From 51d24fbd9b037e839a7b8ba973cec386ab6311f1 Mon Sep 17 00:00:00 2001 From: Kalev Lember Date: Wed, 6 Feb 2013 00:17:26 +0100 Subject: [PATCH] Update to 3.7.5 --- .gitignore | 1 + ...ing-3.7.2-egg-armor-memrchr-negative.patch | 269 ------------------ ...ng-3.7.2-egg-armor-memrchr-truncated.patch | 40 --- gnome-keyring.spec | 16 +- sources | 2 +- 5 files changed, 7 insertions(+), 321 deletions(-) delete mode 100644 gnome-keyring-3.7.2-egg-armor-memrchr-negative.patch delete mode 100644 gnome-keyring-3.7.2-egg-armor-memrchr-truncated.patch diff --git a/.gitignore b/.gitignore index 414e328..8c4aca1 100644 --- a/.gitignore +++ b/.gitignore @@ -39,3 +39,4 @@ gnome-keyring-2.31.4.tar.bz2 /gnome-keyring-3.6.1.tar.xz /gnome-keyring-3.7.1.tar.xz /gnome-keyring-3.7.2.tar.xz +/gnome-keyring-3.7.5.tar.xz diff --git a/gnome-keyring-3.7.2-egg-armor-memrchr-negative.patch b/gnome-keyring-3.7.2-egg-armor-memrchr-negative.patch deleted file mode 100644 index 0977fbb..0000000 --- a/gnome-keyring-3.7.2-egg-armor-memrchr-negative.patch +++ /dev/null @@ -1,269 +0,0 @@ -From d8f77ed5610858874b751ba104a44484a0468299 Mon Sep 17 00:00:00 2001 -From: Stef Walter -Date: Thu, 10 Jan 2013 21:20:42 +0000 -Subject: egg-armor: Fix memrchr() call with negative string length - - * Initial patch by Gustavo Luiz Duarte - * The cause of this bug was reusing argument variables for other - purposes in parsing functions when that didn't really make sense, - so fix this as well. - * Add tests that catch this issue. - -See https://bugzilla.redhat.com/show_bug.cgi?id=893162 - -https://bugzilla.gnome.org/show_bug.cgi?id=691500 ---- -diff --git a/egg/egg-armor.c b/egg/egg-armor.c -index ec514cc..7c788ad 100644 ---- a/egg/egg-armor.c -+++ b/egg/egg-armor.c -@@ -104,18 +104,20 @@ armor_find_begin (const gchar *data, - const gchar **outer) - { - const gchar *pref, *suff; -+ const gchar *at; - gchar *stype; -+ gsize len; - - /* Look for a prefix */ - pref = g_strstr_len ((gchar*)data, n_data, ARMOR_PREF_BEGIN); - if (!pref) - return NULL; - -- n_data -= (pref - data) + ARMOR_PREF_BEGIN_L; -- data = pref + ARMOR_PREF_BEGIN_L; -+ len = n_data - ((pref - data) + ARMOR_PREF_BEGIN_L); -+ at = pref + ARMOR_PREF_BEGIN_L; - - /* Look for the end of that begin */ -- suff = g_strstr_len ((gchar*)data, n_data, ARMOR_SUFF); -+ suff = g_strstr_len ((gchar *)at, len, ARMOR_SUFF); - if (!suff) - return NULL; - -@@ -149,6 +151,8 @@ armor_find_end (const gchar *data, - const gchar *stype; - const gchar *pref; - const gchar *line; -+ const gchar *at; -+ gsize len; - gsize n_type; - - /* Look for a prefix */ -@@ -156,20 +160,20 @@ armor_find_end (const gchar *data, - if (!pref) - return NULL; - -- n_data -= (pref - data) + ARMOR_PREF_END_L; -- data = pref + ARMOR_PREF_END_L; -+ len = n_data - ((pref - data) + ARMOR_PREF_END_L); -+ at = pref + ARMOR_PREF_END_L; - - /* Next comes the type string */ - stype = g_quark_to_string (type); - n_type = strlen (stype); -- if (n_type > n_data || strncmp ((gchar*)data, stype, n_type) != 0) -+ if (n_type > len || strncmp ((gchar*)at, stype, n_type) != 0) - return NULL; - -- n_data -= n_type; -- data += n_type; -+ len -= n_type; -+ at += n_type; - - /* Next comes the suffix */ -- if (ARMOR_SUFF_L > n_data && strncmp ((gchar*)data, ARMOR_SUFF, ARMOR_SUFF_L) != 0) -+ if (ARMOR_SUFF_L > len && strncmp ((gchar*)at, ARMOR_SUFF, ARMOR_SUFF_L) != 0) - return NULL; - - /* -@@ -182,10 +186,10 @@ armor_find_end (const gchar *data, - pref = line; - - if (outer != NULL) { -- data += ARMOR_SUFF_L; -- if (isspace (data[0])) -- data++; -- *outer = data; -+ at += ARMOR_SUFF_L; -+ if (isspace (at[0])) -+ at++; -+ *outer = at; - } - - /* The end of the data */ -diff --git a/egg/tests/Makefile.am b/egg/tests/Makefile.am -index 669e896..b523e88 100644 ---- a/egg/tests/Makefile.am -+++ b/egg/tests/Makefile.am -@@ -31,6 +31,7 @@ TEST_PROGS = \ - test-secmem \ - test-padding \ - test-symkey \ -+ test-armor \ - test-openssl \ - test-dh \ - test-spawn -diff --git a/egg/tests/test-armor.c b/egg/tests/test-armor.c -new file mode 100644 -index 0000000..d5a366b ---- a/dev/null -+++ b/egg/tests/test-armor.c -@@ -0,0 +1,155 @@ -+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */ -+/* test-armor.c: Test PEM and Armor parsing -+ -+ Copyright (C) 2012 Red Hat Inc. -+ -+ The Gnome Keyring Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Library General Public License as -+ published by the Free Software Foundation; either version 2 of the -+ License, or (at your option) any later version. -+ -+ The Gnome Keyring Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Library General Public License for more details. -+ -+ You should have received a copy of the GNU Library General Public -+ License along with the Gnome Library; see the file COPYING.LIB. If not, -+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, -+ Boston, MA 02111-1307, USA. -+ -+ Author: Stef Walter -+*/ -+ -+#include "config.h" -+ -+#include "egg/egg-armor.h" -+#include "egg/egg-symkey.h" -+#include "egg/egg-openssl.h" -+#include "egg/egg-secure-memory.h" -+#include "egg/egg-testing.h" -+ -+#include -+ -+#include -+#include -+#include -+#include -+ -+EGG_SECURE_DEFINE_GLIB_GLOBALS (); -+ -+static void -+on_pem_get_contents (GQuark type, -+ GBytes *data, -+ GBytes *outer, -+ GHashTable *headers, -+ gpointer user_data) -+{ -+ GBytes **contents = user_data; -+ -+ g_assert_cmpstr (g_quark_to_string (type), ==, "TEST"); -+ g_assert (*contents == NULL); -+ *contents = g_bytes_ref (data); -+} -+ -+ -+static void -+test_armor_parse (void) -+{ -+ const char *pem_data = "-----BEGIN TEST-----\n" -+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n" -+ "-----END TEST-----\n"; -+ -+ GBytes *contents = NULL; -+ GBytes *check; -+ GBytes *bytes; -+ guint num; -+ -+ bytes = g_bytes_new_static (pem_data, strlen (pem_data)); -+ -+ num = egg_armor_parse (bytes, on_pem_get_contents, &contents); -+ g_assert_cmpint (num, ==, 1); -+ g_assert (contents != NULL); -+ -+ check = g_bytes_new ("good morning everyone\n", 22); -+ g_assert (g_bytes_equal (check, contents)); -+ -+ g_bytes_unref (check); -+ g_bytes_unref (contents); -+ g_bytes_unref (bytes); -+} -+ -+static void -+test_armor_skip_checksum (void) -+{ -+ const char *pem_data = "-----BEGIN TEST-----\n" -+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n" -+ "=checksum" -+ "-----END TEST-----\n"; -+ -+ GBytes *contents = NULL; -+ GBytes *check; -+ GBytes *bytes; -+ guint num; -+ -+ /* Check that the (above invalid) OpenPGP checksum is skipped */ -+ -+ bytes = g_bytes_new_static (pem_data, strlen (pem_data)); -+ -+ num = egg_armor_parse (bytes, on_pem_get_contents, &contents); -+ g_assert_cmpint (num, ==, 1); -+ g_assert (contents != NULL); -+ -+ check = g_bytes_new ("good morning everyone\n", 22); -+ g_assert (g_bytes_equal (check, contents)); -+ -+ g_bytes_unref (check); -+ g_bytes_unref (contents); -+ g_bytes_unref (bytes); -+} -+ -+static void -+test_invalid (gconstpointer data) -+{ -+ GBytes *bytes; -+ guint num; -+ -+ /* Invalid opening line above */ -+ -+ bytes = g_bytes_new_static (data, strlen (data)); -+ -+ num = egg_armor_parse (bytes, NULL, NULL); -+ g_assert_cmpint (num, ==, 0); -+ -+ g_bytes_unref (bytes); -+} -+ -+int -+main (int argc, char **argv) -+{ -+ g_test_init (&argc, &argv, NULL); -+ -+ g_test_add_func ("/armor/parse", test_armor_parse); -+ g_test_add_func ("/armor/skip-checksum", test_armor_skip_checksum); -+ -+ g_test_add_data_func ("/armor/invalid-start", -+ "-----BEGIN TEST--", -+ test_invalid); -+ g_test_add_data_func ("/armor/invalid-end", -+ "-----BEGIN TEST-----\n" -+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n" -+ "--END TEST-----\n", -+ test_invalid); -+ g_test_add_data_func ("/armor/invalid-mismatch", -+ "-----BEGIN TEST-----\n" -+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n" -+ "-----END CERTIFICATE-----\n", -+ test_invalid); -+ g_test_add_data_func ("/armor/invalid-suffix", -+ "-----BEGIN TEST-----\n" -+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n" -+ "-----END TEST--\n", -+ test_invalid); -+ -+ return g_test_run (); -+} --- -cgit v0.9.0.2 diff --git a/gnome-keyring-3.7.2-egg-armor-memrchr-truncated.patch b/gnome-keyring-3.7.2-egg-armor-memrchr-truncated.patch deleted file mode 100644 index 74533ee..0000000 --- a/gnome-keyring-3.7.2-egg-armor-memrchr-truncated.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 583d9cccdbd5fbd32c7faa67be7722002c6665b3 Mon Sep 17 00:00:00 2001 -From: Stef Walter -Date: Fri, 11 Jan 2013 20:48:23 +0000 -Subject: egg-armor: Handle mismatched but not truncated suffix line - - * Discovered by Gustavo Luiz Duarte - -https://bugzilla.gnome.org/show_bug.cgi?id=691500 ---- -diff --git a/egg/egg-armor.c b/egg/egg-armor.c -index 7c788ad..acb56df 100644 ---- a/egg/egg-armor.c -+++ b/egg/egg-armor.c -@@ -173,7 +173,7 @@ armor_find_end (const gchar *data, - at += n_type; - - /* Next comes the suffix */ -- if (ARMOR_SUFF_L > len && strncmp ((gchar*)at, ARMOR_SUFF, ARMOR_SUFF_L) != 0) -+ if (ARMOR_SUFF_L > len || strncmp ((gchar *)at, ARMOR_SUFF, ARMOR_SUFF_L) != 0) - return NULL; - - /* -diff --git a/egg/tests/test-armor.c b/egg/tests/test-armor.c -index d5a366b..7435a10 100644 ---- a/egg/tests/test-armor.c -+++ b/egg/tests/test-armor.c -@@ -148,6 +148,11 @@ main (int argc, char **argv) - g_test_add_data_func ("/armor/invalid-suffix", - "-----BEGIN TEST-----\n" - "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n" -+ "-----END TEST--xxxxxxxx\n", -+ test_invalid); -+ g_test_add_data_func ("/armor/invalid-truncated", -+ "-----BEGIN TEST-----\n" -+ "Z29vZCBtb3JuaW5nIGV2ZXJ5b25lCg==\n" - "-----END TEST--\n", - test_invalid); - --- -cgit v0.9.0.2 diff --git a/gnome-keyring.spec b/gnome-keyring.spec index 7ca981c..d69288b 100644 --- a/gnome-keyring.spec +++ b/gnome-keyring.spec @@ -6,20 +6,14 @@ Summary: Framework for managing passwords and other secrets Name: gnome-keyring -Version: 3.7.2 -Release: 2%{?dist} +Version: 3.7.5 +Release: 1%{?dist} License: GPLv2+ and LGPLv2+ Group: System Environment/Libraries #VCS: git:git://git.gnome.org/gnome-keyring Source: http://download.gnome.org/sources/gnome-keyring/3.7/gnome-keyring-%{version}.tar.xz URL: http://www.gnome.org -# https://bugzilla.redhat.com/show_bug.cgi?id=893162 -# /usr/bin/gnome-keyring-daemon coredumps at startup -Patch1: gnome-keyring-3.7.2-egg-armor-memrchr-negative.patch -Patch2: gnome-keyring-3.7.2-egg-armor-memrchr-truncated.patch - - BuildRequires: glib2-devel >= %{glib2_version} BuildRequires: gcr-devel >= %{gcr_version} BuildRequires: dbus-devel >= %{dbus_version} @@ -61,9 +55,6 @@ automatically unlock the "login" keyring when the user logs in. %prep %setup -q -n gnome-keyring-%{version} -%patch1 -p1 -b .egg-armor-memrchr-negative -%patch2 -p1 -b .egg-armor-memrchr-truncated - %build %configure \ --with-pam-dir=/%{_lib}/security \ @@ -119,6 +110,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas >&/dev/null || : %changelog +* Wed Feb 06 2013 Kalev Lember - 3.7.5-1 +- Update to 3.7.5 + * Mon Jan 14 2013 Tomas Bzatek - 3.7.2-2 - Fix crash on parsing some certificates (#893162) diff --git a/sources b/sources index 732c011..87dc77f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3c5a5a451c0f96af719d25cd5c2bf6b1 gnome-keyring-3.7.2.tar.xz +f2821561c59852e0d92dd1ddc2b9e925 gnome-keyring-3.7.5.tar.xz