From eikemeier@fillmore-labs.com  Fri May  7 05:13:40 2004
Return-Path: <eikemeier@fillmore-labs.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7B55E16A4CE
	for <FreeBSD-gnats-submit@FreeBSD.org>; Fri,  7 May 2004 05:13:40 -0700 (PDT)
Received: from fillmore.dyndns.org (port-212-202-49-130.reverse.qsc.de [212.202.49.130])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6FA0043D60
	for <FreeBSD-gnats-submit@FreeBSD.org>; Fri,  7 May 2004 05:13:39 -0700 (PDT)
	(envelope-from eikemeier@fillmore-labs.com)
Received: from [172.16.0.2] (helo=fillmore-labs.com)
	by fillmore.dyndns.org with esmtp (Exim 4.33; FreeBSD)
	id 1BM4EQ-0009Lv-6k
	for FreeBSD-gnats-submit@FreeBSD.org; Fri, 07 May 2004 14:13:38 +0200
Message-Id: <409B7D6F.7030709@fillmore-labs.com>
Date: Fri, 07 May 2004 14:13:35 +0200
From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
To: FreeBSD-gnats-submit@FreeBSD.org
Subject: pkg_sign -t sha1 broken

>Number:         66354
>Category:       bin
>Synopsis:       pkg_sign -t sha1 broken
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    eik
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 07 05:20:11 PDT 2004
>Closed-Date:    Fri Aug 13 17:13:55 GMT 2004
>Last-Modified:  Fri Aug 13 17:13:55 GMT 2004
>Originator:     Oliver Eikemeier
>Release:        FreeBSD 4.10-STABLE i386
>Organization:
Fillmore Labs - http://www.fillmore-labs.com
>Environment:
System: FreeBSD nuuk.fillmore-labs.com 4.10-STABLE

>Description:

SHA1 signature generation of the pkg_sign utility outputs the SHA1
digest in binary, making it unusable. Moreover, the utility frees
memory not allocated.

>How-To-Repeat:

  > fetch ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4.10-release/All/libltdl-1.5.2.tgz
  > pkg_sign -u libltdl-1.5.2.tgz -t sha1 libltdl-1.5.2.tgz libltdl-1.5.2.tgz
  SHA1 (libltdl-1.5.2.tgz) = +??r?N?6???,!m?R`r.:
  pkg_sign: Corrupted SHA1 header in libltdl-1.5.2.tgz
  Segmentation fault (core dumped)

Expected result:

  > fetch ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4.10-release/All/libltdl-1.5.2.tgz
  > pkg_sign -u libltdl-1.5.2.tgz -t sha1 libltdl-1.5.2.tgz libltdl-1.5.2.tgz
  SHA1 (libltdl-1.5.2.tgz) = 2bbbe772b04eb436c1c9b12c216db7526072853a
  SHA1 (libltdl-1.5.2.tgz) = cb312cb4b82e5ba971a1f113e568297355004d67

>Fix:

The pkg_sign and pkg_check utilites work only with gzipped archives, so they are of
limited use for 5.x users. Since nobody seemed to care about them in 4.x (SHA1 signature
was never tested, and the code contains multiple problems), they should simply be removed
from the base system or replaced by something better. In the meantime, the following patch
fixed the bugs above:

Index: pkg_install/sign/Makefile
--- pkg_install/sign/Makefile	25 Jan 2004 14:35:27 -0000
+++ pkg_install/sign/Makefile	7 May 2004 11:51:04 -0000
@@ -7,9 +7,13 @@
 SRCS=	main.c check.c common.c gzip.c pgp_check.c pgp_sign.c \
 	sha1.c sign.c stand.c x509.c
 
+CFLAGS+= ${DEBUG} -I${.CURDIR}/../lib
+
+WARNS?=	0
+
 DISTRIBUTION= crypto
-DPADD=	${LIBINSTALL} ${LIBCRYPTO}
-LDADD=	${LIBINSTALL} -lcrypto
+DPADD=	${LIBINSTALL} ${LIBMD} ${LIBCRYPTO}
+LDADD=	${LIBINSTALL} -lmd -lcrypto
 
 .include <bsd.prog.mk>
 
Index: pkg_install/sign/sha1.c
--- pkg_install/sign/sha1.c	25 Jan 2004 14:35:27 -0000
+++ pkg_install/sign/sha1.c	7 May 2004 11:51:04 -0000
@@ -34,9 +34,10 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <stdlib.h>
+#include <string.h>
 #include <stdio.h>
 #include <assert.h>
-#include <openssl/sha.h>
+#include <sha.h>
 #include "stand.h"
 #include "gzip.h"
 #include "extern.h"
@@ -66,9 +67,9 @@
 {
 	size_t length;
 
-	sprintf(result, "SHA1 (%s) = ", n->id);
+	snprintf(result, BUFSIZE-2*SHA_DIGEST_LENGTH-1, SHA1_TEMPLATE, n->id);
 	length = strlen(result);
-	SHA1_Final(result + length, &n->context);
+	SHA1_End(&n->context, result + length);
 	strcat(result, "\n");
 	free(n);	
 	return length;
@@ -167,7 +168,7 @@
 	FILE *f;
 	char buffer[1024];
 	char result[BUFSIZE];
-	ssize_t length;
+	ssize_t length = -1;
 	struct sha1_checker *checker;
 	struct signature *old;
 
@@ -181,8 +182,13 @@
 	n = malloc(sizeof *n);
 	if (n == NULL) 
 		return 0;
-	n->data = (char *)userid;
-	n->length = strlen(n->data)+1;
+	n->length = strlen(userid)+1;
+	n->data = malloc(n->length);
+	if (n->data == NULL) {
+		free(n);
+		return 0;
+	}
+	memcpy(n->data, userid, n->length);
 	n->type = TAG_SHA1;
 	memcpy(n->tag, sha1tag, sizeof sha1tag);
 	sign_fill_tag(n);
@@ -208,8 +214,9 @@
 	 * Calculate the SHA1 of the remaining data and write it to stderr.
 	 */
 	checker = new_sha1_checker(&h, *sign, NULL, NULL, filename);
-	while ((length = fread(buffer, 1, sizeof buffer, f)) > 0)
-		sha1_add(checker, buffer, length);
+	if (checker) 
+		while ((length = fread(buffer, 1, sizeof buffer, f)) > 0)
+			sha1_add(checker, buffer, length);
 	if (fclose(f) != 0 || length == -1) {
 		warn("Problem checksumming %s", filename);
 		*sign = n->next;
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->patched 
State-Changed-By: eik 
State-Changed-When: Tue Jun 29 22:33:28 CEST 2004 
State-Changed-Why:  
Awaiting MFC 


Responsible-Changed-From-To: freebsd-bugs->eik 
Responsible-Changed-By: eik 
Responsible-Changed-When: Tue Jun 29 22:33:28 CEST 2004 
Responsible-Changed-Why:  
Handle my own PRs 

http://www.freebsd.org/cgi/query-pr.cgi?pr=66354 
State-Changed-From-To: patched->closed 
State-Changed-By: eik 
State-Changed-When: Fri Aug 13 19:13:30 CEST 2004 
State-Changed-Why:  
MFC finished 

http://www.freebsd.org/cgi/query-pr.cgi?pr=66354 
>Unformatted:
