Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-12-26 16:09:35 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

fixed validate signature for data of arbitrary length

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5126 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2012-04-27 12:07:29 +00:00
parent 42687f32aa
commit b7dcbf3ef2
4 changed files with 30 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openpgpsdk/include/openpgpsdk/packet.h
View File

@ -695,7 +695,7 @@ typedef struct
typedef struct
{
unsigned length;
unsigned char data[8192];
unsigned char *data;//[8192];
} ops_literal_data_body_t;
/** ops_mdc_t */
@ -741,7 +741,7 @@ typedef struct
typedef struct
{
unsigned length;
unsigned char data[8192]; // \todo fix hard-coded value?
unsigned char *data; // \todo fix hard-coded value?
} ops_signed_cleartext_body_t;
/** ops_signed_cleartext_trailer_t */

6
openpgpsdk/include/openpgpsdk/validate.h
View File

@ -78,11 +78,11 @@ typedef struct validate_data_cb_arg
LITERAL_DATA,
SIGNED_CLEARTEXT
} use; /*<! this is set to indicate what kind of data we have */
union
{
ops_literal_data_body_t literal_data_body; /*<! Used to hold Literal Data */
ops_signed_cleartext_body_t signed_cleartext_body; /*<! Used to hold Signed Cleartext */
} data; /*<! the data itself */
unsigned char hash[OPS_MAX_HASH_SIZE]; /*<! the hash */
const ops_keyring_t *keyring; /*<! keyring to use */
validate_reader_arg_t *rarg; /*<! reader-specific arg */

6
openpgpsdk/src/packet-parse.c
View File

@ -2108,8 +2108,10 @@ static int parse_literal_data(ops_region_t *region,ops_parse_info_t *pinfo)
{
unsigned l=region->length-region->length_read;
if(l > sizeof C.literal_data_body.data)
l=sizeof C.literal_data_body.data;
if(C.literal_data_body.data != NULL)
free(C.literal_data_body.data) ;
C.literal_data_body.data = (unsigned char *)malloc(l) ;
if(!limited_read(C.literal_data_body.data,l,region,pinfo))
return 0;

32
openpgpsdk/src/validate.c
View File

@ -363,13 +363,13 @@ validate_data_cb(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinf
break;
case OPS_PTAG_CT_LITERAL_DATA_BODY:
arg->data.literal_data_body=content->literal_data_body;
arg->literal_data_body=content->literal_data_body;
arg->use=LITERAL_DATA;
return OPS_KEEP_MEMORY;
break;
case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY:
arg->data.signed_cleartext_body=content->signed_cleartext_body;
arg->signed_cleartext_body=content->signed_cleartext_body;
arg->use=SIGNED_CLEARTEXT;
return OPS_KEEP_MEMORY;
break;
@ -413,14 +413,14 @@ validate_data_cb(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinf
{
case LITERAL_DATA:
ops_memory_add(mem,
arg->data.literal_data_body.data,
arg->data.literal_data_body.length);
arg->literal_data_body.data,
arg->literal_data_body.length);
break;
case SIGNED_CLEARTEXT:
ops_memory_add(mem,
arg->data.signed_cleartext_body.data,
arg->data.signed_cleartext_body.length);
arg->signed_cleartext_body.data,
arg->signed_cleartext_body.length);
break;
default:
@ -565,6 +565,9 @@ ops_boolean_t ops_validate_key_signatures(ops_validate_result_t *result,const op
ops_parse_info_delete(pinfo);
/* if(carg.literal_data_body.data != NULL)
free(carg.literal_data_body.data) ; */
if (result->invalid_count || result->unknown_signer_count || !result->valid_count)
return ops_false;
else
@ -688,6 +691,8 @@ ops_boolean_t ops_validate_file(ops_validate_result_t *result, const char* filen
ops_reader_pop_dearmour(pinfo);
ops_teardown_file_read(pinfo, fd);
if(validate_arg.literal_data_body.data != NULL) free(validate_arg.literal_data_body.data) ;
return validate_result_status(result);
}
@ -741,6 +746,9 @@ ops_boolean_t ops_validate_mem(ops_validate_result_t *result, ops_memory_t* mem,
ops_reader_pop_dearmour(pinfo);
ops_teardown_memory_read(pinfo, mem);
if(validate_arg.literal_data_body.data != NULL) free(validate_arg.literal_data_body.data) ;
if(validate_arg.signed_cleartext_body.data != NULL) free(validate_arg.signed_cleartext_body.data) ;
return validate_result_status(result);
}
@ -768,12 +776,11 @@ ops_boolean_t ops_validate_detached_signature(const void *literal_data, unsigned
validate_arg.result=result;
validate_arg.keyring=&tmp_keyring;
int length = 8192 ;
if(literal_data_length < length)
length = literal_data_length ;
int length = literal_data_length ;
memcpy(validate_arg.data.literal_data_body.data, literal_data, length) ;
validate_arg.data.literal_data_body.length = length ;
validate_arg.literal_data_body.data = (unsigned char *)malloc(length) ;
memcpy(validate_arg.literal_data_body.data, literal_data, length) ;
validate_arg.literal_data_body.length = length ;
// Note: Coverity incorrectly reports an error that carg.rarg
// is never used.
@ -797,6 +804,9 @@ ops_boolean_t ops_validate_detached_signature(const void *literal_data, unsigned
ops_boolean_t res = validate_result_status(result);
ops_validate_result_free(result) ;
if(validate_arg.literal_data_body.data != NULL) free(validate_arg.literal_data_body.data) ;
if(validate_arg.signed_cleartext_body.data != NULL) free(validate_arg.signed_cleartext_body.data) ;
return res ;
}