Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-12-28 00:49:28 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

fixed validate signature for data of arbitrary length

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5126 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2012-04-27 12:07:29 +00:00
parent 42687f32aa
commit b7dcbf3ef2
4 changed files with 30 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openpgpsdk/include/openpgpsdk/packet.h
View File

@ -695,7 +695,7 @@ typedef struct
typedef struct typedef struct
{ {
unsigned length; unsigned length;
unsigned char data[8192]; unsigned char *data;//[8192];
} ops_literal_data_body_t; } ops_literal_data_body_t;
/** ops_mdc_t */ /** ops_mdc_t */
@ -741,7 +741,7 @@ typedef struct
typedef struct typedef struct
{ {
unsigned length; unsigned length;
unsigned char data[8192]; // \todo fix hard-coded value? unsigned char *data; // \todo fix hard-coded value?
} ops_signed_cleartext_body_t; } ops_signed_cleartext_body_t;
/** ops_signed_cleartext_trailer_t */ /** ops_signed_cleartext_trailer_t */

6
openpgpsdk/include/openpgpsdk/validate.h
View File

@ -78,11 +78,11 @@ typedef struct validate_data_cb_arg
LITERAL_DATA, LITERAL_DATA,
SIGNED_CLEARTEXT SIGNED_CLEARTEXT
} use; /*<! this is set to indicate what kind of data we have */ } use; /*<! this is set to indicate what kind of data we have */
union
{
ops_literal_data_body_t literal_data_body; /*<! Used to hold Literal Data */ ops_literal_data_body_t literal_data_body; /*<! Used to hold Literal Data */
ops_signed_cleartext_body_t signed_cleartext_body; /*<! Used to hold Signed Cleartext */ ops_signed_cleartext_body_t signed_cleartext_body; /*<! Used to hold Signed Cleartext */
} data; /*<! the data itself */
unsigned char hash[OPS_MAX_HASH_SIZE]; /*<! the hash */ unsigned char hash[OPS_MAX_HASH_SIZE]; /*<! the hash */
const ops_keyring_t *keyring; /*<! keyring to use */ const ops_keyring_t *keyring; /*<! keyring to use */
validate_reader_arg_t *rarg; /*<! reader-specific arg */ validate_reader_arg_t *rarg; /*<! reader-specific arg */

6
openpgpsdk/src/packet-parse.c
View File

@ -2108,8 +2108,10 @@ static int parse_literal_data(ops_region_t *region,ops_parse_info_t *pinfo)
{ {
unsigned l=region->length-region->length_read; unsigned l=region->length-region->length_read;
if(l > sizeof C.literal_data_body.data) if(C.literal_data_body.data != NULL)
l=sizeof C.literal_data_body.data; free(C.literal_data_body.data) ;
C.literal_data_body.data = (unsigned char *)malloc(l) ;
if(!limited_read(C.literal_data_body.data,l,region,pinfo)) if(!limited_read(C.literal_data_body.data,l,region,pinfo))
return 0; return 0;

32
openpgpsdk/src/validate.c
View File

@ -363,13 +363,13 @@ validate_data_cb(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinf
break; break;
case OPS_PTAG_CT_LITERAL_DATA_BODY: case OPS_PTAG_CT_LITERAL_DATA_BODY:
arg->data.literal_data_body=content->literal_data_body; arg->literal_data_body=content->literal_data_body;
arg->use=LITERAL_DATA; arg->use=LITERAL_DATA;
return OPS_KEEP_MEMORY; return OPS_KEEP_MEMORY;
break; break;
case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY: case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY:
arg->data.signed_cleartext_body=content->signed_cleartext_body; arg->signed_cleartext_body=content->signed_cleartext_body;
arg->use=SIGNED_CLEARTEXT; arg->use=SIGNED_CLEARTEXT;
return OPS_KEEP_MEMORY; return OPS_KEEP_MEMORY;
break; break;
@ -413,14 +413,14 @@ validate_data_cb(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinf
{ {
case LITERAL_DATA: case LITERAL_DATA:
ops_memory_add(mem, ops_memory_add(mem,
arg->data.literal_data_body.data, arg->literal_data_body.data,
arg->data.literal_data_body.length); arg->literal_data_body.length);
break; break;
case SIGNED_CLEARTEXT: case SIGNED_CLEARTEXT:
ops_memory_add(mem, ops_memory_add(mem,
arg->data.signed_cleartext_body.data, arg->signed_cleartext_body.data,
arg->data.signed_cleartext_body.length); arg->signed_cleartext_body.length);
break; break;
default: default:
@ -565,6 +565,9 @@ ops_boolean_t ops_validate_key_signatures(ops_validate_result_t *result,const op
ops_parse_info_delete(pinfo); ops_parse_info_delete(pinfo);
/* if(carg.literal_data_body.data != NULL)
free(carg.literal_data_body.data) ; */
if (result->invalid_count || result->unknown_signer_count || !result->valid_count) if (result->invalid_count || result->unknown_signer_count || !result->valid_count)
return ops_false; return ops_false;
else else
@ -688,6 +691,8 @@ ops_boolean_t ops_validate_file(ops_validate_result_t *result, const char* filen
ops_reader_pop_dearmour(pinfo); ops_reader_pop_dearmour(pinfo);
ops_teardown_file_read(pinfo, fd); ops_teardown_file_read(pinfo, fd);
if(validate_arg.literal_data_body.data != NULL) free(validate_arg.literal_data_body.data) ;
return validate_result_status(result); return validate_result_status(result);
} }
@ -741,6 +746,9 @@ ops_boolean_t ops_validate_mem(ops_validate_result_t *result, ops_memory_t* mem,
ops_reader_pop_dearmour(pinfo); ops_reader_pop_dearmour(pinfo);
ops_teardown_memory_read(pinfo, mem); ops_teardown_memory_read(pinfo, mem);
if(validate_arg.literal_data_body.data != NULL) free(validate_arg.literal_data_body.data) ;
if(validate_arg.signed_cleartext_body.data != NULL) free(validate_arg.signed_cleartext_body.data) ;
return validate_result_status(result); return validate_result_status(result);
} }
@ -768,12 +776,11 @@ ops_boolean_t ops_validate_detached_signature(const void *literal_data, unsigned
validate_arg.result=result; validate_arg.result=result;
validate_arg.keyring=&tmp_keyring; validate_arg.keyring=&tmp_keyring;
int length = 8192 ; int length = literal_data_length ;
if(literal_data_length < length)
length = literal_data_length ;
memcpy(validate_arg.data.literal_data_body.data, literal_data, length) ; validate_arg.literal_data_body.data = (unsigned char *)malloc(length) ;
validate_arg.data.literal_data_body.length = length ; memcpy(validate_arg.literal_data_body.data, literal_data, length) ;
validate_arg.literal_data_body.length = length ;
// Note: Coverity incorrectly reports an error that carg.rarg // Note: Coverity incorrectly reports an error that carg.rarg
// is never used. // is never used.
@ -797,6 +804,9 @@ ops_boolean_t ops_validate_detached_signature(const void *literal_data, unsigned
ops_boolean_t res = validate_result_status(result); ops_boolean_t res = validate_result_status(result);
ops_validate_result_free(result) ; ops_validate_result_free(result) ;
if(validate_arg.literal_data_body.data != NULL) free(validate_arg.literal_data_body.data) ;
if(validate_arg.signed_cleartext_body.data != NULL) free(validate_arg.signed_cleartext_body.data) ;
return res ; return res ;
} }