File 0001-Use-inline-functions-to-convert-buffer-data-to-scala.patch of Package gpg2.30813
From 3627123dc8fdc551caca1c7944713fbf01feccf6 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 12 Feb 2015 20:34:44 +0100
Subject: [PATCH] Use inline functions to convert buffer data to scalars.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* include/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--
This fixes sign extension on shift problems. Hanno Böck found a case
with an invalid read due to this problem. To fix that almost all uses
of "<< 24" and "<< 8" are changed by this patch to use an inline
function from host2net.h.
(back ported from commit 2183683bd633818dd031b090b5530951de76f392)
Signed-off-by: Werner Koch <wk@gnupg.org>
---
common/iobuf.c | 3 +-
g10/build-packet.c | 6 ++--
g10/getkey.c | 17 ++++-----
g10/keygen.c | 14 ++++----
g10/keyid.c | 32 +++++++----------
g10/main.h | 1 -
g10/misc.c | 11 ------
g10/parse-packet.c | 41 ++++++++++-----------
g10/tdbio.c | 20 +++++------
g10/trustdb.c | 2 +-
include/host2net.h | 100 +++++++++++++++++++++++++++++++++++++++++++--------
kbx/keybox-dump.c | 63 +++++++++++++++-----------------
kbx/keybox-openpgp.c | 7 ++--
kbx/keybox-search.c | 85 ++++++++++++++++++++-----------------------
kbx/keybox-update.c | 97 +++++++++++++++++++++++++------------------------
scd/apdu.c | 39 +++++++++-----------
scd/app-openpgp.c | 3 +-
scd/ccid-driver.c | 3 +-
scd/pcsc-wrapper.c | 5 +--
tools/ccidmon.c | 36 +++++++++----------
20 files changed, 310 insertions(+), 275 deletions(-)
Index: gnupg-2.0.24/common/iobuf.c
===================================================================
--- gnupg-2.0.24.orig/common/iobuf.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/common/iobuf.c 2015-11-19 14:48:55.839621751 +0100
@@ -42,6 +42,7 @@
#include "util.h"
#include "sysutils.h"
+#include "../include/host2net.h"
#include "iobuf.h"
/*-- Begin configurable part. --*/
@@ -872,7 +873,7 @@ block_filter (void *opaque, int control,
}
else if (c == 255)
{
- a->size = iobuf_get (chain) << 24;
+ a->size = (size_t)iobuf_get (chain) << 24;
a->size |= iobuf_get (chain) << 16;
a->size |= iobuf_get (chain) << 8;
if ((c = iobuf_get (chain)) == -1)
Index: gnupg-2.0.24/g10/build-packet.c
===================================================================
--- gnupg-2.0.24.orig/g10/build-packet.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/build-packet.c 2015-11-19 14:48:55.839621751 +0100
@@ -33,6 +33,7 @@
#include "cipher.h"
#include "i18n.h"
#include "options.h"
+#include "../include/host2net.h"
static int do_user_id( IOBUF out, int ctb, PKT_user_id *uid );
static int do_public_key( IOBUF out, int ctb, PKT_public_key *pk );
@@ -631,8 +632,7 @@ delete_sig_subpkt (subpktarea_t *area, s
if( n == 255 ) {
if( buflen < 4 )
break;
- n = (buffer[0] << 24) | (buffer[1] << 16)
- | (buffer[2] << 8) | buffer[3];
+ n = buf32_to_size_t (buffer);
buffer += 4;
buflen -= 4;
}
@@ -755,7 +755,7 @@ build_sig_subpkt (PKT_signature *sig, si
/* This should never happen since we don't currently allow
creating such a subpacket, but just in case... */
case SIGSUBPKT_SIG_EXPIRE:
- if(buffer_to_u32(buffer)+sig->timestamp<=make_timestamp())
+ if (buf32_to_u32 (buffer) + sig->timestamp <= make_timestamp())
sig->flags.expired=1;
else
sig->flags.expired=0;
Index: gnupg-2.0.24/g10/getkey.c
===================================================================
--- gnupg-2.0.24.orig/g10/getkey.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/getkey.c 2015-11-19 14:48:55.840621767 +0100
@@ -35,6 +35,7 @@
#include "trustdb.h"
#include "i18n.h"
#include "keyserver-internal.h"
+#include "../include/host2net.h"
#define MAX_PK_CACHE_ENTRIES PK_UID_CACHE_SIZE
#define MAX_UID_CACHE_ENTRIES PK_UID_CACHE_SIZE
@@ -1486,14 +1487,14 @@ merge_keys_and_selfsig( KBNODE keyblock
p = parse_sig_subpkt( sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL );
if( pk ) {
- ed = p? pk->timestamp + buffer_to_u32(p):0;
+ ed = p? pk->timestamp + buf32_to_u32(p):0;
if( sig->timestamp > sigdate ) {
pk->expiredate = ed;
sigdate = sig->timestamp;
}
}
else {
- ed = p? sk->timestamp + buffer_to_u32(p):0;
+ ed = p? sk->timestamp + buf32_to_u32(p):0;
if( sig->timestamp > sigdate ) {
sk->expiredate = ed;
sigdate = sig->timestamp;
@@ -1618,8 +1619,8 @@ fixup_uidnode ( KBNODE uidnode, KBNODE s
/* ditto for the key expiration */
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
- if( p && buffer_to_u32(p) )
- uid->help_key_expire = keycreated + buffer_to_u32(p);
+ if( p && buf32_to_u32 (p) )
+ uid->help_key_expire = keycreated + buf32_to_u32(p);
else
uid->help_key_expire = 0;
@@ -1833,9 +1834,9 @@ merge_selfsigs_main(KBNODE keyblock, int
key_usage=parse_key_usage(sig);
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
- if( p && buffer_to_u32(p) )
+ if( p && buf32_to_u32 (p) )
{
- key_expire = keytimestamp + buffer_to_u32(p);
+ key_expire = keytimestamp + buf32_to_u32 (p);
key_expire_seen = 1;
}
@@ -2257,8 +2258,8 @@ merge_selfsigs_subkey( KBNODE keyblock,
subpk->pubkey_usage = key_usage;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
- if ( p && buffer_to_u32(p) )
- key_expire = keytimestamp + buffer_to_u32(p);
+ if ( p && buf32_to_u32 (p) )
+ key_expire = keytimestamp + buf32_to_u32 (p);
else
key_expire = 0;
subpk->has_expired = key_expire >= curtime? 0 : key_expire;
Index: gnupg-2.0.24/g10/keygen.c
===================================================================
--- gnupg-2.0.24.orig/g10/keygen.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/keygen.c 2015-11-19 14:48:55.840621767 +0100
@@ -42,6 +42,7 @@
#include "i18n.h"
#include "keyserver-internal.h"
#include "call-agent.h"
+#include "host2net.h"
/* The default algorithms. If you change them remember to change them
also in gpg.c:gpgconf_list. You should also check that the value
@@ -849,10 +850,7 @@ make_backsig (PKT_signature *sig,PKT_pub
}
else if(buf[1]==255)
