GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
de4a1ea684
gpgme/src
History
Werner Koch de4a1ea684 Fix a memory access and a double slash bug. 
* src/engine-spawn.c (engspawn_start): Allocate space for list
terminator.
* src/posix-util.c (walk_path): Fix trailing slash detection.
--

Kudos to Valgrind for pointing out these two problems.

The first is a plain allocation bug in a code pattern I have written
thousands of times - this time it went wrong.  The allocation is not
user controlled thus not directly exploitable.

The second is missed to do what it intended to do.  Found due to the
access of malloced but not initialized memory.  Not using calloc
again proved to be helpful to detect logical error.
2014-05-08 20:35:57 +02:00
..
.gitignore .gitignore: flesh out rules and add subdirectory-.gitignores. 2012-04-20 16:05:11 +02:00
assuan-support.c Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
ath-pthread.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
ath.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
ath.h Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-02 11:36:37 +01:00
context.h Add public function gpgme_set_pinentry_mode. 2013-02-07 20:59:16 +01:00
conversion.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
data-compat.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-fd.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-identify.c Add function gpgme_data_identify. 2013-08-09 19:19:26 +02:00
data-mem.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-stream.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data-user.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data.c Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
data.h Make definition of off_t robust against misbehaving w32 toolchains. 2013-05-16 17:48:50 +02:00
debug.c Simplify a debug code function. 2013-05-06 20:22:23 +02:00
debug.h Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
decrypt-verify.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
decrypt.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
delete.c Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
dirinfo.c Add gpgme_get_dirinfo. 2014-04-10 11:48:20 +02:00
edit.c Fix possible segv in the gpgme_op_card_edit. 2013-08-19 20:40:10 +02:00
encrypt-sign.c Allow symmetric encryption with gpgme_op_encrypt_sign. 2013-05-22 16:31:51 +02:00
encrypt.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
engine-assuan.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine-backend.h Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
engine-g13.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine-gpg.c Add GPGME_ENCRYPT_NO_COMPRESS flag. 2014-05-08 11:31:30 +02:00
engine-gpgconf.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine-gpgsm.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine-spawn.c Fix a memory access and a double slash bug. 2014-05-08 20:35:57 +02:00
engine-uiserver.c Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
engine.c Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
engine.h Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
error.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
export.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
funopen.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
genkey.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
get-env.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
getauditlog.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
gpgconf.c Make gpgconf engine work again - fixes 02ba35c1. 2014-01-07 17:59:59 +01:00
gpgme-config.in Remove unused pth stuff from gpgme-config. 2012-05-02 10:43:22 +02:00
gpgme-tool.c Add GPGME_ENCRYPT_NO_COMPRESS flag. 2014-05-08 11:31:30 +02:00
gpgme-w32spawn.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
gpgme.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
gpgme.def Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
gpgme.h.in Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
gpgme.m4 Remove support for libgpgme-pth. 2011-10-25 18:59:26 +02:00
import.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
isascii.c 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
kdpipeiodevice.cpp 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
kdpipeiodevice.h 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
kdpipeiodevice.moc 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
key.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
keylist.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
libgpgme.vers Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
Makefile.am Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. 2014-04-10 13:01:00 +02:00
moc_kdpipeiodevice.cpp 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
op-support.c Add public function gpgme_set_pinentry_mode. 2013-02-07 20:59:16 +01:00
opassuan.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
ops.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
parsetlv.c Add function gpgme_data_identify. 2013-08-09 19:19:26 +02:00
parsetlv.h Add function gpgme_data_identify. 2013-08-09 19:19:26 +02:00
passphrase.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
passwd.c Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
posix-io.c Fix possible zombie processes. 2014-04-15 12:25:45 +02:00
posix-sema.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
posix-util.c Fix a memory access and a double slash bug. 2014-05-08 20:35:57 +02:00
priv-io.h Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
progress.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
putc_unlocked.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
sema.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
setenv.c More include guards. 2010-11-03 09:56:27 +00:00
sig-notation.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
sign.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
signers.c Add function gpgme_signers_count. 2013-06-18 10:27:46 +02:00
spawn.c Actually implement flags for gpgme_op_spawn. 2014-04-10 14:17:19 +02:00
status-table.c status-table.c: include string.h for strcmp. 2012-04-13 10:02:39 +02:00
stpcpy.c 008-11-03 Marcus Brinkmann <marcus@g10code.com> 2008-11-03 17:24:09 +00:00
sys-util.h Add global flags disable-gpgconf, gpgconf-name, and gpg-name. 2014-01-06 17:16:52 +01:00
trust-item.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
trustlist.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
ttyname_r.c Fix ttyname problem on Android. 2012-10-24 16:44:34 +02:00
util.h Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
vasprintf.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
verify.c Map public key algos returned by gpg to gpgme values. 2014-05-08 14:11:58 +02:00
version.c Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
versioninfo.rc.in Change the various version numbers to the new scheme. 2013-02-26 17:10:18 +01:00
vfs-create.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
vfs-mount.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-ce.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-ce.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-glib-io.c Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
w32-io.c w32: Fix another memleak on error. 2014-04-16 10:19:54 +02:00
w32-qt-io.cpp Make use of internal iospawn flags more flexible. 2014-04-10 11:39:14 +02:00
w32-sema.c Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00
w32-util.c w32: Fix memleak in an error code paths. 2014-04-15 22:18:04 +02:00
wait-global.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
wait-private.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
wait-user.c Trace the use of GPG_ERR_INV_ENGINE. 2012-10-19 11:23:39 +02:00
wait.c Use gpg_error_from_syserror instead of directly accessing errno. 2013-02-06 17:35:40 +01:00
wait.h Remove all trailing whitespace from source files 2012-09-25 15:29:49 +02:00