Update to 3.7.5
... and drop upstreamed patches.
This commit is contained in:
parent
cb7d14a486
commit
2f7611452d
1
.gitignore
vendored
1
.gitignore
vendored
@ -14,3 +14,4 @@
|
|||||||
/gcr-3.6.1.tar.xz
|
/gcr-3.6.1.tar.xz
|
||||||
/gcr-3.7.1.tar.xz
|
/gcr-3.7.1.tar.xz
|
||||||
/gcr-3.7.2.tar.xz
|
/gcr-3.7.2.tar.xz
|
||||||
|
/gcr-3.7.5.tar.xz
|
||||||
|
@ -1,269 +0,0 @@
|
|||||||
From 155912092ab90b5597817b4a3c67ccc8dec00cb9 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stef Walter <stefw@gnome.org>
|
|
||||||
Date: Fri, 11 Jan 2013 20:23:12 +0000
|
|
||||||
Subject: egg-armor: Fix memrchr() call with negative string length
|
|
||||||
|
|
||||||
* Initial patch by Gustavo Luiz Duarte <gustavold@linux.vnet.ibm.com>
|
|
||||||
* The cause of this bug was reusing argument variables for other
|
|
||||||
purposes in parsing functions when that didn't really make sense,
|
|
||||||
so fix this as well.
|
|
||||||
* Add tests that catch this issue.
|
|
||||||
|
|
||||||
See https://bugzilla.redhat.com/show_bug.cgi?id=893162
|
|
||||||
|
|
||||||
https://bugzilla.gnome.org/show_bug.cgi?id=691505
|
|
||||||
---
|
|
||||||
diff --git a/egg/egg-armor.c b/egg/egg-armor.c
|
|
||||||
index 812f1aa..dd213d0 100644
|
|
||||||
--- a/egg/egg-armor.c
|
|
||||||
+++ b/egg/egg-armor.c
|
|
||||||
@@ -104,18 +104,20 @@ armor_find_begin (const gchar *data,
|
|
||||||
const gchar **outer)
|
|
||||||
{
|
|
||||||
const gchar *pref, *suff;
|
|
||||||
+ const gchar *at;
|
|
||||||
gchar *stype;
|
|
||||||
+ gsize len;
|
|
||||||
|
|
||||||
/* Look for a prefix */
|
|
||||||
pref = g_strstr_len ((gchar*)data, n_data, ARMOR_PREF_BEGIN);
|
|
||||||
if (!pref)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
- n_data -= (pref - data) + ARMOR_PREF_BEGIN_L;
|
|
||||||
- data = pref + ARMOR_PREF_BEGIN_L;
|
|
||||||
+ len = n_data - ((pref - data) + ARMOR_PREF_BEGIN_L);
|
|
||||||
+ at = pref + ARMOR_PREF_BEGIN_L;
|
|
||||||
|
|
||||||
/* Look for the end of that begin */
|
|
||||||
- suff = g_strstr_len ((gchar*)data, n_data, ARMOR_SUFF);
|
|
||||||
+ suff = g_strstr_len ((gchar *)at, len, ARMOR_SUFF);
|
|
||||||
if (!suff)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
@@ -149,6 +151,8 @@ armor_find_end (const gchar *data,
|
|
||||||
const gchar *stype;
|
|
||||||
const gchar *pref;
|
|
||||||
const gchar *line;
|
|
||||||
+ const gchar *at;
|
|
||||||
+ gsize len;
|
|
||||||
gsize n_type;
|
|
||||||
|
|
||||||
/* Look for a prefix */
|
|
||||||
@@ -156,20 +160,20 @@ armor_find_end (const gchar *data,
|
|
||||||
if (!pref)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
- n_data -= (pref - data) + ARMOR_PREF_END_L;
|
|
||||||
- data = pref + ARMOR_PREF_END_L;
|
|
||||||
+ len = n_data - ((pref - data) + ARMOR_PREF_END_L);
|
|
||||||
+ at = pref + ARMOR_PREF_END_L;
