From owner-freebsd-bugs@FreeBSD.ORG  Fri May  7 05:20:13 2004
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2943B16A4CF
	for <freebsd-bugs@hub.freebsd.org>;
	Fri,  7 May 2004 05:20:13 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AF72743D64
	for <freebsd-bugs@hub.freebsd.org>;
	Fri,  7 May 2004 05:20:11 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	i47CKBEq018359	for <freebsd-bugs@freefall.freebsd.org>;
	Fri, 7 May 2004 05:20:11 -0700 (PDT)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i47CKBvC018358;
	Fri, 7 May 2004 05:20:11 -0700 (PDT)
	(envelope-from gnats)
Resent-Date: Fri, 7 May 2004 05:20:11 -0700 (PDT)
Resent-Message-Id: <200405071220.i47CKBvC018358@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Oliver Eikemeier <eikemeier@fillmore-labs.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7B55E16A4CE
	for <FreeBSD-gnats-submit@FreeBSD.org>;
	Fri,  7 May 2004 05:13:40 -0700 (PDT)
Received: from fillmore.dyndns.org (port-212-202-49-130.reverse.qsc.de
	[212.202.49.130])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6FA0043D60
	for <FreeBSD-gnats-submit@FreeBSD.org>;
	Fri,  7 May 2004 05:13:39 -0700 (PDT)
	(envelope-from eikemeier@fillmore-labs.com)
Received: from [172.16.0.2] (helo=fillmore-labs.com)
	by fillmore.dyndns.org with esmtp (Exim 4.33; FreeBSD)
	id 1BM4EQ-0009Lv-6k
	for FreeBSD-gnats-submit@FreeBSD.org; Fri, 07 May 2004 14:13:38 +0200
Message-Id: <409B7D6F.7030709@fillmore-labs.com>
Date: Fri, 07 May 2004 14:13:35 +0200
From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
To: FreeBSD-gnats-submit@FreeBSD.org
Subject: bin/66354: pkg_sign -t sha1 broken
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 May 2004 12:20:13 -0000


>Number:         66354
>Category:       bin
>Synopsis:       pkg_sign -t sha1 broken
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 07 05:20:11 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Oliver Eikemeier
>Release:        FreeBSD 4.10-STABLE i386
>Organization:
Fillmore Labs - http://www.fillmore-labs.com
>Environment:
System: FreeBSD nuuk.fillmore-labs.com 4.10-STABLE

>Description:

SHA1 signature generation of the pkg_sign utility outputs the SHA1
digest in binary, making it unusable. Moreover, the utility frees
memory not allocated.

>How-To-Repeat:

  > fetch ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4.10-release/All/libltdl-1.5.2.tgz
  > pkg_sign -u libltdl-1.5.2.tgz -t sha1 libltdl-1.5.2.tgz libltdl-1.5.2.tgz
  SHA1 (libltdl-1.5.2.tgz) = +??r?N?6???,!m?R`r.:
  pkg_sign: Corrupted SHA1 header in libltdl-1.5.2.tgz
  Segmentation fault (core dumped)

Expected result:

  > fetch ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4.10-release/All/libltdl-1.5.2.tgz
  > pkg_sign -u libltdl-1.5.2.tgz -t sha1 libltdl-1.5.2.tgz libltdl-1.5.2.tgz
  SHA1 (libltdl-1.5.2.tgz) = 2bbbe772b04eb436c1c9b12c216db7526072853a
  SHA1 (libltdl-1.5.2.tgz) = cb312cb4b82e5ba971a1f113e568297355004d67

>Fix:

The pkg_sign and pkg_check utilites work only with gzipped archives, so they are of
limited use for 5.x users. Since nobody seemed to care about them in 4.x (SHA1 signature
was never tested, and the code contains multiple problems), they should simply be removed
from the base system or replaced by something better. In the meantime, the following patch
fixed the bugs above:

Index: pkg_install/sign/Makefile
--- pkg_install/sign/Makefile	25 Jan 2004 14:35:27 -0000
+++ pkg_install/sign/Makefile	7 May 2004 11:51:04 -0000
@@ -7,9 +7,13 @@
 SRCS=	main.c check.c common.c gzip.c pgp_check.c pgp_sign.c \
 	sha1.c sign.c stand.c x509.c
 
+CFLAGS+= ${DEBUG} -I${.CURDIR}/../lib
+
+WARNS?=	0
+
 DISTRIBUTION= crypto
-DPADD=	${LIBINSTALL} ${LIBCRYPTO}
-LDADD=	${LIBINSTALL} -lcrypto
+DPADD=	${LIBINSTALL} ${LIBMD} ${LIBCRYPTO}
+LDADD=	${LIBINSTALL} -lmd -lcrypto
 
 .include <bsd.prog.mk>
 
Index: pkg_install/sign/sha1.c
--- pkg_install/sign/sha1.c	25 Jan 2004 14:35:27 -0000
+++ pkg_install/sign/sha1.c	7 May 2004 11:51:04 -0000
@@ -34,9 +34,10 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <stdlib.h>
+#include <string.h>
 #include <stdio.h>
 #include <assert.h>
-#include <openssl/sha.h>
+#include <sha.h>
 #include "stand.h"
 #include "gzip.h"
 #include "extern.h"
@@ -66,9 +67,9 @@
 {
 	size_t length;
 
-	sprintf(result, "SHA1 (%s) = ", n->id);
+	snprintf(result, BUFSIZE-2*SHA_DIGEST_LENGTH-1, SHA1_TEMPLATE, n->id);
 	length = strlen(result);
-	SHA1_Final(result + length, &n->context);
+	SHA1_End(&n->context, result + length);
 	strcat(result, "\n");
 	free(n);	
 	return length;
@@ -167,7 +168,7 @@
 	FILE *f;
 	char buffer[1024];
 	char result[BUFSIZE];
-	ssize_t length;
+	ssize_t length = -1;
 	struct sha1_checker *checker;
 	struct signature *old;
 
@@ -181,8 +182,13 @@
 	n = malloc(sizeof *n);
 	if (n == NULL) 
 		return 0;
-	n->data = (char *)userid;
-	n->length = strlen(n->data)+1;
+	n->length = strlen(userid)+1;
+	n->data = malloc(n->length);
+	if (n->data == NULL) {
+		free(n);
+		return 0;
+	}
+	memcpy(n->data, userid, n->length);
 	n->type = TAG_SHA1;
 	memcpy(n->tag, sha1tag, sizeof sha1tag);
 	sign_fill_tag(n);
@@ -208,8 +214,9 @@
 	 * Calculate the SHA1 of the remaining data and write it to stderr.
 	 */
 	checker = new_sha1_checker(&h, *sign, NULL, NULL, filename);
-	while ((length = fread(buffer, 1, sizeof buffer, f)) > 0)
-		sha1_add(checker, buffer, length);
+	if (checker) 
+		while ((length = fread(buffer, 1, sizeof buffer, f)) > 0)
+			sha1_add(checker, buffer, length);
 	if (fclose(f) != 0 || length == -1) {
 		warn("Problem checksumming %s", filename);
 		*sign = n->next;
>Release-Note:
>Audit-Trail:
>Unformatted: