[Reproducible-commits] [dpkg] 04/08: Dpkg::Control::Hash: Check for presence of OpenPGP signatures
Holger Levsen
holger at layer-acht.org
Tue May 3 08:43:20 UTC 2016
This is an automated email from the git hooks/post-receive script.
holger pushed a commit to annotated tag 1.15.12
in repository dpkg.
commit 7c9e955239105fc79339f1079914b9ac6297645e
Author: Guillem Jover <guillem at debian.org>
Date: Sun Dec 16 00:33:25 2012 +0100
Dpkg::Control::Hash: Check for presence of OpenPGP signatures
Cherry picked from commit b08f7a8306f872b077af4040ebeab8853faaf0cd.
Make sure the OpenGPG armor contains a signature block, even on EOF.
This should get detected and rejected by gpgv anyway, but it's better
to check the structure of the message before doing any further parsing
on it.
Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
Signed-off-by: Guillem Jover <guillem at debian.org>
---
debian/changelog | 1 +
scripts/Dpkg/Control/Hash.pm | 10 ++++++++++
scripts/Makefile.am | 1 +
scripts/t/700_Dpkg_Control.t | 5 ++++-
scripts/t/700_Dpkg_Control/bogus-armor-no-sig.dsc | 4 ++++
5 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index c9a434f..93d614f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,7 @@ dpkg (1.15.12) UNRELEASED; urgency=high
[ Guillem Jover ]
* Fix OpenPGP armored signature parsing, to be resilient against doctored
input, including source package control files. Closes: #695919
+ * Make sure the OpenGPG armor contains a signature block, even on EOF.
-- Guillem Jover <guillem at debian.org> Fri, 01 May 2015 22:02:43 +0200
diff --git a/scripts/Dpkg/Control/Hash.pm b/scripts/Dpkg/Control/Hash.pm
index 63efef8..0ad19c8 100644
--- a/scripts/Dpkg/Control/Hash.pm
+++ b/scripts/Dpkg/Control/Hash.pm
@@ -161,6 +161,8 @@ sub parse {
my $paraborder = 1;
my $cf; # Current field
my $expect_pgp_sig = 0;
+ my $pgp_signed = 0;
+
while (<$fh>) {
s/\s*\n$//;
next if (m/^$/ and $paraborder);
@@ -213,6 +215,9 @@ sub parse {
unless (defined($_)) {
syntaxerr($desc, _g("unfinished PGP signature"));
}
+ # This does not mean the signature is correct, that needs to
+ # be verified by gnupg.
+ $pgp_signed = 1;
}
last; # Finished parsing one block
} else {
@@ -220,6 +225,11 @@ sub parse {
_g("line with unknown format (not field-colon-value)"));
}
}
+
+ if ($expect_pgp_sig and not $pgp_signed) {
+ syntaxerr($desc, _g("unfinished PGP signature"));
+ }
+
return defined($cf);
}
diff --git a/scripts/Makefile.am b/scripts/Makefile.am
index 1a469c3..738cbe3 100644
--- a/scripts/Makefile.am
+++ b/scripts/Makefile.am
@@ -231,6 +231,7 @@ test_data = \
t/700_Dpkg_Control/control-1 \
t/700_Dpkg_Control/bogus-unsigned.dsc \
t/700_Dpkg_Control/bogus-armor-double.dsc \
+ t/700_Dpkg_Control/bogus-armor-no-sig.dsc \
t/700_Dpkg_Control/bogus-armor-trail.dsc \
t/700_Dpkg_Control/bogus-armor-nested.dsc \
t/700_Dpkg_Control/bogus-armor-spaces.dsc \
diff --git a/scripts/t/700_Dpkg_Control.t b/scripts/t/700_Dpkg_Control.t
index 68ae5e5..1597d93 100644
--- a/scripts/t/700_Dpkg_Control.t
+++ b/scripts/t/700_Dpkg_Control.t
@@ -13,7 +13,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-use Test::More tests => 20;
+use Test::More tests => 21;
use strict;
use warnings;
@@ -105,6 +105,9 @@ my $dsc;
$dsc = parse_dsc("$datadir/bogus-unsigned.dsc");
is($dsc, undef, 'Unsigned .dsc w/ OpenPGP armor');
+$dsc = parse_dsc("$datadir/bogus-armor-no-sig.dsc");
+is($dsc, undef, 'Signed .dsc w/ OpenPGP armor missing signature');
+
$dsc = parse_dsc("$datadir/bogus-armor-trail.dsc");
is($dsc, undef, 'Signed .dsc w/ bogus OpenPGP armor trailer');
diff --git a/scripts/t/700_Dpkg_Control/bogus-armor-no-sig.dsc b/scripts/t/700_Dpkg_Control/bogus-armor-no-sig.dsc
new file mode 100644
index 0000000..4502a18
--- /dev/null
+++ b/scripts/t/700_Dpkg_Control/bogus-armor-no-sig.dsc
@@ -0,0 +1,4 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Source: pass
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git
More information about the Reproducible-commits
mailing list