util/
authorWerner Koch <wk@gnupg.org>
Mon, 16 Apr 2007 15:37:45 +0000 (15:37 +0000)
committerWerner Koch <wk@gnupg.org>
Mon, 16 Apr 2007 15:37:45 +0000 (15:37 +0000)
* secmem.c (init_pool): Avoid assigning a negative value to a
size_t.
./
* acinclude.m4: Fix last change.  Make test self-conatined by
checking for sysconf and getpagesize.  Remove indentation for the
sake of broken C-89 cpps.

ChangeLog
NEWS
acinclude.m4
util/ChangeLog
util/secmem.c

index a44a4b3..232c010 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2007-04-16  Werner Koch  <wk@g10code.com>
+
+       * acinclude.m4: Fix last change.  Make test self-conatined by
+       checking for sysconf and getpagesize.  Remove indentation for the
+       sake of broken C-89 cpp.
+
 2007-04-16  David Shaw  <dshaw@jabberwocky.com>
 
        * configure.ac: Add a HAVE_SHM conditional.
diff --git a/NEWS b/NEWS
index 60625d9..b04d37d 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -11,7 +11,7 @@ Noteworthy changes in version 1.4.7 (2007-03-05)
       plaintext boundary status tags that GnuPG provides.  This change
       makes GnuPG reject such messages by default which makes those
       programs safe again.  --allow-multiple-messages returns to the
-      old behavior.
+      old behavior. [CVE-2007-1263].
 
     * [W32] The environment variable LANGUAGE may be used to override
       the language given by HKCU\Software\GNU\GnuPG:Lang.  The
index 30eeb85..149a485 100644 (file)
@@ -384,18 +384,18 @@ define(GNUPG_CHECK_MLOCK,
                     #include <sys/mman.h>
                     #endif
                 ], [
                   int i;
-
                   /* glibc defines this for functions which it implements
-                     * to always fail with ENOSYS.  Some functions are actually
-                     * named something starting with __ and the normal name
-                     * is an alias.  */
                   #if defined (__stub_mlock) || defined (__stub___mlock)
                   choke me
                   #else
                   mlock(&i, 4);
                   #endif
                   ; return 0;
+ int i;
+
+ /* glibc defines this for functions which it implements
+  * to always fail with ENOSYS.  Some functions are actually
+  * named something starting with __ and the normal name
+  * is an alias.  */
+ #if defined (__stub_mlock) || defined (__stub___mlock)
+ choke me
+ #else
+ mlock(&i, 4);
+ #endif
+ ; return 0;
                 ],
                 gnupg_cv_mlock_is_in_sys_mman=yes,
                 gnupg_cv_mlock_is_in_sys_mman=no)])
@@ -406,42 +406,45 @@ define(GNUPG_CHECK_MLOCK,
         fi
     fi
     if test "$ac_cv_func_mlock" = "yes"; then
+        AC_CHECK_FUNCS(sysconf getpagesize)
         AC_MSG_CHECKING(whether mlock is broken)
           AC_CACHE_VAL(gnupg_cv_have_broken_mlock,
              AC_TRY_RUN([
-                #include <stdlib.h>
-                #include <unistd.h>
-                #include <errno.h>
-                #include <sys/mman.h>
-                #include <sys/types.h>
-                #include <fcntl.h>
-
-                int main()
-                {
-                    char *pool;
-                    int err;
-                    long int pgsize;
-
-               #if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
-                    pgsize = sysconf(_SC_PAGESIZE);
-               #elif defined(HAVE_GETPAGESIZE)
-                    pgsize = getpagesize();
-               #endif
-
-                   if(pgsize==-1)
-                      pgsize = 4096;
-
-                    pool = malloc( 4096 + pgsize );
-                    if( !pool )
-                        return 2;
-                    pool += (pgsize - ((long int)pool % pgsize));
-
-                    err = mlock( pool, 4096 );
-                    if( !err || errno == EPERM )
-                        return 0; /* okay */
-
-                    return 1;  /* hmmm */
-                }
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+#include <sys/mman.h>
+#include <sys/types.h>
+#include <fcntl.h>
+
+int main()
+{
+    char *pool;
+    int err;
+    long int pgsize;
+
+#if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
+    pgsize = sysconf(_SC_PAGESIZE);
+#elif defined(HAVE_GETPAGESIZE)
+    pgsize = getpagesize();
+#else
+    pgsize = -1;
+#endif
+
+    if(pgsize==-1)
+       pgsize = 4096;
+
+    pool = malloc( 4096 + pgsize );
+    if( !pool )
+        return 2;
+    pool += (pgsize - ((long int)pool % pgsize));
+
+    err = mlock( pool, 4096 );
+    if( !err || errno == EPERM )
+        return 0; /* okay */
+
+    return 1;  /* hmmm */
+}
 
             ],
             gnupg_cv_have_broken_mlock="no",
index 70a95c7..a675473 100644 (file)
@@ -1,3 +1,8 @@
+2007-04-16  Werner Koch  <wk@g10code.com>
+
+       * secmem.c (init_pool): Avoid assigning a negative value to a
+       size_t.
+
 2007-04-16  David Shaw  <dshaw@jabberwocky.com>
 
        * secmem.c (init_pool): Use sysconf() if available to determine
index dc8a8f0..5a4affd 100644 (file)
@@ -219,7 +219,8 @@ lock_pool( void *p, size_t n )
 static void
 init_pool( size_t n)
 {
-    size_t pgsize=-1;
+    long int pgsize_val;
+    size_t pgsize;
 
     poolsize = n;
 
@@ -227,13 +228,14 @@ init_pool( size_t n)
        log_bug("secure memory is disabled");
 
 #if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE)
-    pgsize = sysconf(_SC_PAGESIZE);
+    pgsize_val = sysconf (_SC_PAGESIZE);
 #elif defined(HAVE_GETPAGESIZE)
-    pgsize = getpagesize();
+    pgsize_val = getpagesize ();
+#else
+    pgsize_val = -1;
 #endif
+    pgsize = (pgsize_val != -1 && pgsize_val > 0)? pgsize_val : 4096;
 
-    if(pgsize==-1)
-      pgsize = 4096;
 
 #ifdef HAVE_MMAP
     poolsize = (poolsize + pgsize -1 ) & ~(pgsize-1);