Commit Graph

15 Commits

Author SHA1 Message Date
Werner Koch
fde20940b5
core: New data flags "io-buffer-size" and "sensitive".
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.

* src/conversion.c (_gpgme_wipememory): New.  Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.

* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--

GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-14 19:51:28 +02:00
Werner Koch
eb99e8c483
Require at least libgpg-error 1.36
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.36.
* src/cJSON.c: Remove code for older version.
* src/engine.c (gpgme_get_engine_info): Ditto.
* src/gpgme-json.c: Ditto.
* src/op-support.c: Ditto.
* src/util.h: Ditto.
--

Libgpg-error 1.36 has been released more than 18 months ago so it is
time to avoid hacks and require this verion.  This will for example
help Kleopatra to support PIV cards and improves the gpgme-json.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 11:50:46 +01:00
Werner Koch
f56c996318
json: Print "nan", "-inf", "inf" if needed.
* src/cJSON.c (print_number): Print NaN and INF.
--

GnuPG-bug-id: 4328
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-04 10:56:48 +02:00
Werner Koch
fabe96126b
json: Improve handling of large exponents in the JSON parsor.
* src/cJSON.c: Include stdint.h.
(parse_number): Avoid overflob in SUBSCALE and cap integer values.
--

GnuPG-bug-id: 4330
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-04 10:42:40 +02:00
Andre Heinecke
4a117859e7
json: Limit recursion depth
* src/cJSON.c (MAX_DEPTH): New. Maximum recursion depth.
(parse_value, parse_array, parse_object): Carry and check
depth argument.
(cJSON_ParseWithOpts): Initialize depth.

--
This fixes a stack overflow if we get weird recursive
json data.

GnuPG-Bug-Id: T4331
2019-02-27 14:27:47 +01:00
Werner Koch
8b41fb08f0
core: Silence newer compiler warnings.
* configure.ac: Add -Wno-format-truncation and
  -Wno-sizeof-pointer-div.
* src/b64dec.c (_gpgme_b64dec_proc): Add fallthrough annotation.
* src/cJSON.c (parse_string): Ditto.
* src/gpgme-json.c (main): Ditto.
--

gcc 8 enables a couple of new warnings.  Some of them are useless for
us.  In particular:

  util.h:42:26: warning: division 'sizeof (char *) / sizeof (char)'
  does not compute the number of array elements [-Wsizeof-pointer-div]
  #define DIM(v) (sizeof(v)/sizeof((v)[0])) ^

  trustlist.c:101:22: note:
  in expansion of macro 'DIM' if (strlen (p) == DIM(item->keyid) - 1)

Which is a real standard way to use DIM, here the right hand side is
equivalent to sizeof but nevertheless it is correct.  Yes sir, we know
C.

The format string warnings I have seen were assuming that the time
structure returns valued out of scope - but if the system is that
broken, the s_n_printf catches this.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-17 16:47:27 +01:00
Andre Heinecke
4dd1d0abd3
json: Wipe memory in cJSON_Delete
* src/cJSON.c (cJSON_Delete): Wipe memory on deletion.
2018-08-08 14:27:24 +02:00
Andre Heinecke
fdc07b3ddc
json: Only use calloc instead of malloc
* src/cJSON.c, src/gpgme-json.c (CALLOC_ONLY): New define
to change xmalloc / xtrymalloc to use calloc.

--
Some people consider malloc dangerous as it might allow an
information leak.
2018-08-08 14:25:28 +02:00
Andre Heinecke
974a95db04
json: Add checks when skipping byte
* src/cJSON.c (parse_string, cJSON_Minify): Check for
terminating NULL byte when skipping the byte after a an escaped
quote.
2018-08-08 13:30:01 +02:00
Werner Koch
1933f5b805
json: Minor cleanups in cJSON.c
* src/cJSON.c: Add comments on the origin of the code.
(parse_string): Allocate an extra byte for safeness.
(cJSON_AddItemToArray): Allo ARRAY to be NULL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-16 14:42:30 +02:00
Werner Koch
013a7f47ab
json: Fix buffer overflow in cJSON.c
* src/cJSON.c (parse_string): Correctly detect bad hex.
--