{
- pktlen =buf[2] << 24;
- pktlen|=buf[3] << 16;
- pktlen|=buf[4] << 8;
- pktlen|=buf[5];
+ pktlen = buf32_to_size_t (buf+2);
buf+=6;
}
else
@@ -869,14 +867,14 @@ make_backsig (PKT_signature *sig,PKT_pub
break;
case 2:
- pktlen =buf[mark++] << 24;
- pktlen|=buf[mark++] << 16;
+ pktlen = (size_t)buf[mark++] << 24;
+ pktlen |= buf[mark++] << 16;
case 1:
- pktlen|=buf[mark++] << 8;
+ pktlen |= buf[mark++] << 8;
case 0:
- pktlen|=buf[mark++];
+ pktlen |= buf[mark++];
}
buf+=mark;
Index: gnupg-2.0.24/g10/keyid.c
===================================================================
--- gnupg-2.0.24.orig/g10/keyid.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/keyid.c 2015-11-19 14:48:55.840621767 +0100
@@ -34,6 +34,7 @@
#include "keydb.h"
#include "i18n.h"
#include "rmd160.h"
+#include "host2net.h"
int
pubkey_letter( int algo )
@@ -175,9 +176,9 @@ v3_keyid (gcry_mpi_t a, u32 *ki)
else
{
p = buffer + nbytes - 8;
- ki[0] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3];
+ ki[0] = buf32_to_u32 (p);
p += 4;
- ki[1] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3];
+ ki[1] = buf32_to_u32 (p);
}
xfree (buffer);
return ki[1];
@@ -271,15 +272,8 @@ keystr_from_desc(KEYDB_SEARCH_DESC *desc
{
u32 keyid[2];
- keyid[0] = ((unsigned char)desc->u.fpr[12] << 24
- | (unsigned char)desc->u.fpr[13] << 16
- | (unsigned char)desc->u.fpr[14] << 8
- | (unsigned char)desc->u.fpr[15]);
- keyid[1] = ((unsigned char)desc->u.fpr[16] << 24
- | (unsigned char)desc->u.fpr[17] << 16
- | (unsigned char)desc->u.fpr[18] << 8
- | (unsigned char)desc->u.fpr[19]);
-
+ keyid[0] = buf32_to_u32 (desc->u.fpr+12);
+ keyid[1] = buf32_to_u32 (desc->u.fpr+16);
return keystr(keyid);
}
@@ -331,8 +325,8 @@ keyid_from_sk( PKT_secret_key *sk, u32 *
if(md)
{
dp = gcry_md_read (md, 0);
- keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
- keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
+ keyid[0] = buf32_to_u32 (dp+12);
+ keyid[1] = buf32_to_u32 (dp+16);
lowbits = keyid[1];
gcry_md_close (md);
sk->keyid[0] = keyid[0];
@@ -386,8 +380,8 @@ keyid_from_pk( PKT_public_key *pk, u32 *
if(md)
{
dp = gcry_md_read ( md, 0 );
- keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
- keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
+ keyid[0] = buf32_to_u32 (dp+12);
+ keyid[1] = buf32_to_u32 (dp+16);
lowbits = keyid[1];
gcry_md_close (md);
pk->keyid[0] = keyid[0];
@@ -430,8 +424,8 @@ keyid_from_fingerprint( const byte *fpri
}
else {
const byte *dp = fprint;
- keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
- keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
+ keyid[0] = buf32_to_u32 (dp+12);
+ keyid[1] = buf32_to_u32 (dp+16);
}
return keyid[1];
@@ -721,8 +715,8 @@ fingerprint_from_pk( PKT_public_key *pk,
if (!array)
array = xmalloc ( len );
memcpy (array, dp, len );
- pk->keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
- pk->keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
+ pk->keyid[0] = buf32_to_u32 (dp+12);
+ pk->keyid[1] = buf32_to_u32 (dp+16);
gcry_md_close( md);
}
Index: gnupg-2.0.24/g10/main.h
===================================================================
--- gnupg-2.0.24.orig/g10/main.h 2015-11-19 14:48:55.829621596 +0100
+++ gnupg-2.0.24/g10/main.h 2015-11-19 14:48:55.841621782 +0100
@@ -80,7 +80,6 @@ int is_secured_filename (const char *fn
u16 checksum_u16( unsigned n );
u16 checksum( byte *p, unsigned n );
u16 checksum_mpi( gcry_mpi_t a );
-u32 buffer_to_u32( const byte *buffer );
const byte *get_session_marker( size_t *rlen );
int map_cipher_openpgp_to_gcry (int algo);
#define openpgp_cipher_open(_a,_b,_c,_d) gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d))
Index: gnupg-2.0.24/g10/misc.c
===================================================================
--- gnupg-2.0.24.orig/g10/misc.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/misc.c 2015-11-19 14:48:55.841621782 +0100
@@ -276,17 +276,6 @@ checksum_mpi (gcry_mpi_t a)
return csum;
}
-u32
-buffer_to_u32( const byte *buffer )
-{
- unsigned long a;
- a = *buffer << 24;
- a |= buffer[1] << 16;
- a |= buffer[2] << 8;
- a |= buffer[3];
- return a;
-}
-
void
print_pubkey_algo_note( int algo )
{
Index: gnupg-2.0.24/g10/parse-packet.c
===================================================================
--- gnupg-2.0.24.orig/g10/parse-packet.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/parse-packet.c 2015-11-19 14:48:55.841621782 +0100
@@ -34,6 +34,7 @@
#include "options.h"
#include "main.h"
#include "i18n.h"
+#include "host2net.h"
static int mpi_print_mode;
static int list_mode;
@@ -82,7 +83,7 @@ static unsigned short
read_16(IOBUF inp)
{
unsigned short a;
- a = iobuf_get_noeof(inp) << 8;
+ a = (unsigned short)iobuf_get_noeof(inp) << 8;
a |= iobuf_get_noeof(inp);
return a;
}
@@ -91,7 +92,7 @@ static unsigned long
read_32(IOBUF inp)
{
unsigned long a;
- a = iobuf_get_noeof(inp) << 24;
+ a = (unsigned long)iobuf_get_noeof(inp) << 24;
a |= iobuf_get_noeof(inp) << 16;
a |= iobuf_get_noeof(inp) << 8;
a |= iobuf_get_noeof(inp);
@@ -449,7 +450,8 @@ parse( IOBUF inp, PACKET *pkt, int onlyk
}
else if( c == 255 )
{
- pktlen = (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 24;
+ pktlen =
+ (unsigned long)(hdr[hdrlen++] = iobuf_get_noeof(inp)) << 24;
pktlen |= (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 16;
pktlen |= (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 8;
if( (c = iobuf_get(inp)) == -1 )
@@ -946,14 +948,15 @@ dump_sig_subpkt( int hashed, int type, i
switch( type ) {
case SIGSUBPKT_SIG_CREATED:
if( length >= 4 )
- fprintf (listfp, "sig created %s", strtimestamp( buffer_to_u32(buffer) ) );
+ fprintf (listfp, "sig created %s",
+ strtimestamp (buf32_to_u32(buffer)) );
break;
case SIGSUBPKT_SIG_EXPIRE:
if( length >= 4 )
{
- if(buffer_to_u32(buffer))
+ if(buf32_to_u32(buffer))
fprintf (listfp, "sig expires after %s",
- strtimevalue( buffer_to_u32(buffer) ) );