|
|
||||||
|
|
||||||
/* Next comes the type string */
|
|
||||||
stype = g_quark_to_string (type);
|
|
||||||
n_type = strlen (stype);
|
|
||||||
- if (n_type > n_data || strncmp ((gchar*)data, stype, n_type) != 0)
|
|
||||||
+ if (n_type > len || strncmp ((gchar*)at, stype, n_type) != 0)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
- n_data -= n_type;
|
|
||||||
- data += n_type;
|
|
||||||
+ len -= n_type;
|
|
||||||
+ at += n_type;
|
|
||||||
|
|
||||||
/* Next comes the suffix */
|
|
||||||
- if (ARMOR_SUFF_L > n_data && strncmp ((gchar*)data, ARMOR_SUFF, ARMOR_SUFF_L) != 0)
|
|
||||||
+ if (ARMOR_SUFF_L > len && strncmp ((gchar*)at, ARMOR_SUFF, ARMOR_SUFF_L) != 0)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
/*
|
|
||||||
@@ -182,10 +186,10 @@ armor_find_end (const gchar *data,
|
|
||||||
pref = line;
|
|
||||||
|
|
||||||
if (outer != NULL) {
|
|
||||||
- data += ARMOR_SUFF_L;
|
|
||||||
- if (isspace (data[0]))
|
|
||||||
- data++;
|
|
||||||
- *outer = data;
|
|
||||||
+ at += ARMOR_SUFF_L;
|
|
||||||
+ if (isspace (at[0]))
|
|
||||||
+ at++;
|
|
||||||
+ *outer = at;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* The end of the data */
|
|
||||||
diff --git a/egg/tests/Makefile.am b/egg/tests/Makefile.am
|
|
||||||
index 2e8335b..7cb1830 100644
|
|
||||||
--- a/egg/tests/Makefile.am
|
|
||||||
+++ b/egg/tests/Makefile.am
|
|
||||||
@@ -32,6 +32,7 @@ TEST_PROGS = \
|
|
||||||
test-secmem \
|
|
||||||
test-padding \
|
|
||||||
test-symkey \
|
|
||||||
+ test-armor \
|
|
||||||
test-openssl \
|
|
||||||
test-dh
|
|
||||||
|
|
||||||
diff --git a/egg/tests/test-armor.c b/egg/tests/test-armor.c
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000..d5a366b
|
|
||||||
--- a/dev/null
|
|
||||||
+++ b/egg/tests/test-armor.c
|
|
||||||
@@ -0,0 +1,155 @@
|
|
||||||
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
|
|
||||||
+/* test-armor.c: Test PEM and Armor parsing
|
|
||||||
+
|
|
||||||
+ Copyright (C) 2012 Red Hat Inc.
|
|
||||||
+
|
|
||||||
+ The Gnome Keyring Library is free software; you can redistribute it and/or
|
|
||||||
+ modify it under the terms of the GNU Library General Public License as
|
|
||||||
+ published by the Free Software Foundation; either version 2 of the
|
|
||||||
+ License, or (at your option) any later version.
|
|
||||||
+
|
|
||||||
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
|
|
||||||
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
||||||
+ Library General Public License for more details.
|
|
||||||
+
|
|
||||||
+ You should have received a copy of the GNU Library General Public
|
|
||||||
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
|
|
||||||
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
|
||||||
+ Boston, MA 02111-1307, USA.
