diff options
| author | David Shaw <[email protected]> | 2003-12-06 01:41:00 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2003-12-06 01:41:00 +0000 |
| commit | 23e102f2e7a8e27a513c52758a43245ac23efb41 (patch) | |
| tree | 747e82781b4f362dd3b6c9afae1cb19b98243402 | |
| parent | * http.c (send_request): Add a Host: header for virtual hosts. (diff) | |
| download | gnupg-23e102f2e7a8e27a513c52758a43245ac23efb41.tar.gz gnupg-23e102f2e7a8e27a513c52758a43245ac23efb41.zip | |
* gpgkeys_ldap.c (main): Avoid possible pre-string write.
* gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Fix memory corruption bug on
some platforms. From devel. (search_key): Catch a mangled input file
(useful if something other than GnuPG is calling the program). (main):
Avoid possible pre-string write. Noted by Christian Biere.
| -rw-r--r-- | keyserver/ChangeLog | 11 | ||||
| -rw-r--r-- | keyserver/gpgkeys_hkp.c | 15 | ||||
| -rw-r--r-- | keyserver/gpgkeys_ldap.c | 7 |
3 files changed, 27 insertions, 6 deletions
diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog index 4fcaa74c7..04702fa3e 100644 --- a/keyserver/ChangeLog +++ b/keyserver/ChangeLog @@ -1,3 +1,14 @@ +2003-12-05 David Shaw <[email protected]> + + * gpgkeys_ldap.c (main): Avoid possible pre-string write. + + * gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Fix memory + corruption bug on some platforms. From devel. + (search_key): Catch a mangled input file (useful if something + other than GnuPG is calling the program). + (main): Avoid possible pre-string write. Noted by Christian + Biere. + 2003-11-27 Werner Koch <[email protected]> * gpgkeys_hkp.c (get_key): Fixed bad use of fprintf w/o format diff --git a/keyserver/gpgkeys_hkp.c b/keyserver/gpgkeys_hkp.c index 92aa05800..72fa61ef9 100644 --- a/keyserver/gpgkeys_hkp.c +++ b/keyserver/gpgkeys_hkp.c @@ -362,6 +362,8 @@ dehtmlize(char *line) while(isspace(((unsigned char *)parsed)[parsedindex])) { parsed[parsedindex]='\0'; + if(parsedindex==0) + break; parsedindex--; } } @@ -479,7 +481,7 @@ parse_hkp_index(IOBUF buffer,char *line) line+=4; tok=strsep(&line,"/"); - if(tok==NULL) + if(tok==NULL || strlen(tok)==0) return ret; if(tok[strlen(tok)-1]=='R') @@ -576,6 +578,12 @@ int search_key(char *searchkey) request++; } + if(!search) + { + fprintf(console,"gpgkeys: corrupt input?\n"); + return -1; + } + search[len]='\0'; fprintf(console,("gpgkeys: searching for \"%s\" from HKP server %s\n"), @@ -827,7 +835,7 @@ int main(int argc,char *argv[]) break; else { - if(line[0]=='\n') + if(line[0]=='\n' || line[0]=='\0') break; work=malloc(sizeof(struct keylist)); @@ -953,7 +961,8 @@ int main(int argc,char *argv[]) } /* Nail that last space */ - searchkey[strlen(searchkey)-1]='\0'; + if(*searchkey) + searchkey[strlen(searchkey)-1]='\0'; if(search_key(searchkey)==-1) { diff --git a/keyserver/gpgkeys_ldap.c b/keyserver/gpgkeys_ldap.c index f0015ff53..963503cf5 100644 --- a/keyserver/gpgkeys_ldap.c +++ b/keyserver/gpgkeys_ldap.c @@ -467,7 +467,7 @@ int search_key(char *searchkey) char **vals; LDAPMessage *res,*each; int err,count; - /* The maxium size of the search, including the optional stuff and + /* The maximum size of the search, including the optional stuff and the trailing \0 */ char search[2+12+MAX_LINE+2+15+14+1+1]; char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled", @@ -782,7 +782,7 @@ int main(int argc,char *argv[]) break; else { - if(line[0]=='\n') + if(line[0]=='\n' || line[0]=='\0') break; work=malloc(sizeof(struct keylist)); @@ -968,7 +968,8 @@ int main(int argc,char *argv[]) } /* Nail that last "*" */ - searchkey[strlen(searchkey)-1]='\0'; + if(*searchkey) + searchkey[strlen(searchkey)-1]='\0'; if(search_key(searchkey)==-1) { |