+ strtimevalue( buf32_to_u32(buffer) ) );
else
fprintf (listfp, "sig does not expire");
}
@@ -981,9 +984,9 @@ dump_sig_subpkt( int hashed, int type, i
case SIGSUBPKT_KEY_EXPIRE:
if( length >= 4 )
{
- if(buffer_to_u32(buffer))
+ if(buf32_to_u32(buffer))
fprintf (listfp, "key expires after %s",
- strtimevalue( buffer_to_u32(buffer) ) );
+ strtimevalue( buf32_to_u32(buffer) ) );
else
fprintf (listfp, "key does not expire");
}
@@ -1006,8 +1009,8 @@ dump_sig_subpkt( int hashed, int type, i
case SIGSUBPKT_ISSUER:
if( length >= 8 )
fprintf (listfp, "issuer key ID %08lX%08lX",
- (ulong)buffer_to_u32(buffer),
- (ulong)buffer_to_u32(buffer+4) );
+ buf32_to_ulong (buffer),
+ buf32_to_ulong (buffer+4));
break;
case SIGSUBPKT_NOTATION:
{
@@ -1252,8 +1255,7 @@ enum_sig_subpkt( const subpktarea_t *pkt
if( n == 255 ) { /* 4 byte length header */
if( buflen < 4 )
goto too_short;
- n = (buffer[0] << 24) | (buffer[1] << 16)
- | (buffer[2] << 8) | buffer[3];
+ n = buf32_to_size_t (buffer);
buffer += 4;
buflen -= 4;
}
@@ -1476,7 +1478,7 @@ parse_signature( IOBUF inp, int pkttype,
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_CREATED, NULL );
if(p)
- sig->timestamp = buffer_to_u32(p);
+ sig->timestamp = buf32_to_u32 (p);
else if(!(sig->pubkey_algo>=100 && sig->pubkey_algo<=110)
&& opt.verbose)
log_info ("signature packet without timestamp\n");
@@ -1484,16 +1486,16 @@ parse_signature( IOBUF inp, int pkttype,
p = parse_sig_subpkt2( sig, SIGSUBPKT_ISSUER, NULL );
if(p)
{
- sig->keyid[0] = buffer_to_u32(p);
- sig->keyid[1] = buffer_to_u32(p+4);
+ sig->keyid[0] = buf32_to_u32 (p);
+ sig->keyid[1] = buf32_to_u32 (p+4);
}
else if(!(sig->pubkey_algo>=100 && sig->pubkey_algo<=110)
&& opt.verbose)
log_info ("signature packet without keyid\n");
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_SIG_EXPIRE,NULL);
- if(p && buffer_to_u32(p))
- sig->expiredate=sig->timestamp+buffer_to_u32(p);
+ if(p && buf32_to_u32 (p))
+ sig->expiredate = sig->timestamp + buf32_to_u32 (p);
if(sig->expiredate && sig->expiredate<=make_timestamp())
sig->flags.expired=1;
@@ -2087,9 +2089,8 @@ parse_attribute_subpkts(PKT_user_id *uid
if( n == 255 ) { /* 4 byte length header */
if( buflen < 4 )
goto too_short;
- n = (buffer[0] << 24) | (buffer[1] << 16)
- | (buffer[2] << 8) | buffer[3];
- buffer += 4;
+ n = buf32_to_size_t (buffer);
+ buffer += 4;
buflen -= 4;
}
else if( n >= 192 ) { /* 2 byte special encoded length header */
Index: gnupg-2.0.24/g10/tdbio.c
===================================================================
--- gnupg-2.0.24.orig/g10/tdbio.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/tdbio.c 2015-11-19 14:48:55.842621797 +0100
@@ -1223,13 +1223,13 @@ tdbio_read_record( ulong recnum, TRUSTRE
rec->r.ver.trust_model = *p++;
rec->r.ver.min_cert_level = *p++;
p += 2;
- rec->r.ver.created = buftoulong(p); p += 4;
- rec->r.ver.nextcheck = buftoulong(p); p += 4;
+ rec->r.ver.created = buf32_to_ulong (p); p += 4;
+ rec->r.ver.nextcheck = buf32_to_ulong (p); p += 4;
p += 4;
p += 4;
- rec->r.ver.firstfree =buftoulong(p); p += 4;
+ rec->r.ver.firstfree =buf32_to_ulong (p); p += 4;
p += 4;
- rec->r.ver.trusthashtbl =buftoulong(p); p += 4;
+ rec->r.ver.trusthashtbl =buf32_to_ulong (p); p += 4;
if( recnum ) {
log_error( _("%s: version record with recnum %lu\n"), db_name,
(ulong)recnum );
@@ -1242,17 +1242,17 @@ tdbio_read_record( ulong recnum, TRUSTRE
}
break;
case RECTYPE_FREE:
- rec->r.free.next = buftoulong(p); p += 4;
+ rec->r.free.next = buf32_to_ulong (p); p += 4;
break;
case RECTYPE_HTBL:
for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) {
- rec->r.htbl.item[i] = buftoulong(p); p += 4;
+ rec->r.htbl.item[i] = buf32_to_ulong (p); p += 4;
}
break;
case RECTYPE_HLST:
- rec->r.hlst.next = buftoulong(p); p += 4;
+ rec->r.hlst.next = buf32_to_ulong (p); p += 4;
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
- rec->r.hlst.rnum[i] = buftoulong(p); p += 4;
+ rec->r.hlst.rnum[i] = buf32_to_ulong (p); p += 4;
}
break;
case RECTYPE_TRUST:
@@ -1261,12 +1261,12 @@ tdbio_read_record( ulong recnum, TRUSTRE
rec->r.trust.depth = *p++;
rec->r.trust.min_ownertrust = *p++;
p++;
- rec->r.trust.validlist = buftoulong(p); p += 4;
+ rec->r.trust.validlist = buf32_to_ulong (p); p += 4;
break;
case RECTYPE_VALID:
memcpy( rec->r.valid.namehash, p, 20); p+=20;
rec->r.valid.validity = *p++;
- rec->r.valid.next = buftoulong(p); p += 4;
+ rec->r.valid.next = buf32_to_ulong (p); p += 4;
rec->r.valid.full_count = *p++;
rec->r.valid.marginal_count = *p++;
break;
Index: gnupg-2.0.24/g10/trustdb.c
===================================================================
--- gnupg-2.0.24.orig/g10/trustdb.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/g10/trustdb.c 2015-11-19 14:48:55.842621797 +0100
@@ -1627,7 +1627,7 @@ mark_usable_uid_certs (KBNODE keyblock,
u32 expire;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
- expire = p? sig->timestamp + buffer_to_u32(p) : 0;
+ expire = p? sig->timestamp + buf32_to_u32 (p) : 0;
if (expire==0 || expire > curtime )
{
Index: gnupg-2.0.24/include/host2net.h
===================================================================
--- gnupg-2.0.24.orig/include/host2net.h 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/include/host2net.h 2015-11-19 14:48:55.842621797 +0100
@@ -1,14 +1,24 @@
-/* host2net.h - Some macros
- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+/* host2net.h - Endian conversion macros
+ * Copyright (C) 1998, 2014, 2015 Werner Koch
*
* This file is part of GnuPG.
*
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
+ * This file is free software; you can redistribute it and/or modify
+ * it under the terms of either
*
- * GnuPG is distributed in the hope that it will be useful,
+ * - the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or (at
+ * your option) any later version.
+ *
+ * or
+ *
+ * - the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * or both in parallel, as here.