The call to parse_hex4 checks that only hex digits follow and in the
error case returns 0.  However, by the time of the combined check for
an invalid value and the error PTR has already been set to the last
hex character and thus if the end-of-string or a quote character was
one of the bad hex digits the loop will miss the end of the string
which does not match with the simple buffer length allocation test at
the begin of the function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-16 12:37:06 +02:00
Werner Koch
998fec8a4f
json: Allow to compile with libgpg-error < 1.28
* src/cJSON.c: Use gpgrt fucntion only if available.
--

We have a hack in gpgme-json to allow building with older libgpg-error
versions.  That whole thing will not work but the instead the binary
will print an error at runtime that it needs to be build with a newer
libgcrypt.  There was a little bug here for the Debian packages
libgpg-error versions which failed to build cJSON.  cJSON is only
needed be the full gpgme-json but nevertheless the Makefile wants to
build it.  The fix is straightforward.

GnuPG-bug-id: 3971
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-05 09:40:17 +02:00
Werner Koch
6525d78d0a
json: Add a new function to cJSON.
* src/cJSON.c (cJSON_CreateStringConvey): New.
2018-03-23 11:26:36 +01:00
Werner Koch
81c90d0cd0
core: Adjust cJSON code for use in GPGME.
* src/cJSON.c: Remove util.h.  Use gpgrt alloc functions.
(cJSON_Delete): Do not clobber ERRNO.
(cJSON_AddItemToObject): Return OBJECT or NULL.
(cJSON_AddNullToObject): New.
(cJSON_AddTrueToObject): New.
(cJSON_AddFalseToObject): New.
(cJSON_AddBoolToObject): New.
(cJSON_AddNumberToObject): New.
(cJSON_AddStringToObject): New.
* src/cJSON.h (cJSON__h): Replace macro by cJSON_h for C compliance.
(cJSON_AddNullToObject): Remove macro.
(cJSON_AddTrueToObject): Remove macro.
(cJSON_AddFalseToObject): Remove macro.
(cJSON_AddBoolToObject): Remove macro.
(cJSON_AddNumberToObject): Remove macro.
(cJSON_AddStringToObject): Remove macro.
--

The gpgrt malloc functions are used so that we can easily mix memory
returned by gpgrt (e.g. es_read_line) with memory returned from the
JSON function.  In general that is not needed but on Windows it makes
a difference if the gpgme DLL is linked to a different C runtime
than the application.

The macros have been replaced to allow error checking (i.e out of
core) for these functions.  More error checking should be implemented
instead of silently creating objects which are not as requested.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-16 13:36:04 +01:00
Werner Koch
8eb08b3189
core: Import cJSON code from the payproc project.
* src/cJSON.c: New.
* src/cJSON.h: New.
* src/cJSON.readme: New.
--

This is a copy of the code from the payproc commit
af5d6b4f820ee19e246a2cab6f56465fe91f1233.  The code was originally
added to payproc with the commit below.

Signed-off-by: Werner Koch <wk@gnupg.org>

===============================================
commit 7ae7ef29bc5ec19e005e6a5a739233d655f3f05f
Author:     Werner Koch <wk@gnupg.org>
AuthorDate: Wed Apr 2 09:01:42 2014 +0200
Commit:     Werner Koch <wk@gnupg.org>
CommitDate: Wed Apr 2 09:12:02 2014 +0200

Simplify cJSON and add new macros.

* src/cJSON.h: Re-indented.
(cjson_t): New.
(cjson_is_): New macros.
* src/cJSON.c: Re-indented.  Include errno.h and our util.h.
(ep): Remove global var.
(cJSON_GetErrorPtr): Remove.
(cJSON_strcasecmp): Cast args for use with tolower.
(cJSON_malloc, cJSON_free): Remove.  Change callers to use xtrymalloc
and xfree.
(cJSON_InitHooks): Remove.
(cJSON_strdup): Remove.  Change callers to use xtrystrdup.
(cJSON_New_Item): Simplify.
(cJSON_ParseWithOpts, cJSON_Parse): Add arg R_ERROFF.
(parse_string, parse_value, parse_array, parse_object): Add arg EP.
--

cJSON has been taken from cjson-code-58.zip.  The README file has been
renamed to cJSON.readme and the files have been changed to GNU coding
standards.  Because that parser is small enough to be source copied it
does not make sense to treat it as a library and I changed the memory
allocation functions to the usual xmalloc ones. The only external
dependency now is out util.h which declares those functions.

The lowercase cjson_t better fits into our coding style as well as the
new macros.  Thanks to Dave Gamble for this nice parser.
===============================================
2018-03-14 11:10:12 +01:00