diff options
| author | Christian Neukirchen <chneukirchen@gmail.com> | 2015-01-28 14:31:09 +0100 |
|---|---|---|
| committer | Christian Neukirchen <chneukirchen@gmail.com> | 2015-01-28 14:31:09 +0100 |
| commit | c9c371ec3ea85f25cfa5d31144689940d1f769a7 (patch) | |
| tree | 2aaf464de6ec0b7125af26271ba8b25d6e13fa5d /src/usr.bin/signify | |
| parent | caa03bd0b43a89dcc93397182dc969417f09ba7c (diff) | |
| download | outils-c9c371ec3ea85f25cfa5d31144689940d1f769a7.tar.gz outils-c9c371ec3ea85f25cfa5d31144689940d1f769a7.tar.xz outils-c9c371ec3ea85f25cfa5d31144689940d1f769a7.zip | |
cvs update
Diffstat (limited to 'src/usr.bin/signify')
| -rw-r--r-- | src/usr.bin/signify/signify.1 | 6 | ||||
| -rw-r--r-- | src/usr.bin/signify/signify.c | 17 |
2 files changed, 14 insertions, 9 deletions
diff --git a/src/usr.bin/signify/signify.1 b/src/usr.bin/signify/signify.1 index 5ffe509..b2ac679 100644 --- a/src/usr.bin/signify/signify.1 +++ b/src/usr.bin/signify/signify.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: signify.1,v 1.29 2015/01/07 10:29:22 florian Exp $ +.\" $OpenBSD: signify.1,v 1.30 2015/01/20 20:50:36 tedu Exp $ .\" .\"Copyright (c) 2013 Marc Espie <espie@openbsd.org> .\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org> @@ -14,7 +14,7 @@ .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.Dd $Mdocdate: January 7 2015 $ +.Dd $Mdocdate: January 20 2015 $ .Dt SIGNIFY 1 .Os .Sh NAME @@ -164,3 +164,5 @@ The .Nm command first appeared in .Ox 5.5 . +.Sh AUTHORS +.An Ted Unangst Aq Mt tedu@openbsd.org diff --git a/src/usr.bin/signify/signify.c b/src/usr.bin/signify/signify.c index 7f13eca..06d28da 100644 --- a/src/usr.bin/signify/signify.c +++ b/src/usr.bin/signify/signify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: signify.c,v 1.96 2015/01/07 19:53:34 tedu Exp $ */ +/* $OpenBSD: signify.c,v 1.100 2015/01/16 06:16:12 tedu Exp $ */ /* * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org> * @@ -19,6 +19,7 @@ #include <netinet/in.h> #include <resolv.h> +#include <limits.h> #include <stdint.h> #include <fcntl.h> #include <string.h> @@ -179,7 +180,7 @@ readmsg(const char *filename, unsigned long long *msglenp) errx(1, "msg too large in %s", filename); space = sb.st_size + 1; } else { - space = 64 * 1024; + space = 64 * 1024 - 1; } msg = xmalloc(space + 1); @@ -507,7 +508,7 @@ verify(const char *pubkeyfile, const char *msgfile, const char *sigfile, #ifndef VERIFYONLY #define HASHBUFSIZE 224 struct checksum { - char file[1024]; + char file[PATH_MAX]; char hash[HASHBUFSIZE]; char algo[32]; }; @@ -591,11 +592,13 @@ verifychecksums(char *msg, int argc, char **argv, int quiet) while (line && *line) { if ((endline = strchr(line, '\n'))) *endline++ = '\0'; - rv = sscanf(line, "%31s (%1023s = %223s", +#if PATH_MAX < 1024 || HASHBUFSIZE < 224 +#error sizes are wrong +#endif + rv = sscanf(line, "%31s (%1023[^)]) = %223s", c.algo, c.file, c.hash); - if (rv != 3 || c.file[0] == 0 || c.file[strlen(c.file)-1] != ')') + if (rv != 3) errx(1, "unable to parse checksum line %s", line); - c.file[strlen(c.file) - 1] = '\0'; line = endline; if (argc) { slot = ohash_qlookup(&myh, c.file); @@ -647,7 +650,7 @@ main(int argc, char **argv) { const char *pubkeyfile = NULL, *seckeyfile = NULL, *msgfile = NULL, *sigfile = NULL; - char sigfilebuf[1024]; + char sigfilebuf[PATH_MAX]; const char *comment = "signify"; int ch, rounds; int embedded = 0; |