+ *
+ * This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
@@ -17,14 +27,11 @@
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef G10_HOST2NET_H
-#define G10_HOST2NET_H
+#ifndef GNUPG_COMMON_HOST2NET_H
+#define GNUPG_COMMON_HOST2NET_H
#include "types.h"
-#define buftoulong( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \
- (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3)))
-#define buftoushort( p ) ((*((byte*)(p)) << 8) | (*((byte*)(p)+1)))
#define ulongtobuf( p, a ) do { \
((byte*)p)[0] = a >> 24; \
((byte*)p)[1] = a >> 16; \
@@ -35,8 +42,71 @@
((byte*)p)[0] = a >> 8; \
((byte*)p)[1] = a ; \
} while(0)
-#define buftou32( p) buftoulong( (p) )
-#define u32tobuf( p, a) ulongtobuf( (p), (a) )
-#endif /*G10_HOST2NET_H*/
+static inline unsigned long
+buf16_to_ulong (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((unsigned long)p[0] << 8) | p[1]);
+}
+
+static inline unsigned int
+buf16_to_uint (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((unsigned int)p[0] << 8) | p[1]);
+}
+
+static inline unsigned short
+buf16_to_ushort (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((unsigned short)p[0] << 8) | p[1]);
+}
+
+static inline u16
+buf16_to_u16 (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((u16)p[0] << 8) | p[1]);
+}
+
+static inline size_t
+buf32_to_size_t (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((size_t)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
+
+static inline unsigned long
+buf32_to_ulong (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((unsigned long)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
+
+static inline unsigned int
+buf32_to_uint (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((unsigned int)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
+
+static inline u32
+buf32_to_u32 (const void *buffer)
+{
+ const unsigned char *p = buffer;
+
+ return (((u32)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
+
+
+#endif /*GNUPG_COMMON_HOST2NET_H*/
Index: gnupg-2.0.24/kbx/keybox-dump.c
===================================================================
--- gnupg-2.0.24.orig/kbx/keybox-dump.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/kbx/keybox-dump.c 2015-11-19 14:48:55.843621813 +0100
@@ -25,6 +25,7 @@
#include "keybox-defs.h"
#include <gcrypt.h>
+#include "../include/host2net.h"
/* Argg, we can't include ../common/util.h */
char *bin2hexcolon (const void *buffer, size_t length, char *stringbuf);
@@ -33,21 +34,13 @@ char *bin2hexcolon (const void *buffer,
static ulong
get32 (const byte *buffer)
{
- ulong a;
- a = *buffer << 24;
- a |= buffer[1] << 16;
- a |= buffer[2] << 8;
- a |= buffer[3];
- return a;
+ return buf32_to_ulong (buffer);
}
static ulong
get16 (const byte *buffer)
{
- ulong a;
- a = *buffer << 8;
- a |= buffer[1];
- return a;
+ return buf16_to_ulong (buffer);
}
void
@@ -93,9 +86,9 @@ dump_header_blob (const byte *buffer, si
if ( memcmp (buffer+8, "KBXf", 4))
fprintf (fp, "[Error: invalid magic number]\n");
- n = get32 (buffer+16);
+ n = get32 (buffer+16);
fprintf( fp, "created-at: %lu\n", n );
- n = get32 (buffer+20);
+ n = get32 (buffer+20);
fprintf( fp, "last-maint: %lu\n", n );
return 0;
@@ -117,7 +110,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
const byte *p;
buffer = _keybox_get_blob_image (blob, &length);
-
+
if (length < 32)
{
fprintf (fp, "[blob too short]\n");
@@ -125,7 +118,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
}
n = get32( buffer );
- if (n > length)
+ if (n > length)
fprintf (fp, "[blob larger than length - output truncated]\n");
else
length = n; /* ignore the rest */
@@ -159,7 +152,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
fprintf (fp, "[blob too short]\n");
return -1;
}
-
+
n = get16 (buffer + 6);
fprintf( fp, "Blob-Flags: %04lX", n);
if (n)
@@ -188,7 +181,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
fprintf( fp, "Data-Offset: %lu\n", rawdata_off );
fprintf( fp, "Data-Length: %lu\n", rawdata_len );
- if (rawdata_off > length || rawdata_len > length
+ if (rawdata_off > length || rawdata_len > length
|| rawdata_off+rawdata_off > length)
fprintf (fp, "[Error: raw data larger than blob]\n");
@@ -207,7 +200,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
{
int i;
ulong kidoff, kflags;
-
+
fprintf (fp, "Key-Fpr[%lu]: ", n );
for (i=0; i < 20; i++ )
fprintf (fp, "%02X", p[i]);
@@ -220,7 +213,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
kflags = get16 (p + 24 );
fprintf( fp, "\nKey-Flags[%lu]: %04lX\n", n, kflags);
}
-
+
/* serial number */
fputs ("Serial-No: ", fp);
nserial = get16 (p);
@@ -244,7 +237,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
for (n=0; n < nuids; n++, p += uidinfolen)
{
ulong uidoff, uidlen, uflags;
-
+
uidoff = get32( p );
uidlen = get32( p+4 );
if (type == BLOBTYPE_X509 && !n)
@@ -284,7 +277,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
fprintf (fp, "Uid-Validity[%lu]: %d\n", n, p[10] );
}
}
-
+
nsigs = get16 (p);
fprintf (fp, "Sig-Count: %lu\n", nsigs );
siginfolen = get16 (p + 2);
@@ -294,7 +287,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE
for (n=0; n < nsigs; n++, p += siginfolen)
{
ulong sflags;
-
+
sflags = get32 (p);
fprintf (fp, "Sig-Expire[%lu]: ", n );
if (!sflags)
@@ -341,11 +334,11 @@ hash_blob_rawdata (KEYBOXBLOB blob, unsi
ulong rawdata_off, rawdata_len;
buffer = _keybox_get_blob_image (blob, &length);
-
+
if (length < 32)
return -1;
n = get32 (buffer);
- if (n < length)
+ if (n < length)
length = n; /* Blob larger than length in header - ignore the rest. */
type = buffer[4];
@@ -364,11 +357,11 @@ hash_blob_rawdata (KEYBOXBLOB blob, unsi
if (length < 40)
return -1;
-
+
rawdata_off = get32 (buffer + 8);
rawdata_len = get32 (buffer + 12);
- if (rawdata_off > length || rawdata_len > length
+ if (rawdata_off > length || rawdata_len > length
|| rawdata_off+rawdata_off > length)
return -1; /* Out of bounds. */
@@ -408,7 +401,7 @@ update_stats (KEYBOXBLOB blob, struct fi
}
n = get32( buffer );
- if (n > length)
+ if (n > length)
s->too_large_blobs++;
else
length = n; /* ignore the rest */
@@ -439,7 +432,7 @@ update_stats (KEYBOXBLOB blob, struct fi
s->too_short_blobs++;
return -1;
}
-
+
n = get16 (buffer + 6);
if (n)
{
@@ -512,13 +505,13 @@ _keybox_dump_file (const char *filename,
rc = 0;
if (rc)
fprintf (outfp, "error reading `%s': %s\n", filename, gpg_strerror (rc));
-
+
if (fp != stdin)
fclose (fp);
if (stats_only)
{
- fprintf (outfp,
+ fprintf (outfp,
"Total number of blobs: %8lu\n"
" header: %8lu\n"
" empty: %8lu\n"
@@ -551,9 +544,9 @@ _keybox_dump_file (const char *filename,
-struct dupitem_s
+struct dupitem_s
{
- unsigned long recno;
+ unsigned long recno;
unsigned char digest[20];
};
@@ -563,7 +556,7 @@ cmp_dupitems (const void *arg_a, const v
{
struct dupitem_s *a = (struct dupitem_s *)arg_a;
struct dupitem_s *b = (struct dupitem_s *)arg_b;
-
+
return memcmp (a->digest, b->digest, 20);
}
@@ -581,7 +574,7 @@ _keybox_dump_find_dups (const char *file
char fprbuf[3*20+1];
(void)print_them;
-
+
memset (zerodigest, 0, sizeof zerodigest);
if (!(fp = open_file (&filename, outfp)))
@@ -601,7 +594,7 @@ _keybox_dump_find_dups (const char *file
while ( !(rc = _keybox_read_blob (&blob, fp)) )
{
unsigned char digest[20];
-
+
if (hash_blob_rawdata (blob, digest))
fprintf (outfp, "error in blob %ld of `%s'\n", recno, filename);
else if (memcmp (digest, zerodigest, 20))
@@ -668,7 +661,7 @@ _keybox_dump_cut_records (const char *fi
KEYBOXBLOB blob;
int rc;
unsigned long recno = 0;
-
+
if (!(fp = open_file (&filename, stderr)))
return gpg_error_from_syserror ();
Index: gnupg-2.0.24/kbx/keybox-openpgp.c
===================================================================
--- gnupg-2.0.24.orig/kbx/keybox-openpgp.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/kbx/keybox-openpgp.c 2015-11-19 14:48:55.843621813 +0100
@@ -34,6 +34,7 @@
#include "keybox-defs.h"
#include <gcrypt.h>
+#include "../include/host2net.h"
enum packet_types
@@ -119,10 +120,8 @@ next_packet (unsigned char const **bufpt
{
if (len <4 )
return gpg_error (GPG_ERR_INV_PACKET); /* No length bytes. */