|
|
||||||
+
|
|
||||||
+ Author: Stef Walter <stefw@gnome.org>
|
|
||||||
+*/
|
|
||||||
+
|
|
||||||
+#include "config.h"
|
|
||||||
+
|
|
||||||
+#include "egg/egg-armor.h"
|
|
||||||
+#include "egg/egg-symkey.h"
|
|
||||||
+#include "egg/egg-openssl.h"
|
|
||||||
+#include "egg/egg-secure-memory.h"
|
|
||||||
+#include "egg/egg-testing.h"
|
|
||||||
+
|
|
||||||
+#include <glib.h>
|
|
||||||
+
|
|
||||||
+#include <stdlib.h>
|
|
||||||
+#include <stdio.h>
|
|
||||||
+#include <string.h>
|
|
||||||
+#include <unistd.h>
|
|
||||||
+
|
|
||||||
+EGG_SECURE_DEFINE_GLIB_GLOBALS ();
|
|
||||||
+
|
|
||||||
+static void
|
|
||||||
+on_pem_get_contents (GQuark type,
|
|
||||||
+ GBytes *data,
|
|
||||||
+ GBytes *outer,
|
|
||||||
+ GHashTable *headers,
|
|
||||||
+ gpointer user_data)
|
|
||||||
+{
|
|
||||||
+ GBytes **contents = user_data;
|
|
||||||
+
|
|
||||||
+ g_assert_cmpstr (g_quark_to_string (type), ==, "TEST");
|
|
||||||
+ g_assert (*contents == NULL);
|
|
||||||
+ *contents = g_bytes_ref (data);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+
|
|
||||||
+static void
|
|
||||||
+test_armor_parse (void)
|
|
||||||
+{
|
|
||||||
+ const char *pem_data = "-----BEGIN TEST-----\n"
|
|
||||||
+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n"
|
|
||||||
+ "-----END TEST-----\n";
|
|
||||||
+
|
|
||||||
+ GBytes *contents = NULL;
|
|
||||||
+ GBytes *check;
|
|
||||||
+ GBytes *bytes;
|
|
||||||
+ guint num;
|
|
||||||
+
|
|
||||||
+ bytes = g_bytes_new_static (pem_data, strlen (pem_data));
|
|
||||||
+
|
|
||||||
+ num = egg_armor_parse (bytes, on_pem_get_contents, &contents);
|
|
||||||
+ g_assert_cmpint (num, ==, 1);
|
|
||||||
+ g_assert (contents != NULL);
|
|
||||||
+
|
|
||||||
+ check = g_bytes_new ("good morning everyone\n", 22);
|
|
||||||
+ g_assert (g_bytes_equal (check, contents));
|
|
||||||
+
|
|
||||||
+ g_bytes_unref (check);
|
|
||||||
+ g_bytes_unref (contents);
|
|
||||||
+ g_bytes_unref (bytes);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static void
|
|
||||||
+test_armor_skip_checksum (void)
|
|
||||||
+{
|
|
||||||
+ const char *pem_data = "-----BEGIN TEST-----\n"
|
|
||||||
+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n"
|
|
||||||
+ "=checksum"
|
|
||||||
+ "-----END TEST-----\n";
|
|
||||||
+
|
|
||||||
+ GBytes *contents = NULL;
|
|
||||||
+ GBytes *check;
|
|
||||||
+ GBytes *bytes;
|
|
||||||
+ guint num;
|
|
||||||
+
|
|
||||||
+ /* Check that the (above invalid) OpenPGP checksum is skipped */
|
|
||||||
+
|
|
||||||
+ bytes = g_bytes_new_static (pem_data, strlen (pem_data));
|
|
||||||
+
|
|
||||||
+ num = egg_armor_parse (bytes, on_pem_get_contents, &contents);
|
|
||||||
+ g_assert_cmpint (num, ==, 1);
|
|
||||||
+ g_assert (contents != NULL);
|
|
||||||
+
|
|
||||||
+ check = g_bytes_new ("good morning everyone\n", 22);
|
|
||||||
+ g_assert (g_bytes_equal (check, contents));
|
|
||||||
+
|
|
||||||
+ g_bytes_unref (check);
|
|
||||||
+ g_bytes_unref (contents);
|
|
||||||
+ g_bytes_unref (bytes);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static void
|
|
||||||
+test_invalid (gconstpointer data)
|
|
||||||
+{
|
|
||||||
+ GBytes *bytes;
|
|
||||||
+ guint num;
|
|
||||||
+
|
|
||||||
+ /* Invalid opening line above */
|
|
||||||
+
|
|
||||||
