From d9ddd85598b466435e4cdf551e11b2e67e8e65c5 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 4 May 2020 18:14:17 +0200 Subject: [PATCH] fixes for issues found in Coverity scan --- gnupg-2.2.20-coverity.patch | 319 ++++++++++++++++++++++++++++++++++++ gnupg2.spec | 9 +- 2 files changed, 327 insertions(+), 1 deletion(-) create mode 100644 gnupg-2.2.20-coverity.patch diff --git a/gnupg-2.2.20-coverity.patch b/gnupg-2.2.20-coverity.patch new file mode 100644 index 0000000..a1c4a0a --- /dev/null +++ b/gnupg-2.2.20-coverity.patch @@ -0,0 +1,319 @@ +diff -up gnupg-2.2.20/common/server-help.c.coverity gnupg-2.2.20/common/server-help.c +--- gnupg-2.2.20/common/server-help.c.coverity 2019-02-11 10:59:34.000000000 +0100 ++++ gnupg-2.2.20/common/server-help.c 2020-05-04 12:00:01.085945639 +0200 +@@ -156,7 +156,7 @@ get_option_value (char *line, const char + *pend = 0; + *r_value = xtrystrdup (p); + *pend = c; +- if (!p) ++ if (!*r_value) + return my_error_from_syserror (); + return 0; + } +diff -up gnupg-2.2.20/dirmngr/dns.c.coverity gnupg-2.2.20/dirmngr/dns.c +--- gnupg-2.2.20/dirmngr/dns.c.coverity 2019-07-09 11:08:45.000000000 +0200 ++++ gnupg-2.2.20/dirmngr/dns.c 2020-05-04 18:04:12.285521661 +0200 +@@ -10106,9 +10106,8 @@ static const struct { + { "AR", DNS_S_ADDITIONAL }, + }; + +-const char *(dns_strsection)(enum dns_section section) { +- char _dst[DNS_STRMAXLEN + 1] = { 0 }; +- struct dns_buf dst = DNS_B_INTO(_dst, sizeof _dst); ++const char *(dns_strsection)(enum dns_section section, void *_dst, size_t lim) { ++ struct dns_buf dst = DNS_B_INTO(_dst, lim); + unsigned i; + + for (i = 0; i < lengthof(dns_sections); i++) { +@@ -10156,9 +10155,8 @@ static const struct { + { "IN", DNS_C_IN }, + }; + +-const char *(dns_strclass)(enum dns_class type) { +- char _dst[DNS_STRMAXLEN + 1] = { 0 }; +- struct dns_buf dst = DNS_B_INTO(_dst, sizeof _dst); ++const char *(dns_strclass)(enum dns_class type, void *_dst, size_t lim) { ++ struct dns_buf dst = DNS_B_INTO(_dst, lim); + unsigned i; + + for (i = 0; i < lengthof(dns_classes); i++) { +@@ -10193,9 +10191,8 @@ enum dns_class dns_iclass(const char *na + } /* dns_iclass() */ + + +-const char *(dns_strtype)(enum dns_type type) { +- char _dst[DNS_STRMAXLEN + 1] = { 0 }; +- struct dns_buf dst = DNS_B_INTO(_dst, sizeof _dst); ++const char *(dns_strtype)(enum dns_type type, void *_dst, size_t lim) { ++ struct dns_buf dst = DNS_B_INTO(_dst, lim); + unsigned i; + + for (i = 0; i < lengthof(dns_rrtypes); i++) { +diff -up gnupg-2.2.20/dirmngr/dns.h.coverity gnupg-2.2.20/dirmngr/dns.h +--- gnupg-2.2.20/dirmngr/dns.h.coverity 2019-03-07 13:03:26.000000000 +0100 ++++ gnupg-2.2.20/dirmngr/dns.h 2020-05-04 18:04:12.287521625 +0200 +@@ -272,15 +272,25 @@ enum dns_rcode { + */ + #define DNS_STRMAXLEN 47 /* "QUESTION|ANSWER|AUTHORITY|ADDITIONAL" */ + +-DNS_PUBLIC const char *dns_strsection(enum dns_section); ++DNS_PUBLIC const char *dns_strsection(enum dns_section, void *, size_t); ++#define dns_strsection3(a, b, c) \ ++ dns_strsection((a), (b), (c)) ++#define dns_strsection1(a) dns_strsection((a), (char [DNS_STRMAXLEN + 1]){ 0 }, DNS_STRMAXLEN + 1) ++#define