rpms/gnupg/devel gnupg-1.4.9-fortify.patch,NONE,1.1
Nalin Dahyabhai
nalin at fedoraproject.org
Thu Jul 16 18:44:12 UTC 2009
Author: nalin
Update of /cvs/pkgs/rpms/gnupg/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv13773
Added Files:
gnupg-1.4.9-fortify.patch
Log Message:
Alter the layout of "struct para_data_s" to not trigger #511573. Hopefully
we won't need this.
gnupg-1.4.9-fortify.patch:
--- NEW FILE gnupg-1.4.9-fortify.patch ---
Move the 'value' field out of the union to make it the last field in the
structure, so that we don't unconditionally trigger __fortify_fail().
diff -up gnupg-1.4.9/g10/keygen.c gnupg-1.4.9/g10/keygen.c
--- gnupg-1.4.9/g10/keygen.c 2009-07-16 13:06:28.000000000 -0400
+++ gnupg-1.4.9/g10/keygen.c 2009-07-16 13:06:22.000000000 -0400
@@ -81,8 +81,8 @@ struct para_data_s {
u32 expire;
unsigned int usage;
struct revocation_key revkey;
- char value[1];
} u;
+ char value[1];
};
struct output_control_s {
@@ -2005,7 +2005,7 @@ static const char *
get_parameter_value( struct para_data_s *para, enum para_name key )
{
struct para_data_s *r = get_parameter( para, key );
- return (r && *r->u.value)? r->u.value : NULL;
+ return (r && *r->value)? r->value : NULL;
}
static int
@@ -2015,10 +2015,10 @@ get_parameter_algo( struct para_data_s *
struct para_data_s *r = get_parameter( para, key );
if( !r )
return -1;
- if( digitp( r->u.value ) )
- i = atoi( r->u.value );
+ if( digitp( r->value ) )
+ i = atoi( r->value );
else
- i = string_to_pubkey_algo( r->u.value );
+ i = string_to_pubkey_algo( r->value );
if (i == PUBKEY_ALGO_RSA_E || i == PUBKEY_ALGO_RSA_S)
i = 0; /* we don't want to allow generation of these algorithms */
return i;
@@ -2039,7 +2039,7 @@ parse_parameter_usage (const char *fname
return 0; /* none (this is an optional parameter)*/
use = 0;
- pn = r->u.value;
+ pn = r->value;
while ( (p = strsep (&pn, " \t,")) ) {
if ( !*p)
;
@@ -2070,7 +2070,7 @@ parse_revocation_key (const char *fname,
if( !r )
return 0; /* none (this is an optional parameter) */
- pn = r->u.value;
+ pn = r->value;
revkey.class=0x80;
revkey.algid=atoi(pn);
@@ -2126,7 +2126,7 @@ get_parameter_u32( struct para_data_s *p
if( r->key == pCREATETIME )
return r->u.create;
- return (unsigned int)strtoul( r->u.value, NULL, 10 );
+ return (unsigned int)strtoul( r->value, NULL, 10 );
}
static unsigned int
@@ -2241,7 +2241,7 @@ proc_parameter_file( struct para_data_s
n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0);
r = xmalloc_clear( sizeof *r + n + 20 );
r->key = pUSERID;
- p = r->u.value;
+ p = r->value;
if( s1 )
p = stpcpy(p, s1 );
if( s2 )
@@ -2288,7 +2288,7 @@ proc_parameter_file( struct para_data_s
/* make DEK and S2K from the Passphrase */
r = get_parameter( para, pPASSPHRASE );
- if( r && *r->u.value ) {
+ if( r && *r->value ) {
/* we have a plain text passphrase - create a DEK from it.
* It is a little bit ridiculous to keep it ih secure memory
* but becuase we do this alwasy, why not here */
@@ -2298,12 +2298,12 @@ proc_parameter_file( struct para_data_s
s2k = xmalloc_secure( sizeof *s2k );
s2k->mode = opt.s2k_mode;
s2k->hash_algo = S2K_DIGEST_ALGO;
- set_next_passphrase( r->u.value );
+ set_next_passphrase( r->value );
dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2,
NULL, NULL);
set_next_passphrase( NULL );
assert( dek );
- memset( r->u.value, 0, strlen(r->u.value) );
+ memset( r->value, 0, strlen(r->value) );
r = xmalloc_clear( sizeof *r );
r->key = pPASSPHRASE_S2K;
@@ -2319,11 +2319,11 @@ proc_parameter_file( struct para_data_s
/* make KEYEXPIRE from Expire-Date */
r = get_parameter( para, pEXPIREDATE );
- if( r && *r->u.value )
+ if( r && *r->value )
{
u32 seconds;
- seconds = parse_expire_string( timestamp, r->u.value );
+ seconds = parse_expire_string( timestamp, r->value );
if( seconds == (u32)-1 )
{
log_error("%s:%d: invalid expire date\n", fname, r->lnr );
