rewrote z85 decoder, uses Buffer* class now

2025-12-17 03:50:57 +01:00 · 2014-02-09 13:50:48 +01:00
parent 82883d92ac
commit 83a4d0bb88
5 changed files with 71 additions and 42 deletions
--- a/14
+++ b/14
@@ -6,6 +6,20 @@
 	the cleartext content (both hashed together) and
 	encrypted afterwards.

+	Re-implemented pcp_readz85string() function, it's
+	now much more fault tolerant and flexible and
+	save against overflows. It is able to catch a
+	multitude of z85 encoded inputs, such as multiline
+	z85 data, oneline z85 data, including or without
+	headers/footers and it considers any single line
+	of content which ends with [\r]\n and contains
+	a whitespace as comment.
+
+	Added Buffer 'class' internal api to make it easier
+	to work with binary data in various, flexible and
+	error prone ways. Cribbed from the code in
+	openssh/buffer.c.
+	
 0.2.0	ED25519 and Curve25519 keys are now generated
 	separately (previously they were generated from
 	one random seed, the curve had been derived from
--- a/8
+++ b/8
@@ -1,9 +1,3 @@
-libpcp/z85.c:148 free(z85) leads to coredump on aix sometimes
-
-Bug: pcp_z85_decode() segfaults at z85.c:83 if input consists of "-----" only.
-
-Bug: pcp_z85_decode() fails if after end marker follows something, even whitespaces
-
 key++: normalize id and lc()

 allow signing using an alternate secret key, like in pcpdecrypt()
@@ -23,5 +17,3 @@ cipher output. include recipient list also in the signature.
 Implement pbp fix https://github.com/stef/pbp/commit/7d7b7c9ecb7604ad22938f5b68a624093a417bfa

 Implement z85 for pbp stuff: https://github.com/stef/pbp/commit/9fa45f6a108ba910f41e863405c5527af8d70e84 :) !!!!
-
-Change Z85 encoder: leave the leading count octet and just zero pad the input, remove any zeroes when decoding
--- a/include/pcp.h
+++ b/include/pcp.h
@@ -7,7 +7,6 @@ extern "C" {

 #include "pcp/base85.h"
 #include "pcp/buffer.h"
-#include "pcp/config.h"
 #include "pcp/crypto.h"
 #include "pcp/defines.h"
 #include "pcp/digital_crc32.h"
--- a/libpcp/z85.c
+++ b/libpcp/z85.c
@@ -41,7 +41,6 @@ unsigned char *pcp_padfour(unsigned char *src, size_t srclen, size_t *dstlen) {

 unsigned char *pcp_unpadfour(unsigned char *src, size_t srclen, size_t *dstlen) {
  size_t outlen;
-  size_t numzeroes;
  size_t i;

  outlen = srclen;
@@ -178,51 +177,77 @@ char *pcp_readz85file(FILE *infile) {
 }

 char *pcp_readz85string(unsigned char *input, size_t bufsize) {
-  char *ret;
-  int i, outsize, lpos, x;
-  lpos = outsize = 0;
+  int i;
  size_t MAXLINE = 1024;

-  unsigned char *out = ucmalloc(bufsize);
-  char *line = ucmalloc(MAXLINE);
+  Buffer *z = buffer_new(MAXLINE, "z");
+  Buffer *line = buffer_new(MAXLINE, "line");
+  char *oneline;
+  int begin, end;
+  begin = end = 0;
+  char *out = NULL;

  for(i=0; i<bufsize; ++i) {
-    if(lpos > MAXLINE) {
-      /*  huh, now that's suspicious */
-      fatal("Invalid input, line is too long (%d bytes so far)!\n", lpos);
-      goto rferr;
-    }
-    if(input[i] != '\n' && input[i] != '\r') {
-      line[lpos++] = input[i];
-    }
-    else {
-      if(line[0] != ' ' && strncmp(line, "-----", 5) != 0) {
-	if(lpos > 0) {
-	  for(x=0;x<lpos;++x) 
-	    out[outsize+x] = line[x];
-	  outsize += lpos;
-	  lpos = 0;
+    if(input[i] == '\r')
+      continue;
+    else if(input[i] == '\n') {
+      /* a line is complete */
+      oneline = buffer_get_str(line);
+      if(strncmp(oneline, "-----", 5) == 0 ) {
+	if(begin == 0) {
+	/* a begin header, reset whatever we've got so far in z buffer */
+	  begin = 1;
+	  buffer_clear(line);
+	  buffer_clear(z);
+	  continue;
+	}
+	else {
+	  /* an end header */
+	  end = 1;
+	  break;
 	}
      }
-      else {
-	lpos = 0;
+      else if(strchr(oneline, ' ') != NULL) {
+	/* a comment */
+	buffer_clear(line);
+	continue;
      }
+      else {
+	/* regular z85 encoded content */
+	buffer_add_buf(z, line);
+	buffer_clear(line);
+      }
+    }
+    else {
+      /* regular line content */
+      buffer_add8(line, input[i]);
    }
  }

-  out[outsize+1] = '\0';
+  if(buffer_size(line) > 0) {
+    /* something left in line buffer, probably
+       newline at eof missing or no multiline input */
+    buffer_add_buf(z, line);  
+  }

-  ret = ucmalloc(outsize+1);
-  memcpy(ret, out, outsize+1);
+  if(buffer_size(z) == 0) {
+    fatal("empty z85 encoded string");
+    goto rferr;
+  }

-  free(out);
-  free(line);
+  out = ucmalloc(buffer_size(z)+1);
+  strncpy(out, buffer_get_str(z), buffer_size(z)+1);

-  return ret;
+  fprintf(stderr, "got: \n<%s>\n", out);
+
+  buffer_free(z);
+  buffer_free(line);
+
+  return out;

 rferr:
-  free(out);
-  free(line);
+  buffer_free(z);
+  buffer_free(line);

  return NULL;
 }
--- a/src/pcp.c
+++ b/src/pcp.c
@@ -263,13 +263,13 @@ int main (int argc, char **argv)  {


  sodium_init(); /*  FIXME: better called from the lib? */
+  errno = 0; /* FIXME: workaround for https://github.com/jedisct1/libsodium/issues/114 */

  if(mode == PCP_MODE_ENCRYPT && useid == 0 && userec == 0) {
    usevault = 0;
    mode = PCP_MODE_ENCRYPT_ME;
  }

-
  if(argc >= 1) {
    /* ok, there are arguments left on the commandline.
       treat it as filename or recipient, depending on
@@ -333,7 +333,6 @@ int main (int argc, char **argv)  {
    }
  }

-
  /* check if there's some enviroment we could use */
  if(usevault == 1) {
    char *_vaultfile = getenv("PCP_VAULT");