dns_strsection(...) DNS_PP_CALL(DNS_PP_XPASTE(dns_strsection, DNS_PP_NARG(__VA_ARGS__)), __VA_ARGS__) + + DNS_PUBLIC enum dns_section dns_isection(const char *); + +-DNS_PUBLIC const char *dns_strclass(enum dns_class); ++DNS_PUBLIC const char *dns_strclass(enum dns_class, void *, size_t); ++#define dns_strclass3(a, b, c) dns_strclass((a), (b), (c)) ++#define dns_strclass1(a) dns_strclass((a), (char [DNS_STRMAXLEN + 1]){ 0 }, DNS_STRMAXLEN + 1) ++#define dns_strclass(...) DNS_PP_CALL(DNS_PP_XPASTE(dns_strclass, DNS_PP_NARG(__VA_ARGS__)), __VA_ARGS__) + + DNS_PUBLIC enum dns_class dns_iclass(const char *); + +-DNS_PUBLIC const char *dns_strtype(enum dns_type); ++DNS_PUBLIC const char *dns_strtype(enum dns_type, void *, size_t); ++#define dns_strtype3(a, b, c) dns_strtype((a), (b), (c)) ++#define dns_strtype1(a) dns_strtype((a), (char [DNS_STRMAXLEN + 1]){ 0 }, DNS_STRMAXLEN + 1) ++#define dns_strtype(...) DNS_PP_CALL(DNS_PP_XPASTE(dns_strtype, DNS_PP_NARG(__VA_ARGS__)), __VA_ARGS__) + + DNS_PUBLIC enum dns_type dns_itype(const char *); + +diff -up gnupg-2.2.20/dirmngr/domaininfo.c.coverity gnupg-2.2.20/dirmngr/domaininfo.c +--- gnupg-2.2.20/dirmngr/domaininfo.c.coverity 2019-07-09 11:08:45.000000000 +0200 ++++ gnupg-2.2.20/dirmngr/domaininfo.c 2020-05-04 17:54:30.800899152 +0200 +@@ -193,6 +193,7 @@ insert_or_update (const char *domain, + log_error ("domaininfo: error allocating helper array: %s\n", + gpg_strerror (gpg_err_code_from_syserror ())); + drop_extra = bucket; ++ xfree (di_new); + goto leave; + } + narray = 0; +@@ -258,6 +259,8 @@ insert_or_update (const char *domain, + * sensible strategy. */ + drop_extra = domainbuckets[hash]; + domainbuckets[hash] = keep; ++ ++ xfree (array); + } + + /* Insert */ +diff -up gnupg-2.2.20/dirmngr/http.c.coverity gnupg-2.2.20/dirmngr/http.c +--- gnupg-2.2.20/dirmngr/http.c.coverity 2019-11-18 18:44:33.000000000 +0100 ++++ gnupg-2.2.20/dirmngr/http.c 2020-05-04 17:00:47.826878715 +0200 +@@ -3656,7 +3656,6 @@ http_prepare_redirect (http_redir_info_t + if (!newurl) + { + err = gpg_error_from_syserror (); +- http_release_parsed_uri (locuri); + return err; + } + } +@@ -3675,7 +3674,6 @@ http_prepare_redirect (http_redir_info_t + if (!newurl) + { + err = gpg_error_from_syserror (); +- http_release_parsed_uri (locuri); + return err; + } + } +diff -up gnupg-2.2.20/dirmngr/ks-engine-hkp.c.coverity gnupg-2.2.20/dirmngr/ks-engine-hkp.c +--- gnupg-2.2.20/dirmngr/ks-engine-hkp.c.coverity 2019-11-18 18:44:33.000000000 +0100 ++++ gnupg-2.2.20/dirmngr/ks-engine-hkp.c 2020-05-04 12:39:49.970920664 +0200 +@@ -1426,7 +1426,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t + int reselect; + unsigned int httpflags; + char *httphost = NULL; +- unsigned int http_status; ++ unsigned int http_status = 0; + unsigned int tries = SEND_REQUEST_RETRIES; + unsigned int extra_tries = SEND_REQUEST_EXTRA_RETRIES; + +diff -up gnupg-2.2.20/g10/card-util.c.coverity gnupg-2.2.20/g10/card-util.c +--- gnupg-2.2.20/g10/card-util.c.coverity 2020-03-03 13:33:22.000000000 +0100 ++++ gnupg-2.2.20/g10/card-util.c 2020-05-04 16:56:47.788157786 +0200 +@@ -704,7 +704,7 @@ card_status (ctrl_t ctrl, estream_t fp, + { + int err; + strlist_t card_list, sl; +- char *serialno0, *serialno1; ++ char *serialno0, *serialno1 = NULL; + int all_cards = 0; + int any_card = 0; + +@@ -749,6 +749,7 @@ card_status (ctrl_t ctrl, estream_t fp, + + current_card_status (ctrl, fp, NULL, 0); + xfree (serialno1); ++ serialno1 = NULL; + + if (!all_cards) + goto leave; +diff -up gnupg-2.2.20/g10/import.c.coverity gnupg-2.2.20/g10/import.c +--- gnupg-2.2.20/g10/import.c.coverity 2020-05-04 12:34:39.820379830 +0200 ++++ gnupg-2.2.20/g10/import.c 2020-05-04 12:34:55.366106195 +0200 +@@ -1888,7 +1888,7 @@ import_one_real (ctrl_t ctrl, + + if (opt.interactive && !silent) + { +- if (is_status_enabled()) ++ if (uidnode && is_status_enabled()) + print_import_check (pk, uidnode->pkt->pkt.user_id); + merge_keys_and_selfsig (ctrl, keyblock); + tty_printf ("\n"); +diff -up gnupg-2.2.20/g10/keygen.c.coverity gnupg-2.2.20/g10/keygen.c +--- gnupg-2.2.20/g10/keygen.c.coverity 2020-05-04 12:23:04.852613017 +0200 ++++ gnupg-2.2.20/g10/keygen.c 2020-05-04 17:33:18.923891110 +0200 +@@ -3075,7 +3075,7 @@ parse_key_parameter_part (ctrl_t ctrl, + char *endp; + const char *curve = NULL; + int ecdh_or_ecdsa = 0; +- unsigned int size; ++ unsigned int size = 0; + int keyuse; + int i; + const char *s; +@@ -5719,12 +5719,20 @@ gen_card_key (int keyno, int algo, int i + the self-signatures. */ + err = agent_readkey (NULL, 1, keyid, &public); + if (err) +- return err; ++ { ++ xfree (pkt); ++ xfree (pk); ++ return err; ++ } + err = gcry_sexp_sscan (&s_key, NULL, public, + gcry_sexp_canon_len (public, 0, NULL, NULL)); + xfree (public); + if (err) +- return err; ++ { ++ xfree (pkt); ++ xfree (pk); ++ return err; ++ } + + if (algo == PUBKEY_ALGO_RSA) + err = key_from_sexp (pk->pkey, s_key, "public-key", "ne"); +@@ -5739,6 +5747,7 @@ gen_card_key (int keyno, int algo, int i + if (err) + { + log_error ("key_from_sexp failed: %s\n", gpg_strerror (err) ); ++ xfree (pkt); + free_public_key (pk); + return err; + } +diff -up gnupg-2.2.20/g10/sig-check.c.coverity gnupg-2.2.20/g10/sig-check.c +--- gnupg-2.2.20/g10/sig-check.c.coverity 2020-05-04 12:18:18.515653963 +0200 ++++ gnupg-2.2.20/g10/sig-check.c 2020-05-04 12:18:33.599388425 +0200 +@@ -902,6 +902,7 @@ check_signature_over_key_or_uid (ctrl_t + { + /* Issued by a subkey. */ + signer = subk; ++ *is_selfsig = 1; + break; + } + } +diff -up gnupg-2.2.20/g10/sign.c.coverity gnupg-2.2.20/g10/sign.c +--- gnupg-2.2.20/g10/sign.c.coverity 2020-04-30 11:56:43.909360043 +0200 ++++ gnupg-2.2.20/g10/sign.c 2020-05-04 12:08:56.651544958 +0200 +@@ -823,7 +823,7 @@ write_signature_packets (ctrl_t ctrl, + PKT_public_key *pk; + PKT_signature *sig; + gcry_md_hd_t md; +- gpg_error_t err; ++ gpg_error_t err = 0; + + pk = sk_rover->pk; + +diff -up gnupg-2.2.20/kbx/keybox-dump.c.coverity gnupg-2.2.20/kbx/keybox-dump.c +--- gnupg-2.2.20/kbx/keybox-dump.c.coverity 2019-08-23 15:59:06.000000000 +0200 ++++ gnupg-2.2.20/kbx/keybox-dump.c 2020-05-04 17:25:53.365946213 +0200 +@@ -786,11 +786,15 @@ _keybox_dump_cut_records (const char *fi + while ( !(rc = _keybox_read_blob (&blob, fp, NULL)) ) + { + if (recno > to) +- break; /* Ready. */ ++ { ++ _keybox_release_blob (blob); ++ break; /* Ready. */ ++ } + if (recno >= from) + { + if ((rc = _keybox_write_blob (blob, outfp))) + { ++ _keybox_release_blob (blob); + fprintf (stderr, "error writing output: %s\n", + gpg_strerror (rc)); + goto leave; +diff -up gnupg-2.2.20/tools/gpg-wks-server.c.coverity gnupg-2.2.20/tools/gpg-wks-server.c +--- gnupg-2.2.20/tools/gpg-wks-server.c.coverity 2020-02-10 16:12:13.000000000 +0100 ++++ gnupg-2.2.20/tools/gpg-wks-server.c 2020-05-04 11:52:42.547643198 +0200 +@@ -890,15 +890,18 @@ store_key_as_pending (const char *dir, e + } + + leave: +- if (err) ++ if (fname) + { +- es_fclose (outfp); +- gnupg_remove (fname); +- } +- else if (es_fclose (outfp)) +- { +- err = gpg_error_from_syserror (); +- log_error ("error closing '%s': %s\n", fname, gpg_strerror (err)); ++ if (err) ++ { ++ es_fclose (outfp); ++ gnupg_remove (fname); ++ } ++ else if (es_fclose (outfp)) ++ { ++ err = gpg_error_from_syserror (); ++ log_error ("error closing '%s': %s\n", fname, gpg_strerror (err)); ++ } + } + + if (!err) +diff -up gnupg-2.2.20/tools/wks-util.c.coverity gnupg-2.2.20/tools/wks-util.c +--- gnupg-2.2.20/tools/wks-util.c.coverity 2020-05-04 12:02:21.839475031 +0200 ++++ gnupg-2.2.20/tools/wks-util.c 2020-05-04 17:23:19.552726949 +0200 +@@ -948,7 +948,7 @@ ensure_policy_file (const char *addrspec + static gpg_error_t + install_key_from_spec_file (const char *fname) + { +- gpg_error_t err; ++ gpg_error_t err = 0; + estream_t fp; + char *line = NULL; + size_t linelen = 0; +@@ -1195,10 +1195,8 @@ wks_cmd_print_wkd_hash (const char *user + char *addrspec, *fname; + + err = wks_fname_from_userid (userid, 1, &fname, &addrspec); +- if (err) +- return err; +- +- es_printf ("%s %s\n", fname, addrspec); ++ if (!err) ++ es_printf ("%s %s\n", fname, addrspec); + + xfree (fname); + xfree (addrspec); +@@ -1216,7 +1214,10 @@ wks_cmd_print_wkd_url (const char *useri + + err = wks_fname_from_userid (userid, 1, &fname, &addrspec); + if (err) +- return err; ++ { ++ xfree (addrspec); ++ return err; ++ } + + domain = strchr (addrspec, '@'); + if (domain) diff --git a/gnupg2.spec b/gnupg2.spec index 2749163..b50d23f 100644 --- a/gnupg2.spec +++ b/gnupg2.spec @@ -7,7 +7,7 @@ Summary: Utility for secure communication and data storage Name: gnupg2 Version: 2.2.20 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv3+ Source0: ftp://ftp.gnupg.org/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2 @@ -27,6 +27,8 @@ Patch9: gnupg-2.1.21-large-rsa.patch Patch20: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch Patch21: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch +# Fixes for issues found in Coverity scan - reported upstream +Patch30: gnupg-2.2.20-coverity.patch URL: http://www.gnupg.org/ @@ -109,6 +111,8 @@ to the base GnuPG package %patch21 -p1 -b .prev_known_key %patch22 -p1 -b .good_revoc +%patch30 -p1 -b .coverity + # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper) # Note: this is just the name of the default shared lib to load in scdaemon, # it can use other implementations too (including non-pcsc ones). @@ -220,6 +224,9 @@ make -k check %changelog +* Mon May 4 2020 Tomáš Mráz - 2.2.20-3 +- fixes for issues found in Coverity scan + * Thu Apr 30 2020 Tomáš Mráz - 2.2.20-2 - move systemd user units to _userunitdir (no activation by default)