GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bfe18a0651
gpgme/src
History
Werner Koch 2cbd76f791 Fix possible realloc overflow for gpgsm and uiserver engines. 
* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):
--

After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded.  Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order.  This is not easy exploitable because libassuan constructs the
line.  However a crash has been reported and thus it might be possible
to constructs an exploit.

CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka
2014-07-30 11:04:55 +02:00
..
.gitignore .gitignore: flesh out rules and add subdirectory-.gitignores. 2012-04-20 16:05:11 +02:00
assuan-support.c w32: Add comment about a compiler warning 2014-06-26 10:41:46 +02:00
ath-pthread.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
ath.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
ath.h Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-02 11:36:37 +01:00
context.h Add public function gpgme_set_pinentry_mode. 2013-02-07 20:59:16 +01:00
conversion.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
data-compat.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-fd.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-identify.c Add function gpgme_data_identify. 2013-08-09 19:19:26 +02:00
data-mem.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-stream.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-user.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data.h Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
debug.c Simplify a debug code function. 2013-05-06 20:22:23 +02:00
debug.h Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
decrypt-verify.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
decrypt.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
delete.c Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
dirinfo.c Add gpgme_get_dirinfo. 2014-04-10 11:48:20 +02:00
edit.c Fix possible segv in the gpgme_op_card_edit. 2013-08-19 20:40:10 +02:00
encrypt-sign.c Allow symmetric encryption with gpgme_op_encrypt_sign. 2013-05-22 16:31:51 +02:00
encrypt.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
engine-assuan.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine-backend.h Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
engine-g13.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine-gpg.c Add new keylist mode GPGME_KEYLIST_MODE_WITH_SECRET. 2014-06-04 09:57:54 +02:00
engine-gpgconf.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine-gpgsm.c Fix possible realloc overflow for gpgsm and uiserver engines. 2014-07-30 11:04:55 +02:00
engine-spawn.c Fix a memory access and a double slash bug. 2014-05-08 20:35:57 +02:00
engine-uiserver.c Fix possible realloc overflow for gpgsm and uiserver engines. 2014-07-30 11:04:55 +02:00
engine.c Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
engine.h Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
error.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
export.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
funopen.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
genkey.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
get-env.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
getauditlog.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
gpgconf.c Make gpgconf engine work again - fixes 02ba35c1. 2014-01-07 17:59:59 +01:00
gpgme-config.in Remove unused pth stuff from gpgme-config. 2012-05-02 10:43:22 +02:00
gpgme-tool.c Add new keylist mode GPGME_KEYLIST_MODE_WITH_SECRET. 2014-06-04 09:57:54 +02:00
gpgme-w32spawn.c w32: Get IOSPAWN flag back in sync with spawn helper. 2014-06-26 10:42:56 +02:00
gpgme.c Add field CURVE to the key info. 2014-05-08 20:39:15 +02:00
gpgme.def Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
gpgme.h.in Add new keylist mode GPGME_KEYLIST_MODE_WITH_SECRET. 2014-06-04 09:57:54 +02:00
gpgme.m4 Remove support for libgpgme-pth. 2011-10-25 18:59:26 +02:00
import.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
isascii.c 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
kdpipeiodevice.cpp 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
kdpipeiodevice.h 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
kdpipeiodevice.moc 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
key.c Add field CURVE to the key info. 2014-05-08 20:39:15 +02:00
keylist.c Add new keylist mode GPGME_KEYLIST_MODE_WITH_SECRET. 2014-06-04 09:57:54 +02:00
libgpgme.vers Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
Makefile.am Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
moc_kdpipeiodevice.cpp 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
op-support.c Add new reason codes to the INV_RECP status code. 2014-06-10 14:52:06 +02:00
opassuan.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
ops.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
parsetlv.c Add function gpgme_data_identify. 2013-08-09 19:19:26 +02:00
parsetlv.h Add function gpgme_data_identify. 2013-08-09 19:19:26 +02:00
passphrase.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
passwd.c Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
posix-io.c Fix possible zombie processes. 2014-04-15 12:25:45 +02:00
posix-sema.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
posix-util.c Fix a memory access and a double slash bug. 2014-05-08 20:35:57 +02:00
priv-io.h w32: Get IOSPAWN flag back in sync with spawn helper. 2014-06-26 10:42:56 +02:00
progress.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
putc_unlocked.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
sema.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
setenv.c More include guards. 2010-11-03 09:56:27 +00:00
sig-notation.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
sign.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
signers.c Add function gpgme_signers_count. 2013-06-18 10:27:46 +02:00
spawn.c Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
status-table.c Add 6 new GPGME_STATUS_ codes. 2014-05-13 16:08:01 +02:00
stpcpy.c 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
sys-util.h Add global flags disable-gpgconf, gpgconf-name, and gpg-name. 2014-01-06 17:16:52 +01:00
trust-item.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
trustlist.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
ttyname_r.c Fix ttyname problem on Android. 2012-10-24 16:44:34 +02:00
util.h Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
vasprintf.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
verify.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
version.c Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
versioninfo.rc.in Change the various version numbers to the new scheme. 2013-02-26 17:10:18 +01:00
vfs-create.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
vfs-mount.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-ce.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-ce.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-glib-io.c Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
w32-io.c w32: Fix another memleak on error. 2014-04-16 10:19:54 +02:00
w32-qt-io.cpp Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
w32-sema.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-util.c w32: Fix memleak in an error code paths. 2014-04-15 22:18:04 +02:00
wait-global.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
wait-private.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
wait-user.c Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
wait.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
wait.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00