mirror of
https://anongit.gentoo.org/git/repo/gentoo.git
synced 2025-12-21 02:42:18 +00:00
110 lines
3.2 KiB
Diff
110 lines
3.2 KiB
Diff
From 2160498461d6a9298cc7e6707bf3cad94d66d14f Mon Sep 17 00:00:00 2001
|
|
Message-ID: <2160498461d6a9298cc7e6707bf3cad94d66d14f.1760957586.git.sam@gentoo.org>
|
|
In-Reply-To: <9f08064fef75ce02df9b6133d240c0fa84df458e.1760957586.git.sam@gentoo.org>
|
|
References: <9f08064fef75ce02df9b6133d240c0fa84df458e.1760957586.git.sam@gentoo.org>
|
|
From: Craig Mason-Jones <craig@lateral.co.za>
|
|
Date: Sun, 3 Sep 2023 12:04:37 +0200
|
|
Subject: [PATCH 04/10] rec-crypt.c: do not assume the output buffer is NULL
|
|
terminated in rec_decrypt
|
|
|
|
2023-09-03 Craig Mason-Jones <craig@lateral.co.za>
|
|
|
|
* torture/utils/recsel.sh (recsel-confidential-12): New test.
|
|
(confidential12): New input file.
|
|
* src/rec-crypt.c (rec_decrypt): The output buffer may not be
|
|
null-terminated.
|
|
---
|
|
ChangeLog | 7 +++++++
|
|
src/rec-crypt.c | 15 +++++++++------
|
|
torture/utils/recsel.sh | 17 +++++++++++++++++
|
|
3 files changed, 33 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/ChangeLog b/ChangeLog
|
|
index d7cba1a..02c15d2 100644
|
|
--- a/ChangeLog
|
|
+++ b/ChangeLog
|
|
@@ -1,3 +1,10 @@
|
|
+2023-09-03 Craig Mason-Jones <craig@lateral.co.za>
|
|
+
|
|
+ * torture/utils/recsel.sh (recsel-confidential-12): New test.
|
|
+ (confidential12): New input file.
|
|
+ * src/rec-crypt.c (rec_decrypt): The output buffer may not be
|
|
+ null-terminated.
|
|
+
|
|
2023-06-05 Jose E. Marchesi <jemarch@gnu.org>
|
|
|
|
* configure.ac: Use gl_PROG_BISON instead of gl_BISON.
|
|
diff --git a/src/rec-crypt.c b/src/rec-crypt.c
|
|
index 97e92f4..5c88716 100644
|
|
--- a/src/rec-crypt.c
|
|
+++ b/src/rec-crypt.c
|
|
@@ -219,22 +219,25 @@ rec_decrypt (char *in,
|
|
/* Make sure the decrypted data is ok by checking the CRC at the end
|
|
of the sequence. */
|
|
|
|
- if (strlen(*out) > 4)
|
|
+ /* If there no padding added in the encryption stage, the data and
|
|
+ CRC fills the output buffer. This means that strlen (*out) would
|
|
+ fail, because it might buffer over-run. */
|
|
+ size_t outlen = strnlen (*out, *out_size);
|
|
+
|
|
+ if (outlen > 4)
|
|
{
|
|
uint32_t crc = 0;
|
|
-
|
|
- memcpy (&crc, *out + strlen(*out) - 4, 4);
|
|
+ memcpy (&crc, *out + outlen - 4, 4);
|
|
#if defined WORDS_BIGENDIAN
|
|
crc = rec_endian_swap (crc);
|
|
#endif
|
|
-
|
|
- if (crc32 (*out, strlen(*out) - 4) != crc)
|
|
+ if (crc32 (*out, outlen - 4) != crc)
|
|
{
|
|
gcry_cipher_close (handler);
|
|
return false;
|
|
}
|
|
|
|
- (*out)[strlen(*out) - 4] = '\0';
|
|
+ (*out)[outlen - 4] = '\0';
|
|
}
|
|
else
|
|
{
|
|
diff --git a/torture/utils/recsel.sh b/torture/utils/recsel.sh
|
|
index b868cef..6ce2a59 100755
|
|
--- a/torture/utils/recsel.sh
|
|
+++ b/torture/utils/recsel.sh
|
|
@@ -171,6 +171,15 @@ User: foo
|
|
Password: encrypted-MHyd3Dqz+iaViL8h1m18sA==
|
|
'
|
|
|
|
+test_declare_input_file confidential12 \
|
|
+'%rec: Login
|
|
+%doc: Login to a website or application
|
|
+%type: Name line
|
|
+%confidential: Password
|
|
+
|
|
+Name: Test2
|
|
+Password: encrypted-YaDdF2AIprCfgUjOPlCWO8/WFq0=
|
|
+'
|
|
test_declare_input_file sort \
|
|
'%rec: Sorted
|
|
%sort: Id
|
|
@@ -1242,6 +1251,14 @@ test_tool recsel-confidential-num ok \
|
|
Password: secret
|
|
'
|
|
|
|
+test_tool recsel-confidential-12 ok \
|
|
+ recsel \
|
|
+ '-s thisismyverysecretpassword' \
|
|
+ confidential12 \
|
|
+'Name: Test2
|
|
+Password: 123456789012
|
|
+'
|
|
+
|
|
fi # crypt_support
|
|
|
|
test_tool recsel-sort ok \
|
|
--
|
|
2.51.1
|
|
|