- pktlen = (*buf++) << 24;
- pktlen |= (*buf++) << 16;
- pktlen |= (*buf++) << 8;
- pktlen |= (*buf++);
+ pktlen = buf32_to_ulong (buf);
+ buf += 4;
len -= 4;
}
else /* Partial length encoding is not allowed for key packets. */
Index: gnupg-2.0.24/kbx/keybox-search.c
===================================================================
--- gnupg-2.0.24.orig/kbx/keybox-search.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/kbx/keybox-search.c 2015-11-19 14:48:55.843621813 +0100
@@ -25,6 +25,7 @@
#include <errno.h>
#include "../jnlib/stringhelp.h" /* ascii_xxxx() */
+#include "../include/host2net.h"
#include "keybox-defs.h"
#include <gcrypt.h>
@@ -45,21 +46,13 @@ struct sn_array_s {
static inline ulong
get32 (const byte *buffer)
{
- ulong a;
- a = *buffer << 24;
- a |= buffer[1] << 16;
- a |= buffer[2] << 8;
- a |= buffer[3];
- return a;
+ return buf32_to_ulong (buffer);
}
static inline ulong
get16 (const byte *buffer)
{
- ulong a;
- a = *buffer << 8;
- a |= buffer[1];
- return a;
+ return buf16_to_ulong (buffer);
}
@@ -112,7 +105,7 @@ _keybox_get_flag_location (const unsigne
*flag_off = 6;
*flag_size = 2;
break;
-
+
case KEYBOX_FLAG_OWNERTRUST:
case KEYBOX_FLAG_VALIDITY:
case KEYBOX_FLAG_CREATED_AT:
@@ -127,7 +120,7 @@ _keybox_get_flag_location (const unsigne
if (pos+2 > length)
return GPG_ERR_INV_OBJ; /* Out of bounds. */
/* Serial number. */
- nserial = get16 (buffer+pos);
+ nserial = get16 (buffer+pos);
pos += 2 + nserial;
if (pos+4 > length)
return GPG_ERR_INV_OBJ; /* Out of bounds. */
@@ -135,7 +128,7 @@ _keybox_get_flag_location (const unsigne
nuids = get16 (buffer + pos); pos += 2;
uidinfolen = get16 (buffer + pos); pos += 2;
if (uidinfolen < 12 )
- return GPG_ERR_INV_OBJ;
+ return GPG_ERR_INV_OBJ;
pos += uidinfolen*nuids;
if (pos+4 > length)
return GPG_ERR_INV_OBJ ; /* Out of bounds. */
@@ -143,7 +136,7 @@ _keybox_get_flag_location (const unsigne
nsigs = get16 (buffer + pos); pos += 2;
siginfolen = get16 (buffer + pos); pos += 2;
if (siginfolen < 4 )
- return GPG_ERR_INV_OBJ;
+ return GPG_ERR_INV_OBJ;
pos += siginfolen*nsigs;
if (pos+1+1+2+4+4+4+4 > length)
return GPG_ERR_INV_OBJ ; /* Out of bounds. */
@@ -190,7 +183,7 @@ get_flag_from_image (const unsigned char
case 4: *value = get32 (buffer + pos); break;
default: ec = GPG_ERR_BUG; break;
}
-
+
return ec;
}
@@ -218,7 +211,7 @@ blob_cmp_sn (KEYBOXBLOB blob, const unsi
return 0; /* out of bounds */
/*serial*/
- nserial = get16 (buffer+pos);
+ nserial = get16 (buffer+pos);
off = pos + 2;
if (off+nserial > length)
return 0; /* out of bounds */
@@ -316,7 +309,7 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
return 0; /* out of bounds */
/*serial*/
- nserial = get16 (buffer+pos);
+ nserial = get16 (buffer+pos);
pos += 2 + nserial;
if (pos+4 > length)
return 0; /* out of bounds */
@@ -332,7 +325,7 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
if (idx < 0)
{ /* compare all names starting with that (negated) index */
idx = -idx;
-
+
for ( ;idx < nuids; idx++)
{
size_t mypos = pos;
@@ -409,7 +402,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const ch
return 0; /* out of bounds */
/*serial*/
- nserial = get16 (buffer+pos);
+ nserial = get16 (buffer+pos);
pos += 2 + nserial;
if (pos+4 > length)
return 0; /* out of bounds */
@@ -428,7 +421,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const ch
for (idx=1 ;idx < nuids; idx++)
{
size_t mypos = pos;
-
+
mypos += idx*uidinfolen;
off = get32 (buffer+mypos);
len = get32 (buffer+mypos+4);
@@ -439,7 +432,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const ch
len--; /* one back */
if ( len < 3 || buffer[off+len] != '>')
continue; /* not a proper email address */
- len--;
+ len--;
if (substr)
{
if (ascii_memcasemem (buffer+off+1, len, name, namelen))
@@ -474,7 +467,7 @@ blob_x509_has_grip (KEYBOXBLOB blob, con
unsigned char array[20];
unsigned char *rcp;
size_t n;
-
+
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* Too short. */
@@ -527,7 +520,7 @@ blob_x509_has_grip (KEYBOXBLOB blob, con
/*
- The has_foo functions are used as helpers for search
+ The has_foo functions are used as helpers for search
*/
static inline int
has_short_kid (KEYBOXBLOB blob, const unsigned char *kid)
@@ -585,7 +578,7 @@ has_issuer_sn (KEYBOXBLOB blob, const ch
return 0;
namelen = strlen (name);
-
+
return (blob_cmp_sn (blob, sn, snlen)
&& blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0));
}
@@ -664,7 +657,7 @@ release_sn_array (struct sn_array_s *arr
*/
-int
+int
keybox_search_reset (KEYBOX_HANDLE hd)
{
if (!hd)
@@ -683,13 +676,13 @@ keybox_search_reset (KEYBOX_HANDLE hd)
}
hd->error = 0;
hd->eof = 0;
- return 0;
+ return 0;
}
/* Note: When in ephemeral mode the search function does visit all
blobs but in standard mode, blobs flagged as ephemeral are ignored. */
-int
+int
keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
{
int rc;
@@ -708,18 +701,18 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
hd->found.blob = NULL;
}
- if (hd->error)
+ if (hd->error)
return hd->error; /* still in error state */
- if (hd->eof)
+ if (hd->eof)
return -1; /* still EOF */
/* figure out what information we need */
need_words = any_skip = 0;
- for (n=0; n < ndesc; n++)
+ for (n=0; n < ndesc; n++)
{
- switch (desc[n].mode)
+ switch (desc[n].mode)
{
- case KEYDB_SEARCH_MODE_WORDS:
+ case KEYDB_SEARCH_MODE_WORDS:
need_words = 1;
break;
case KEYDB_SEARCH_MODE_FIRST:
@@ -729,7 +722,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
default:
break;
}
- if (desc[n].skipfnc)
+ if (desc[n].skipfnc)
any_skip = 1;
if (desc[n].snlen == -1 && !sn_array)
{
@@ -762,7 +755,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
int i, odd;
size_t snlen;
- for (n=0; n < ndesc; n++)
+ for (n=0; n < ndesc; n++)
{
if (!desc[n].sn)
;
@@ -830,14 +823,14 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
if (!hd->ephemeral && (blobflags & 2))
continue; /* Not in ephemeral mode but blob is flagged ephemeral. */
- for (n=0; n < ndesc; n++)
+ for (n=0; n < ndesc; n++)
{
switch (desc[n].mode)
{
- case KEYDB_SEARCH_MODE_NONE:
+ case KEYDB_SEARCH_MODE_NONE:
never_reached ();
break;
- case KEYDB_SEARCH_MODE_EXACT:
+ case KEYDB_SEARCH_MODE_EXACT:
if (has_subject_or_alt (blob, desc[n].u.name, 0))
goto found;
break;
@@ -854,7 +847,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
goto found;
break;
case KEYDB_SEARCH_MODE_MAILEND:
- case KEYDB_SEARCH_MODE_WORDS:
+ case KEYDB_SEARCH_MODE_WORDS:
never_reached (); /* not yet implemented */
break;
case KEYDB_SEARCH_MODE_ISSUER:
@@ -876,7 +869,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
if (has_subject (blob, desc[n].u.name))
goto found;
break;
- case KEYDB_SEARCH_MODE_SHORT_KID:
+ case KEYDB_SEARCH_MODE_SHORT_KID:
if (has_short_kid (blob, desc[n].u.kid))
goto found;
break;
@@ -893,20 +886,20 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
if (has_keygrip (blob, desc[n].u.grip))
goto found;
break;
- case KEYDB_SEARCH_MODE_FIRST:
+ case KEYDB_SEARCH_MODE_FIRST:
goto found;
break;
- case KEYDB_SEARCH_MODE_NEXT:
+ case KEYDB_SEARCH_MODE_NEXT:
goto found;
break;
- default:
+ default:
rc = gpg_error (GPG_ERR_INV_VALUE);
goto found;
}
}
continue;
- found:
- for (n=any_skip?0:ndesc; n < ndesc; n++)
+ found:
+ for (n=any_skip?0:ndesc; n < ndesc; n++)
{
/* if (desc[n].skipfnc */
/* && desc[n].skipfnc (desc[n].skipfncvalue, aki)) */
@@ -915,7 +908,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
if (n == ndesc)
break; /* got it */
}
-
+
if (!rc)
{
hd->found.blob = blob;
@@ -925,7 +918,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_
_keybox_release_blob (blob);
hd->eof = 1;
}
- else
+ else
{
_keybox_release_blob (blob);
hd->error = rc;
Index: gnupg-2.0.24/kbx/keybox-update.c
===================================================================
--- gnupg-2.0.24.orig/kbx/keybox-update.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/kbx/keybox-update.c 2015-11-19 14:48:55.844621828 +0100
@@ -26,6 +26,7 @@
#include <unistd.h>
#include "keybox-defs.h"
+#include "../include/host2net.h"
#define EXTSEP_S "."