@@ -2519,7 +2519,7 @@ read_parameter_file( const char *fname )
r = xmalloc_clear( sizeof *r + strlen( value ) );
r->lnr = lnr;
r->key = keywords[i].key;
- strcpy( r->u.value, value );
+ strcpy( r->value, value );
r->next = para;
para = r;
}
@@ -2606,7 +2606,7 @@ generate_keypair (const char *fname, con
#ifdef ENABLE_CARD_SUPPORT
r = xcalloc (1, sizeof *r + strlen (card_serialno) );
r->key = pSERIALNO;
- strcpy( r->u.value, card_serialno);
+ strcpy( r->value, card_serialno);
r->next = para;
para = r;
@@ -2614,29 +2614,29 @@ generate_keypair (const char *fname, con
r = xcalloc (1, sizeof *r + 20 );
r->key = pKEYTYPE;
- sprintf( r->u.value, "%d", algo );
+ sprintf( r->value, "%d", algo );
r->next = para;
para = r;
r = xcalloc (1, sizeof *r + 20 );
r->key = pKEYUSAGE;
- strcpy (r->u.value, "sign");
+ strcpy (r->value, "sign");
r->next = para;
para = r;
r = xcalloc (1, sizeof *r + 20 );
r->key = pSUBKEYTYPE;
- sprintf( r->u.value, "%d", algo );
+ sprintf( r->value, "%d", algo );
r->next = para;
para = r;
r = xcalloc (1, sizeof *r + 20 );
r->key = pSUBKEYUSAGE;
- strcpy (r->u.value, "encrypt");
+ strcpy (r->value, "encrypt");
r->next = para;
para = r;
r = xcalloc (1, sizeof *r + 20 );
r->key = pAUTHKEYTYPE;
- sprintf( r->u.value, "%d", algo );
+ sprintf( r->value, "%d", algo );
r->next = para;
para = r;
@@ -2644,7 +2644,7 @@ generate_keypair (const char *fname, con
{
r = xcalloc (1, sizeof *r + strlen (backup_encryption_dir) );
r->key = pBACKUPENCDIR;
- strcpy (r->u.value, backup_encryption_dir);
+ strcpy (r->value, backup_encryption_dir);
r->next = para;
para = r;
}
@@ -2658,30 +2658,30 @@ generate_keypair (const char *fname, con
both = 1;
r = xmalloc_clear( sizeof *r + 20 );
r->key = pKEYTYPE;
- sprintf( r->u.value, "%d", PUBKEY_ALGO_DSA );
+ sprintf( r->value, "%d", PUBKEY_ALGO_DSA );
r->next = para;
para = r;
nbits = ask_keysize( PUBKEY_ALGO_DSA );
r = xmalloc_clear( sizeof *r + 20 );
r->key = pKEYLENGTH;
- sprintf( r->u.value, "%u", nbits);
+ sprintf( r->value, "%u", nbits);
r->next = para;
para = r;
r = xmalloc_clear( sizeof *r + 20 );
r->key = pKEYUSAGE;
- strcpy( r->u.value, "sign" );
+ strcpy( r->value, "sign" );
r->next = para;
para = r;
algo = PUBKEY_ALGO_ELGAMAL_E;
r = xmalloc_clear( sizeof *r + 20 );
r->key = pSUBKEYTYPE;
- sprintf( r->u.value, "%d", algo );
+ sprintf( r->value, "%d", algo );
r->next = para;
para = r;
r = xmalloc_clear( sizeof *r + 20 );
r->key = pSUBKEYUSAGE;
- strcpy( r->u.value, "encrypt" );
+ strcpy( r->value, "encrypt" );
r->next = para;
para = r;
}
@@ -2689,7 +2689,7 @@ generate_keypair (const char *fname, con
{
r = xmalloc_clear( sizeof *r + 20 );
r->key = pKEYTYPE;
- sprintf( r->u.value, "%d", algo );
+ sprintf( r->value, "%d", algo );
r->next = para;
para = r;
@@ -2697,7 +2697,7 @@ generate_keypair (const char *fname, con
{
r = xmalloc_clear( sizeof *r + 25 );
r->key = pKEYUSAGE;
- sprintf( r->u.value, "%s%s%s",
+ sprintf( r->value, "%s%s%s",
(use & PUBKEY_USAGE_SIG)? "sign ":"",
(use & PUBKEY_USAGE_ENC)? "encrypt ":"",
(use & PUBKEY_USAGE_AUTH)? "auth":"" );
@@ -2710,7 +2710,7 @@ generate_keypair (const char *fname, con
nbits = ask_keysize( algo );
r = xmalloc_clear( sizeof *r + 20 );
r->key = both? pSUBKEYLENGTH : pKEYLENGTH;
- sprintf( r->u.value, "%u", nbits);
+ sprintf( r->value, "%u", nbits);
r->next = para;
para = r;
}
@@ -2736,7 +2736,7 @@ generate_keypair (const char *fname, con
}
r = xmalloc_clear( sizeof *r + strlen(uid) );
r->key = pUSERID;
- strcpy( r->u.value, uid );
+ strcpy( r->value, uid );
r->next = para;
para = r;
@@ -3304,7 +3304,7 @@ generate_card_subkeypair (KBNODE pub_key
para = xcalloc (1, sizeof *para + strlen (serialno) );
para->key = pSERIALNO;
- strcpy (para->u.value, serialno);
+ strcpy (para->value, serialno);
/* Break out the primary secret key */
node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
More information about the fedora-extras-commits
mailing list