From e52db9dae7275c0325cd203fa7039a4a33bf5a7e Mon Sep 17 00:00:00 2001 From: Leah Neukirchen Date: Tue, 7 Jan 2020 17:42:28 +0100 Subject: cvs update --- src/usr.bin/signify/zsig.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'src/usr.bin/signify/zsig.c') diff --git a/src/usr.bin/signify/zsig.c b/src/usr.bin/signify/zsig.c index 35ab0cd..e3533fd 100644 --- a/src/usr.bin/signify/zsig.c +++ b/src/usr.bin/signify/zsig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: zsig.c,v 1.16 2019/03/23 07:10:06 tedu Exp $ */ +/* $OpenBSD: zsig.c,v 1.18 2019/12/22 06:37:25 espie Exp $ */ /* * Copyright (c) 2016 Marc Espie * @@ -180,8 +180,8 @@ zverify(const char *pubkeyfile, const char *msgfile, const char *sigfile, const char *keytype) { struct gzheader h; - size_t bufsize; - char *p, *meta; + size_t bufsize, len; + char *p; uint8_t *bufend; int fdin, fdout; @@ -197,13 +197,13 @@ zverify(const char *pubkeyfile, const char *msgfile, const char *sigfile, if (!(h.flg & FCOMMENT_FLAG)) errx(1, "unsigned gzip archive"); fake[8] = h.xflg; + len = h.endcomment-h.comment; - p = verifyzdata(h.comment, h.endcomment-h.comment, sigfile, + p = verifyzdata(h.comment, len, sigfile, pubkeyfile, keytype); bufsize = MYBUFSIZE; - meta = p; #define BEGINS_WITH(x, y) memcmp((x), (y), sizeof(y)-1) == 0 while (BEGINS_WITH(p, "algorithm=SHA512/256") || @@ -216,14 +216,11 @@ zverify(const char *pubkeyfile, const char *msgfile, const char *sigfile, if (*p != '\n') errx(1, "invalid signature"); - *(p++) = 0; fdout = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); - /* we don't actually copy the header, but put in a fake one with about - * zero useful information. - */ writeall(fdout, fake, sizeof fake, msgfile); - writeall(fdout, meta, p - meta, msgfile); + writeall(fdout, h.comment, len+1, msgfile); + *(p++) = 0; copy_blocks(fdout, fdin, p, h.endcomment, bufsize, bufend); free(h.buffer); close(fdout); -- cgit 1.4.1