@@ -65,12 +66,12 @@ fseeko (FILE * stream, off_t newpos, int
static int
create_tmp_file (const char *template,
char **r_bakfname, char **r_tmpfname, FILE **r_fp)
-{
+{
char *bakfname, *tmpfname;
-
+
*r_bakfname = NULL;
*r_tmpfname = NULL;
-
+
# ifdef USE_ONLY_8DOT3
/* Here is another Windoze bug?:
* you cant rename("pubring.kbx.tmp", "pubring.kbx");
@@ -87,7 +88,7 @@ create_tmp_file (const char *template,
return gpg_error_from_syserror ();
strcpy (bakfname, template);
strcpy (bakfname+strlen(template)-4, EXTSEP_S "kb_");
-
+
tmpfname = xtrymalloc (strlen (template) + 1);
if (!tmpfname)
{
@@ -98,14 +99,14 @@ create_tmp_file (const char *template,
strcpy (tmpfname,template);
strcpy (tmpfname + strlen (template)-4, EXTSEP_S "k__");
}
- else
+ else
{ /* File does not end with kbx, thus we hope we are working on a
modern file system and appending a suffix works. */
bakfname = xtrymalloc ( strlen (template) + 5);
if (!bakfname)
return gpg_error_from_syserror ();
strcpy (stpcpy (bakfname, template), EXTSEP_S "kb_");
-
+
tmpfname = xtrymalloc ( strlen (template) + 5);
if (!tmpfname)
{
@@ -120,7 +121,7 @@ create_tmp_file (const char *template,
if (!bakfname)
return gpg_error_from_syserror ();
strcpy (stpcpy (bakfname,template),"~");
-
+
tmpfname = xtrymalloc ( strlen (template) + 5);
if (!tmpfname)
{
@@ -172,7 +173,7 @@ rename_tmp_file (const char *bakfname, c
/* First make a backup file except for secret keyboxes. */
if (!secret)
- {
+ {
#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
remove (bakfname);
#endif
@@ -181,7 +182,7 @@ rename_tmp_file (const char *bakfname, c
return gpg_error_from_syserror ();
}
}
-
+
/* Then rename the file. */
#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
remove (fname);
@@ -199,7 +200,7 @@ rename_tmp_file (const char *bakfname, c
}
return rc;
}
-
+
return 0;
}
@@ -211,7 +212,7 @@ rename_tmp_file (const char *bakfname, c
3 = update
*/
static int
-blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
+blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
int secret, off_t start_offset)
{
FILE *fp, *newfp;
@@ -221,14 +222,14 @@ blob_filecopy (int mode, const char *fna
char buffer[4096];
int nread, nbytes;
- /* Open the source file. Because we do a rename, we have to check the
+ /* Open the source file. Because we do a rename, we have to check the
permissions of the file */
if (access (fname, W_OK))
return gpg_error_from_syserror ();
fp = fopen (fname, "rb");
if (mode == 1 && !fp && errno == ENOENT)
- {
+ {
/* Insert mode but file does not exist:
Create a new keybox file. */
newfp = fopen (fname, "wb");
@@ -267,10 +268,10 @@ blob_filecopy (int mode, const char *fna
fclose(fp);
goto leave;
}
-
+
/* prepare for insert */
if (mode == 1)
- {
+ {
/* Copy everything to the new file. */
while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 )
{
@@ -286,12 +287,12 @@ blob_filecopy (int mode, const char *fna
goto leave;
}
}
-
+
/* Prepare for delete or update. */
- if ( mode == 2 || mode == 3 )
- {
+ if ( mode == 2 || mode == 3 )
+ {
off_t current = 0;
-
+
/* Copy first part to the new file. */
while ( current < start_offset )
{
@@ -302,7 +303,7 @@ blob_filecopy (int mode, const char *fna
if (!nread)
break;
current += nread;
-
+
if (fwrite (buffer, nread, 1, newfp) != 1)
{
rc = gpg_error_from_syserror ();
@@ -314,24 +315,24 @@ blob_filecopy (int mode, const char *fna
rc = gpg_error_from_syserror ();
goto leave;
}
-
+
/* Skip this blob. */
rc = _keybox_read_blob (NULL, fp);
if (rc)
return rc;
}
-
+
/* Do an insert or update. */
if ( mode == 1 || mode == 3 )
- {
+ {
rc = _keybox_write_blob (blob, newfp);
if (rc)
return rc;
}
-
+
/* Copy the rest of the packet for an delete or update. */
if (mode == 2 || mode == 3)
- {
+ {
while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 )
{
if (fwrite (buffer, nread, 1, newfp) != 1)
@@ -346,7 +347,7 @@ blob_filecopy (int mode, const char *fna
goto leave;
}
}
-
+
/* Close both files. */
if (fclose(fp))
{
@@ -370,7 +371,7 @@ blob_filecopy (int mode, const char *fna
-#ifdef KEYBOX_WITH_X509
+#ifdef KEYBOX_WITH_X509
int
keybox_insert_cert (KEYBOX_HANDLE hd, ksba_cert_t cert,
unsigned char *sha1_digest)
@@ -380,12 +381,12 @@ keybox_insert_cert (KEYBOX_HANDLE hd, ks
KEYBOXBLOB blob;
if (!hd)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
if (!hd->kb)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
fname = hd->kb->fname;
if (!fname)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
/* Close this one otherwise we will mess up the position for a next
search. Fixme: it would be better to adjust the position after
@@ -439,12 +440,12 @@ keybox_set_flags (KEYBOX_HANDLE hd, int
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
if (!hd->kb)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
fname = hd->kb->fname;
if (!fname)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
off = _keybox_get_blob_fileoffset (hd->found.blob);
if (off == (off_t)-1)
@@ -454,7 +455,7 @@ keybox_set_flags (KEYBOX_HANDLE hd, int
ec = _keybox_get_flag_location (buffer, length, what, &flag_pos, &flag_size);
if (ec)
return gpg_error (ec);
-
+
off += flag_pos;
_keybox_close_file (hd);
@@ -476,7 +477,7 @@ keybox_set_flags (KEYBOX_HANDLE hd, int
switch (flag_size)
{
- case 1:
+ case 1:
case 2:
case 4:
if (fwrite (tmp+4-flag_size, flag_size, 1, fp) != 1)
@@ -512,10 +513,10 @@ keybox_delete (KEYBOX_HANDLE hd)
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
if (!hd->kb)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
fname = hd->kb->fname;
if (!fname)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
off = _keybox_get_blob_fileoffset (hd->found.blob);
if (off == (off_t)-1)
@@ -561,18 +562,18 @@ keybox_compress (KEYBOX_HANDLE hd)
int skipped_deleted;
if (!hd)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
if (!hd->kb)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
if (hd->secret)
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
fname = hd->kb->fname;
if (!fname)
- return gpg_error (GPG_ERR_INV_HANDLE);
+ return gpg_error (GPG_ERR_INV_HANDLE);
_keybox_close_file (hd);
- /* Open the source file. Because we do a rename, we have to check the
+ /* Open the source file. Because we do a rename, we have to check the