+ bytes = g_bytes_new_static (data, strlen (data));
|
|
||||||
+
|
|
||||||
+ num = egg_armor_parse (bytes, NULL, NULL);
|
|
||||||
+ g_assert_cmpint (num, ==, 0);
|
|
||||||
+
|
|
||||||
+ g_bytes_unref (bytes);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+main (int argc, char **argv)
|
|
||||||
+{
|
|
||||||
+ g_test_init (&argc, &argv, NULL);
|
|
||||||
+
|
|
||||||
+ g_test_add_func ("/armor/parse", test_armor_parse);
|
|
||||||
+ g_test_add_func ("/armor/skip-checksum", test_armor_skip_checksum);
|
|
||||||
+
|
|
||||||
+ g_test_add_data_func ("/armor/invalid-start",
|
|
||||||
+ "-----BEGIN TEST--",
|
|
||||||
+ test_invalid);
|
|
||||||
+ g_test_add_data_func ("/armor/invalid-end",
|
|
||||||
+ "-----BEGIN TEST-----\n"
|
|
||||||
+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n"
|
|
||||||
+ "--END TEST-----\n",
|
|
||||||
+ test_invalid);
|
|
||||||
+ g_test_add_data_func ("/armor/invalid-mismatch",
|
|
||||||
+ "-----BEGIN TEST-----\n"
|
|
||||||
+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n"
|
|
||||||
+ "-----END CERTIFICATE-----\n",
|
|
||||||
+ test_invalid);
|
|
||||||
+ g_test_add_data_func ("/armor/invalid-suffix",
|
|
||||||
+ "-----BEGIN TEST-----\n"
|
|
||||||
+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n"
|
|
||||||
+ "-----END TEST--\n",
|
|
||||||
+ test_invalid);
|
|
||||||
+
|
|
||||||
+ return g_test_run ();
|
|
||||||
+}
|
|
||||||
--
|
|
||||||
cgit v0.9.0.2
|
|
@ -1,40 +0,0 @@
|
|||||||
From 61de15c7c7fe50d075ee77b2c9c4ce7c6284ce12 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stef Walter <stefw@gnome.org>
|
|
||||||
Date: Fri, 11 Jan 2013 20:48:23 +0000
|
|
||||||
Subject: egg-armor: Handle mismatched but not truncated suffix line
|
|
||||||
|
|
||||||
* Discovered by Gustavo Luiz Duarte <gustavold@linux.vnet.ibm.com>
|
|
||||||
|
|
||||||
https://bugzilla.gnome.org/show_bug.cgi?id=691505
|
|
||||||
---
|
|
||||||
diff --git a/egg/egg-armor.c b/egg/egg-armor.c
|
|
||||||
index dd213d0..02e7646 100644
|
|
||||||
--- a/egg/egg-armor.c
|
|
||||||
+++ b/egg/egg-armor.c
|
|
||||||
@@ -173,7 +173,7 @@ armor_find_end (const gchar *data,
|
|
||||||
at += n_type;
|
|
||||||
|
|
||||||
/* Next comes the suffix */
|
|
||||||
- if (ARMOR_SUFF_L > len && strncmp ((gchar*)at, ARMOR_SUFF, ARMOR_SUFF_L) != 0)
|
|
||||||
+ if (ARMOR_SUFF_L > len || strncmp ((gchar *)at, ARMOR_SUFF, ARMOR_SUFF_L) != 0)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
/*
|
|
||||||
diff --git a/egg/tests/test-armor.c b/egg/tests/test-armor.c
|
|
||||||
index d5a366b..7435a10 100644
|
|
||||||
--- a/egg/tests/test-armor.c
|
|
||||||
+++ b/egg/tests/test-armor.c
|
|
||||||
@@ -148,6 +148,11 @@ main (int argc, char **argv)
|
|
||||||
g_test_add_data_func ("/armor/invalid-suffix",
|
|
||||||
"-----BEGIN TEST-----\n"
|
|
||||||
"Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n"
|
|
||||||
+ "-----END TEST--xxxxxxxx\n",
|
|
||||||
+ test_invalid);
|
|
||||||
+ g_test_add_data_func ("/armor/invalid-truncated",
|
|
||||||
+ "-----BEGIN TEST-----\n"
|
|
||||||
+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n"
|
|
||||||
"-----END TEST--\n",
|
|
||||||
test_invalid);
|
|
||||||
|
|
||||||
--
|
|
||||||
cgit v0.9.0.2
|
|
17
gcr.spec
17
gcr.spec
@ -1,6 +1,6 @@
|
|||||||
Name: gcr
|
Name: gcr
|
||||||
Version: 3.7.2
