On Sun, Sep 19, 2021 at 11:23:55PM +0200, Theo Buehler wrote:
> > > misc/brltty
> > > sysutils/cdrtools
> > > x11/fvwm2
>
> I have committed the three above.
>
> > > security/gnupg
>
> This one is really horrible. The part of the diff involving tty_fprintf
> needed some fixing. The agent/protect.c looks correct to me. A careful
> review by more than one person seems necessary.
The previous diff had a bug that was spotted by the regress tests. There
was an snprintf() that was inadvertently removed.
Since regress tests passed without the diff to protect.c, this means
that gnupg can't be using our *printf for this. In fact, xtryasprintf()
uses this *printf implementation from libgpg-error:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=blob;f=src/estream-printf.c;h=fe25657d1bb03f8f8fd9748c0841ea01f6165913;hb=HEAD
Below is a slightly less repugnant version of the previous diff
(including a suggestion from edd). It passes regress.
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/gnupg/Makefile,v
retrieving revision 1.121
diff -u -p -r1.121 Makefile
--- Makefile 30 Aug 2021 17:04:45 -0000 1.121
+++ Makefile 19 Sep 2021 20:23:50 -0000
@@ -4,6 +4,7 @@ COMMENT = GNU privacy guard - a free PGP
DISTNAME = gnupg-2.2.30
CATEGORIES = security
+REVISION = 0
MASTER_SITES = ${MASTER_SITE_GNUPG:=gnupg/}
Index: patches/patch-agent_protect_c
===================================================================
RCS file: patches/patch-agent_protect_c
diff -N patches/patch-agent_protect_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-agent_protect_c 20 Sep 2021 19:57:36 -0000
@@ -0,0 +1,61 @@
+$OpenBSD$
+
+Index: agent/protect.c
+--- agent/protect.c.orig
++++ agent/protect.c
+@@ -563,24 +563,47 @@ do_encryption (const unsigned char *hashbegin, size_t
+ and dummy values as placeholders. */
+ {
+ char countbuf[35];
++ char *p1 = NULL, *p2 = NULL, *p3 = NULL;
+
+ snprintf (countbuf, sizeof countbuf, "%lu",
+ s2k_count ? s2k_count : get_standard_s2k_count ());
+- p = xtryasprintf
+- ("(9:protected%d:%s((4:sha18:%n_8bytes_%u:%s)%d:%n%*s)%d:%n%*s)",
+- (int)strlen (modestr), modestr,
+- &saltpos,
+- (unsigned int)strlen (countbuf), countbuf,
+- use_ocb? 12 : blklen, &ivpos, use_ocb? 12 : blklen, "",
+- enclen, &encpos, enclen, "");
++
++#define FMT1 "(9:protected%d:%s((4:sha18:"
++#define FMT2 "_8bytes_%u:%s)%d:"
++#define FMT3 "%*s)%d:"
++
++ p1 = xtryasprintf (FMT1, (int)strlen (modestr), modestr);
++ if (!p1)
++ goto fail;
++ saltpos = strlen(p1);
++
++ p2 = xtryasprintf (FMT2, (unsigned int)strlen (countbuf), countbuf,
++ use_ocb? 12 : blklen);
++ if (!p2)
++ goto fail;
++ ivpos = saltpos + strlen(p2);
++
++ p3 = xtryasprintf (FMT3, use_ocb? 12 : blklen, "", enclen);
++ if (!p3)
++ goto fail;
++ encpos = ivpos + strlen(p3);
++
++ p = xtryasprintf ("%s%s%s%*s)", p1, p2, p3, enclen, "");
++
+ if (!p)
+ {
++fail:
++ free(p1);
++ free(p2);
++ free(p3);
+ gpg_error_t tmperr = out_of_core ();
+ xfree (iv);
+ xfree (outbuf);
+ return tmperr;
+ }
+-
++ free(p1);
++ free(p2);
++ free(p3);
+ }
+ *resultlen = strlen (p);
+ *result = (unsigned char*)p;
Index: patches/patch-common_ttyio_c
===================================================================
RCS file: patches/patch-common_ttyio_c
diff -N patches/patch-common_ttyio_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-common_ttyio_c 19 Sep 2021 20:35:51 -0000
@@ -0,0 +1,55 @@
+$OpenBSD$
+
+Index: common/ttyio.c
+--- common/ttyio.c.orig
++++ common/ttyio.c
+@@ -293,21 +293,22 @@ tty_printf (const char *fmt, ... )
+
+ /* Same as tty_printf but if FP is not NULL, behave like a regular
+ fprintf. */
+-void
++int
+ tty_fprintf (estream_t fp, const char *fmt, ... )
+ {
+ va_list arg_ptr;
++ int ret;
+
+ if (fp)
+ {
+ va_start (arg_ptr, fmt) ;
+- es_vfprintf (fp, fmt, arg_ptr );
++ ret = es_vfprintf (fp, fmt, arg_ptr );
+ va_end (arg_ptr);
+- return;
++ return ret;
+ }
+
+ if (no_terminal)
+- return;
++ return 0;
+
+ if (!initialized)
+ init_ttyfp ();
+@@ -318,18 +319,20 @@ tty_fprintf (estream_t fp, const char *fmt, ... )
+ {
+ char *buf = NULL;
+
+- vasprintf (&buf, fmt, arg_ptr);
++ ret = vasprintf (&buf, fmt, arg_ptr);
+ if (!buf)
+ log_bug ("vasprintf() failed\n");
+ w32_write_console (buf);
+ xfree (buf);
+ }
+ #else /* Unix */
+- last_prompt_len += vfprintf(ttyfp,fmt,arg_ptr) ;
++ ret = vfprintf(ttyfp,fmt,arg_ptr) ;
++ last_prompt_len += ret ;
+ fflush(ttyfp);
+
No comments:
Post a Comment