common: Don't assume on-disk layout matches in-memory layout.
authorNeal H. Walfield <neal@g10code.com>
Fri, 21 Aug 2015 08:38:41 +0000 (10:38 +0200)
committerNeal H. Walfield <neal@g10code.com>
Fri, 21 Aug 2015 12:21:08 +0000 (14:21 +0200)
* g10/packet.h (PKT_signature): Change revkey's type from a struct
revocation_key ** to a struct revocation_key *.  Update users.

--
revkey was a pointer into the raw data.  But, C doesn't guarantee that
there is no padding.  Thus, we copy the data.

Signed-off-by: Neal H. Walfield <neal@g10code.com>.
g10/export.c
g10/getkey.c
g10/import.c
g10/packet.h
g10/parse-packet.c
g10/revoke.c

index 5050128..62802d3 100644 (file)
@@ -1011,7 +1011,7 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret,
                   int i;
 
                   for (i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
-                    if ( (node->pkt->pkt.signature->revkey[i]->class & 0x40))
+                    if ( (node->pkt->pkt.signature->revkey[i].class & 0x40))
                       break;
 
                   if (i < node->pkt->pkt.signature->numrevkeys)
index 3a60161..6e85834 100644 (file)
@@ -720,7 +720,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
 
      ANYLOCALFIRST is set if the search order has the local method
      before any other or if "local" is used first by default.  This
-     makes sure that if a RETCTX is used it gets only set if a local
+     makes sure that if a RETCTX is used it is only set if a local
      search has precedence over the other search methods and only then
      a followup call to get_pubkey_next shall succeed.  */
   if (!no_akl)
@@ -1606,7 +1606,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
 
                      for (i = 0; i < sig->numrevkeys; i++)
                        memcpy (&pk->revkey[pk->numrevkeys++],
-                               sig->revkey[i],
+                               &sig->revkey[i],
                                sizeof (struct revocation_key));
                    }
 
index e92769d..60a037b 100644 (file)
@@ -2397,7 +2397,7 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
            {
              u32 keyid[2];
 
-             keyid_from_fingerprint(sig->revkey[idx]->fpr,
+             keyid_from_fingerprint(sig->revkey[idx].fpr,
                                     MAX_FINGERPRINT_LEN,keyid);
 
              for(inode=keyblock->next;inode;inode=inode->next)
@@ -2416,7 +2416,7 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
                          itself? */
                      int rc;
 
-                     rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx]->fpr,
+                     rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx].fpr,
                                                    MAX_FINGERPRINT_LEN);
                      if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
                           || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
@@ -2432,13 +2432,13 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock)
                                         " fetching revocation key %s\n"),
                                       tempkeystr,keystr(keyid));
                              keyserver_import_fprint (ctrl,
-                                                       sig->revkey[idx]->fpr,
+                                                       sig->revkey[idx].fpr,
                                                        MAX_FINGERPRINT_LEN,
                                                        opt.keyserver);
 
                              /* Do we have it now? */
                              rc=get_pubkey_byfprint_fast (NULL,
-                                                    sig->revkey[idx]->fpr,
+                                                    sig->revkey[idx].fpr,
                                                     MAX_FINGERPRINT_LEN);
                            }
 
index 8bd5fc4..826963e 100644 (file)
@@ -167,7 +167,7 @@ typedef struct
   byte    trust_depth;
   byte    trust_value;
   const byte *trust_regexp;
-  struct revocation_key **revkey;
+  struct revocation_key *revkey;
   int numrevkeys;
   pka_info_t *pka_info;      /* Malloced PKA data or NULL if not
                                 available.  See also flags.pka_tried. */
index 1467dc3..bc99653 100644 (file)
@@ -1711,25 +1711,31 @@ parse_sig_subpkt2 (PKT_signature * sig, sigsubpkttype_t reqtype)
 void
 parse_revkeys (PKT_signature * sig)
 {
-  struct revocation_key *revkey;
+  const byte *revkey;
   int seq = 0;
   size_t len;
 
   if (sig->sig_class != 0x1F)
     return;
 
-  while ((revkey =
-         (struct revocation_key *) enum_sig_subpkt (sig->hashed,
-                                                    SIGSUBPKT_REV_KEY,
-                                                    &len, &seq, NULL)))
+  while ((revkey = enum_sig_subpkt (sig->hashed, SIGSUBPKT_REV_KEY,
+                                   &len, &seq, NULL)))
     {
-      if (len == sizeof (struct revocation_key)
-          && (revkey->class & 0x80))  /* 0x80 bit must be set.  */
+      if (/* The only valid length is 22 bytes.  See RFC 4880
+            5.2.3.15.  */
+         len == 22
+         /* 0x80 bit must be set on the class.  */
+          && (revkey[0] & 0x80))
        {
          sig->revkey = xrealloc (sig->revkey,
-                                 sizeof (struct revocation_key *) *
+                                 sizeof (struct revocation_key) *
                                  (sig->numrevkeys + 1));
-         sig->revkey[sig->numrevkeys] = revkey;
+
+         /* Copy the individual fields.  */
+         sig->revkey[sig->numrevkeys].class = revkey[0];
+         sig->revkey[sig->numrevkeys].algid = revkey[1];
+         memcpy (sig->revkey[sig->numrevkeys].fpr, &revkey[2], 20);
+
          sig->numrevkeys++;
        }
     }
index 6e82187..eb3a989 100644 (file)
@@ -383,11 +383,11 @@ gen_desig_revoke( const char *uname, strlist_t locusr )
                    for(j=0;j<signode->pkt->pkt.signature->numrevkeys;j++)
                      {
                        if(pk->revkey[i].class==
-                          signode->pkt->pkt.signature->revkey[j]->class &&
+                          signode->pkt->pkt.signature->revkey[j].class &&
                           pk->revkey[i].algid==
-                          signode->pkt->pkt.signature->revkey[j]->algid &&
+                          signode->pkt->pkt.signature->revkey[j].algid &&
                           memcmp(pk->revkey[i].fpr,
-                                 signode->pkt->pkt.signature->revkey[j]->fpr,
+                                 signode->pkt->pkt.signature->revkey[j].fpr,
                                  MAX_FINGERPRINT_LEN)==0)
                          {
                            revkey=signode->pkt->pkt.signature;