|
Version: 3.7.5
|
||||||
Release: 2%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: A library for bits of crypto UI and parsing
|
Summary: A library for bits of crypto UI and parsing
|
||||||
|
|
||||||
Group: Development/Libraries
|
Group: Development/Libraries
|
||||||
@ -8,11 +8,6 @@ License: LGPLv2+
|
|||||||
URL: http://live.gnome.org/CryptoGlue/
|
URL: http://live.gnome.org/CryptoGlue/
|
||||||
Source0: http://download.gnome.org/sources/gcr/3.7/gcr-%{version}.tar.xz
|
Source0: http://download.gnome.org/sources/gcr/3.7/gcr-%{version}.tar.xz
|
||||||
|
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=894157
|
|
||||||
# gnome-keyring coredumps while parsing certificate
|
|
||||||
Patch1: gcr-3.7.2-egg-armor-memrchr-negative.patch
|
|
||||||
Patch2: gcr-3.7.2-egg-armor-memrchr-truncated.patch
|
|
||||||
|
|
||||||
BuildRequires: desktop-file-utils
|
BuildRequires: desktop-file-utils
|
||||||
BuildRequires: intltool
|
BuildRequires: intltool
|
||||||
BuildRequires: glib2-devel
|
BuildRequires: glib2-devel
|
||||||
@ -46,8 +41,6 @@ The gcr-devel package includes the header files for the gcr library.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
%patch1 -p1 -b .egg-armor-memrchr-negative
|
|
||||||
%patch2 -p1 -b .egg-armor-memrchr-truncated
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%configure --enable-introspection
|
%configure --enable-introspection
|
||||||
@ -100,6 +93,7 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas >&/dev/null || :
|
|||||||
%{_libdir}/libgck-1.so.*
|
%{_libdir}/libgck-1.so.*
|
||||||
%{_libdir}/libgcr-3.so.*
|
%{_libdir}/libgcr-3.so.*
|
||||||
%{_libdir}/libgcr-base-3.so.*
|
%{_libdir}/libgcr-base-3.so.*
|
||||||
|
%{_libdir}/libgcr-ui-3.so.*
|
||||||
%{_datadir}/gcr-3
|
%{_datadir}/gcr-3
|
||||||
%{_datadir}/icons/hicolor/*/apps/*
|
%{_datadir}/icons/hicolor/*/apps/*
|
||||||
%{_datadir}/mime/packages/gcr-crypto-types.xml
|
%{_datadir}/mime/packages/gcr-crypto-types.xml
|
||||||
@ -114,9 +108,11 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas >&/dev/null || :
|
|||||||
%{_libdir}/libgck-1.so
|
%{_libdir}/libgck-1.so
|
||||||
%{_libdir}/libgcr-3.so
|
%{_libdir}/libgcr-3.so
|
||||||
%{_libdir}/libgcr-base-3.so
|
%{_libdir}/libgcr-base-3.so
|
||||||
|
%{_libdir}/libgcr-ui-3.so
|
||||||
%{_libdir}/pkgconfig/gck-1.pc
|
%{_libdir}/pkgconfig/gck-1.pc
|
||||||
%{_libdir}/pkgconfig/gcr-3.pc
|
%{_libdir}/pkgconfig/gcr-3.pc
|
||||||
%{_libdir}/pkgconfig/gcr-base-3.pc
|
%{_libdir}/pkgconfig/gcr-base-3.pc
|
||||||
|
%{_libdir}/pkgconfig/gcr-ui-3.pc
|
||||||
%{_datadir}/gir-1.0
|
%{_datadir}/gir-1.0
|
||||||
%dir %{_datadir}/gtk-doc
|
%dir %{_datadir}/gtk-doc
|
||||||
%dir %{_datadir}/gtk-doc/html
|
%dir %{_datadir}/gtk-doc/html
|
||||||
@ -125,6 +121,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas >&/dev/null || :
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 06 2013 Kalev Lember <kalevlember@gmail.com> - 3.7.5-1
|
||||||
|
- Update to 3.7.5
|
||||||
|
|
||||||
* Mon Jan 14 2013 Tomas Bzatek <tbzatek@redhat.com> - 3.7.2-2
|
* Mon Jan 14 2013 Tomas Bzatek <tbzatek@redhat.com> - 3.7.2-2
|
||||||
- Fix crash on parsing some certificates (#894157)
|
- Fix crash on parsing some certificates (#894157)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user