); if (!p) return; /* No data length. */ - + datatag = strtok (NULL, " "); if (datatag && *datatag == '=') { @@ -707,10 +707,10 @@ parse_line_sniffusb (char *line, unsigne return; p = strtok (NULL, " \t"); if (!p) - return; + return; p = strtok (NULL, " \t"); if (!p) - return; + return; if (hexdigitp (p[0]) && hexdigitp (p[1]) && hexdigitp (p[2]) && hexdigitp (p[3]) @@ -718,7 +718,7 @@ parse_line_sniffusb (char *line, unsigne { size_t length; unsigned int value; - + length = databuffer.count; while ((p=strtok (NULL, " \t"))) { @@ -791,7 +791,7 @@ parse_input (FILE *fp) } -int +int main (int argc, char **argv) { int last_argc = -1; @@ -845,7 +845,7 @@ main (int argc, char **argv) sniffusb = 1; argc--; argv++; } - } + } if (argc && sniffusb) die ("no arguments expected when using --sniffusb\n"); @@ -855,14 +855,14 @@ main (int argc, char **argv) if (argc == 1) { const char *s = strchr (argv[0], ':'); - + usb_bus = atoi (argv[0]); if (s) usb_dev = atoi (s+1); if (usb_bus < 1 || usb_bus > 999 || usb_dev < 1 || usb_dev > 999) die ("invalid bus:dev specified"); } - + signal (SIGPIPE, SIG_IGN); Index: gnupg-2.0.24/g10/sign.c =================================================================== --- gnupg-2.0.24.orig/g10/sign.c 2015-11-19 14:48:55.744620281 +0100 +++ gnupg-2.0.24/g10/sign.c 2015-11-19 14:56:06.154267929 +0100 @@ -41,6 +41,7 @@ #include "pkglue.h" #include "sysutils.h" #include "call-agent.h" +#include "../include/host2net.h" #ifdef HAVE_DOSISH_SYSTEM @@ -1049,7 +1050,7 @@ sign_file( strlist_t filenames, int deta sigclass = ts[0]; if (sigclass != 0x00 && sigclass != 0x01) log_bug("bad cipher class\n"); - timestamp = buffer_to_u32(ts + 1); + timestamp = buf32_to_u32(ts + 1); } else { /* read, so that the filter can calculate the digest */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor