summaryrefslogtreecommitdiff
path: root/src/lib/eet
diff options
context:
space:
mode:
authorCarsten Haitzler (Rasterman) <raster@rasterman.com>2015-10-07 17:24:20 +0900
committerCarsten Haitzler (Rasterman) <raster@rasterman.com>2015-10-07 17:50:18 +0900
commita5747f1ab3ec3d3876b73c08501a1e52404733f0 (patch)
treeb2d65077d0204224cd8f0a16a1946542d0d19150 /src/lib/eet
parent44af3cb718a4354ef5e42b510daf29b5f6b3c282 (diff)
eet - be robust about garbage at the end that looks like an idenity
if there is an identity signaure at the end, ONLY check it if it looks like a real one (correct magic number, cert and sig size fields are sane etc.). this means eet opens dont fail for files that may have trailing garbage or padding that is not an eet identity signature.
Diffstat (limited to 'src/lib/eet')
-rw-r--r--src/lib/eet/Eet_private.h2
-rw-r--r--src/lib/eet/eet_cipher.c2
-rw-r--r--src/lib/eet/eet_lib.c42
3 files changed, 32 insertions, 14 deletions
diff --git a/src/lib/eet/Eet_private.h b/src/lib/eet/Eet_private.h
index b487cf82f5..c2e6702cac 100644
--- a/src/lib/eet/Eet_private.h
+++ b/src/lib/eet/Eet_private.h
@@ -334,4 +334,6 @@ void eet_mempool_shutdown(void);
334# define EET_ASSERT(Test, Do) if (Test == 0) {abort(); } 334# define EET_ASSERT(Test, Do) if (Test == 0) {abort(); }
335#endif /* ifdef DNDEBUG */ 335#endif /* ifdef DNDEBUG */
336 336
337#define EET_MAGIC_SIGN 0x1ee74271
338
337#endif /* ifndef _EET_PRIVATE_H */ 339#endif /* ifndef _EET_PRIVATE_H */
diff --git a/src/lib/eet/eet_cipher.c b/src/lib/eet/eet_cipher.c
index 65a8635929..6ccb9cc48c 100644
--- a/src/lib/eet/eet_cipher.c
+++ b/src/lib/eet/eet_cipher.c
@@ -51,8 +51,6 @@
51#include "Eet.h" 51#include "Eet.h"
52#include "Eet_private.h" 52#include "Eet_private.h"
53 53
54#define EET_MAGIC_SIGN 0x1ee74271
55
56#ifdef HAVE_GNUTLS 54#ifdef HAVE_GNUTLS
57# define MAX_KEY_LEN 32 55# define MAX_KEY_LEN 32
58# define MAX_IV_LEN 16 56# define MAX_IV_LEN 16
diff --git a/src/lib/eet/eet_lib.c b/src/lib/eet/eet_lib.c
index 367c7409fd..11d07069b6 100644
--- a/src/lib/eet/eet_lib.c
+++ b/src/lib/eet/eet_lib.c
@@ -982,18 +982,36 @@ eet_internal_read2(Eet_File *ef)
982#ifdef HAVE_SIGNATURE 982#ifdef HAVE_SIGNATURE
983 const unsigned char *buffer = ((const unsigned char *)ef->data) + 983 const unsigned char *buffer = ((const unsigned char *)ef->data) +
984 signature_base_offset; 984 signature_base_offset;
985 ef->x509_der = eet_identity_check(ef->data, 985 unsigned long int sig_size = ef->data_size - signature_base_offset;
986 signature_base_offset, 986
987 &ef->sha1, 987 /* check that the signature is a sane size to bother even checking */
988 &ef->sha1_length, 988 if (sig_size >= (3 * sizeof(int)))
989 buffer, 989 {
990 ef->data_size - signature_base_offset, 990 int head[3];
991 &ef->signature, 991
992 &ef->signature_length, 992 /* check the signature has the magic number and sig + cert len
993 &ef->x509_length); 993 * + magic is sane */
994 994 memcpy(head, buffer, 3 * sizeof(int));
995 if (eet_test_close(!ef->x509_der, ef)) 995 head[0] = ntohl(head[0]);
996 return NULL; 996 head[1] = ntohl(head[1]);
997 head[2] = ntohl(head[2]);
998 if ((head[0] == EET_MAGIC_SIGN) && (head[1] > 0) && (head[2] > 0))
999 {
1000 /* there appears to be an actual valid identity at the end
1001 * so now actually check it */
1002 ef->x509_der = eet_identity_check(ef->data,
1003 signature_base_offset,
1004 &ef->sha1,
1005 &ef->sha1_length,
1006 buffer,
1007 sig_size,
1008 &ef->signature,
1009 &ef->signature_length,
1010 &ef->x509_length);
1011
1012 if (eet_test_close(!ef->x509_der, ef)) return NULL;
1013 }
1014 }
997 1015
998#else /* ifdef HAVE_SIGNATURE */ 1016#else /* ifdef HAVE_SIGNATURE */
999 ERR( 1017 ERR(