permissions of the file */
if (access (fname, W_OK))
return gpg_error_from_syserror ();
@@ -596,9 +597,8 @@ keybox_compress (KEYBOX_HANDLE hd)
buffer = _keybox_get_blob_image (blob, &length);
if (length > 4 && buffer[4] == BLOBTYPE_HEADER)
{
- u32 last_maint = ((buffer[20] << 24) | (buffer[20+1] << 16)
- | (buffer[20+2] << 8) | (buffer[20+3]));
-
+ u32 last_maint = buf32_to_u32 (buffer+20);
+
if ( (last_maint + 3*3600) > time (NULL) )
{
fclose (fp);
@@ -618,7 +618,7 @@ keybox_compress (KEYBOX_HANDLE hd)
return rc;;
}
-
+
/* Processing loop. By reading using _keybox_read_blob we
automagically skip any blobs flagged as deleted. Thus what we
only have to do is to check all ephemeral flagged blocks whether
@@ -663,24 +663,23 @@ keybox_compress (KEYBOX_HANDLE hd)
continue;
}
- if (_keybox_get_flag_location (buffer, length,
+ if (_keybox_get_flag_location (buffer, length,
KEYBOX_FLAG_BLOB, &pos, &size)
|| size != 2)
{
rc = gpg_error (GPG_ERR_BUG);
break;
}
- blobflags = ((buffer[pos] << 8) | (buffer[pos+1]));
+ blobflags = buf16_to_uint (buffer+pos);
if ((blobflags & KEYBOX_FLAG_BLOB_EPHEMERAL))
{
/* This is an ephemeral blob. */
- if (_keybox_get_flag_location (buffer, length,
+ if (_keybox_get_flag_location (buffer, length,
KEYBOX_FLAG_CREATED_AT, &pos, &size)
|| size != 4)
created_at = 0; /* oops. */
else
- created_at = ((buffer[pos] << 24) | (buffer[pos+1] << 16)
- | (buffer[pos+2] << 8) | (buffer[pos+3]));
+ created_at = buf32_to_u32 (buffer+pos);
if (created_at && created_at < cut_time)
{
Index: gnupg-2.0.24/scd/apdu.c
===================================================================
--- gnupg-2.0.24.orig/scd/apdu.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/scd/apdu.c 2015-11-19 14:48:55.844621828 +0100
@@ -58,6 +58,7 @@
#include "scdaemon.h"
#include "exechelp.h"
#endif /* GNUPG_MAJOR_VERSION != 1 */
+#include "../include/host2net.h"
#include "iso7816.h"
#include "apdu.h"
@@ -1013,15 +1014,14 @@ pcsc_get_status_wrapped (int slot, unsig
i? strerror (errno) : "premature EOF");
goto command_failed;
}
- len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4];
+ len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4)
{
log_error ("invalid response header from PC/SC received\n");
goto command_failed;
}
len -= 4; /* Already read the error code. */
- err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
- | (msgbuf[7] << 8 ) | msgbuf[8]);
+ err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
if (err)
{
log_error ("pcsc_status failed: %s (0x%lx)\n",
@@ -1181,15 +1181,14 @@ pcsc_send_apdu_wrapped (int slot, unsign
i? strerror (errno) : "premature EOF");
goto command_failed;
}
- len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4];
+ len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4)
{
log_error ("invalid response header from PC/SC received\n");
goto command_failed;
}
len -= 4; /* Already read the error code. */
- err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
- | (msgbuf[7] << 8 ) | msgbuf[8]);
+ err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
if (err)
{
log_error ("pcsc_transmit failed: %s (0x%lx)\n",
@@ -1321,15 +1320,14 @@ control_pcsc_wrapped (int slot, pcsc_dwo
i? strerror (errno) : "premature EOF");
goto command_failed;
}
- len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4];
+ len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4)
{
log_error ("invalid response header from PC/SC received\n");
goto command_failed;
}
len -= 4; /* Already read the error code. */
- err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
- | (msgbuf[7] << 8 ) | msgbuf[8]);
+ err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
if (err)
{
log_error ("pcsc_control failed: %s (0x%lx)\n",
@@ -1458,15 +1456,14 @@ close_pcsc_reader_wrapped (int slot)
i? strerror (errno) : "premature EOF");
goto command_failed;
}
- len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4];
+ len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4)
{
log_error ("invalid response header from PC/SC received\n");
goto command_failed;
}
len -= 4; /* Already read the error code. */
- err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
- | (msgbuf[7] << 8 ) | msgbuf[8]);
+ err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
if (err)
log_error ("pcsc_close failed: %s (0x%lx)\n",
pcsc_error_string (err), err);
@@ -1647,7 +1644,7 @@ reset_pcsc_reader_wrapped (int slot)
i? strerror (errno) : "premature EOF");
goto command_failed;
}
- len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4];
+ len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4)
{
log_error ("invalid response header from PC/SC received\n");
@@ -1661,8 +1658,7 @@ reset_pcsc_reader_wrapped (int slot)
sw = SW_HOST_GENERAL_ERROR;
goto command_failed;
}
- err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
- | (msgbuf[7] << 8 ) | msgbuf[8]);
+ err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
if (err)
{
log_error ("PC/SC RESET failed: %s (0x%lx)\n",
@@ -1753,9 +1749,9 @@ pcsc_vendor_specific_init (int slot)
if (l == 1)
v = p[0];
else if (l == 2)
- v = ((p[0] << 8) | p[1]);
+ v = buf16_to_uint (p);
else if (l == 4)
- v = ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+ v = buf32_to_uint (p);
if (code == FEATURE_VERIFY_PIN_DIRECT)
reader_table[slot].pcsc.verify_ioctl = v;
@@ -1814,9 +1810,9 @@ pcsc_vendor_specific_init (int slot)
if (l == 1)
v = p[0];
else if (l == 2)
- v = ((p[1] << 8) | p[0]);
+ v = (((unsigned int)p[1] << 8) | p[0]);
else if (l == 4)
- v = ((p[3] << 24) | (p[2] << 16) | (p[1] << 8) | p[0]);
+ v = (((unsigned int)p[3] << 24) | (p[2] << 16) | (p[1] << 8) | p[0]);
if (tag == PCSCv2_PART10_PROPERTY_bMinPINSize)
reader_table[slot].pcsc.pinmin = v;
@@ -2112,7 +2108,7 @@ open_pcsc_reader_wrapped (const char *po
i? strerror (errno) : "premature EOF");
goto command_failed;
}
- len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4];
+ len = buf32_to_size_t (msgbuf+1);
if (msgbuf[0] != 0x81 || len < 4)
{
log_error ("invalid response header from PC/SC received\n");
@@ -2125,8 +2121,7 @@ open_pcsc_reader_wrapped (const char *po
(unsigned long)len);
goto command_failed;
}
- err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
- | (msgbuf[7] << 8 ) | msgbuf[8]);
+ err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5));
if (err)
{
Index: gnupg-2.0.24/scd/app-openpgp.c
===================================================================
--- gnupg-2.0.24.orig/scd/app-openpgp.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/scd/app-openpgp.c 2015-11-19 14:48:55.845621844 +0100
@@ -66,6 +66,7 @@
#include "iso7816.h"
#include "app-common.h"
#include "tlv.h"
+#include "../include/host2net.h"
/* A table describing the DOs of the card. */
@@ -805,7 +806,7 @@ send_fprtime_if_not_null (ctrl_t ctrl, c
char numbuf1[50], numbuf2[50];
unsigned long value;
- value = (stamp[0] << 24) | (stamp[1]<<16) | (stamp[2]<<8) | stamp[3];
+ value = buf32_to_ulong (stamp);
if (!value)
return;
sprintf (numbuf1, "%d", number);
Index: gnupg-2.0.24/scd/ccid-driver.c
===================================================================
--- gnupg-2.0.24.orig/scd/ccid-driver.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/scd/ccid-driver.c 2015-11-19 14:48:55.846621859 +0100
@@ -94,6 +94,7 @@
#include "scdaemon.h"
#include "iso7816.h"
#include "ccid-driver.h"
+#include "../include/host2net.h"
#define DRVNAME "ccid-driver: "
@@ -316,7 +317,7 @@ static int send_escape_cmd (ccid_driver_
static unsigned int
convert_le_u32 (const unsigned char *buf)
{
- return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24);
+ return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24);
}
Index: gnupg-2.0.24/scd/pcsc-wrapper.c
===================================================================
--- gnupg-2.0.24.orig/scd/pcsc-wrapper.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/scd/pcsc-wrapper.c 2015-11-19 14:48:55.846621859 +0100
@@ -273,7 +273,7 @@ read_32 (FILE *fp)
fprintf (stderr, PGM ": premature EOF while parsing request\n");
exit (1);
}
- return (c1 << 24) | (c2 << 16) | (c3 << 8) | c4;
+ return ((unsigned long)c1 << 24) | (c2 << 16) | (c3 << 8) | c4;
}
@@ -760,7 +760,8 @@ handle_control (unsigned char *argbuf, s
if (arglen < 4)
bad_request ("CONTROL");
- ioctl_code = (argbuf[0] << 24) | (argbuf[1] << 16) | (argbuf[2] << 8) | argbuf[3];
+ ioctl_code = (((pcsc_dword_t)argbuf[0] << 24)
+ | (argbuf[1] << 16) | (argbuf[2] << 8) | argbuf[3]);
argbuf += 4;
arglen -= 4;
Index: gnupg-2.0.24/tools/ccidmon.c
===================================================================
--- gnupg-2.0.24.orig/tools/ccidmon.c 2014-06-24 13:50:15.000000000 +0200
+++ gnupg-2.0.24/tools/ccidmon.c 2015-11-19 14:48:55.846621859 +0100
@@ -52,7 +52,7 @@ static int debug;
static int skip_escape;
static int usb_bus, usb_dev;
static int sniffusb;
-
+
/* Error counter. */
static int any_error;
@@ -142,19 +142,19 @@ err (const char *format, ...)
/* Convert a little endian stored 4 byte value into an unsigned
integer. */
-static unsigned int
+static unsigned int
convert_le_u32 (const unsigned char *buf)
{
- return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24);
+ return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24);
}
/* Convert a little endian stored 2 byte value into an unsigned
integer. */
-static unsigned int
+static unsigned int
convert_le_u16 (const unsigned char *buf)
{
- return buf[0] | (buf[1] << 8);
+ return buf[0] | (buf[1] << 8);
}
@@ -182,7 +182,7 @@ print_pr_data (const unsigned char *data
putchar ('\n');
}
-
+
static void
print_p2r_header (const char *name, const unsigned char *msg, size_t msglen)
{
@@ -359,7 +359,7 @@ print_p2r_unknown (const unsigned char *
{
char buf[100];
- snprintf (buf, sizeof buf, "Unknown PC_to_RDR command 0x%02X",
+ snprintf (buf, sizeof buf, "Unknown PC_to_RDR command 0x%02X",
msglen? msg[0]:0);
print_p2r_header (buf, msg, msglen);
if (msglen < 10)
@@ -466,7 +466,7 @@ print_r2p_slotstatus (const unsigned cha
msg[9] == 3? " (stopped)":"");
print_pr_data (msg, msglen, 10);
}
-
+
static void
print_r2p_parameters (const unsigned char *msg, size_t msglen)
@@ -527,7 +527,7 @@ print_r2p_unknown (const unsigned char *
{
char buf[100];
- snprintf (buf, sizeof buf, "Unknown RDR_to_PC command 0x%02X",
+ snprintf (buf, sizeof buf, "Unknown RDR_to_PC command 0x%02X",
msglen? msg[0]:0);
print_r2p_header (buf, msg, msglen);
if (msglen < 10)
@@ -571,7 +571,7 @@ flush_data (void)
{
if (!databuffer.count)
return;
-
+
if (verbose)
printf ("Address: %s\n", databuffer.address);
if (databuffer.is_bi)
@@ -684,7 +684,7 @@ parse_line (char *line, unsigned int lin
p = strtok (NULL, " ");
if (!p)
return; /* No data length. */
-
+
datatag = strtok (NULL, " ");
if (datatag && *datatag == '=')
{
@@ -707,10 +707,10 @@ parse_line_sniffusb (char *line, unsigne
return;
p = strtok (NULL, " \t");
if (!p)
- return;
+ return;
p = strtok (NULL, " \t");
if (!p)
- return;
+ return;
if (hexdigitp (p[0]) && hexdigitp (p[1])
&& hexdigitp (p[2]) && hexdigitp (p[3])
@@ -718,7 +718,7 @@ parse_line_sniffusb (char *line, unsigne
{
size_t length;
unsigned int value;
-
+
length = databuffer.count;
while ((p=strtok (NULL, " \t")))
{
@@ -791,7 +791,7 @@ parse_input (FILE *fp)
}
-int
+int
main (int argc, char **argv)
{
int last_argc = -1;
@@ -845,7 +845,7 @@ main (int argc, char **argv)
sniffusb = 1;
argc--; argv++;
}
- }
+ }
if (argc && sniffusb)
die ("no arguments expected when using --sniffusb\n");
@@ -855,14 +855,14 @@ main (int argc, char **argv)
if (argc == 1)
{
const char *s = strchr (argv[0], ':');
-
+
usb_bus = atoi (argv[0]);
if (s)
usb_dev = atoi (s+1);
if (usb_bus < 1 || usb_bus > 999 || usb_dev < 1 || usb_dev > 999)
die ("invalid bus:dev specified");
}
-
+
signal (SIGPIPE, SIG_IGN);
Index: gnupg-2.0.24/g10/sign.c
===================================================================
--- gnupg-2.0.24.orig/g10/sign.c 2015-11-19 14:48:55.744620281 +0100
+++ gnupg-2.0.24/g10/sign.c 2015-11-19 14:56:06.154267929 +0100
@@ -41,6 +41,7 @@
#include "pkglue.h"
#include "sysutils.h"
#include "call-agent.h"
+#include "../include/host2net.h"
#ifdef HAVE_DOSISH_SYSTEM
@@ -1049,7 +1050,7 @@ sign_file( strlist_t filenames, int deta
sigclass = ts[0];
if (sigclass != 0x00 && sigclass != 0x01)
log_bug("bad cipher class\n");
- timestamp = buffer_to_u32(ts + 1);
+ timestamp = buf32_to_u32(ts + 1);
}
else {
/* read, so that the filter can calculate the digest */
