Просмотр исходного кода

Dpkg::Control::Hash: Check for presence of OpenPGP signatures

Make sure the OpenGPG armor contains a signature block, even on EOF.

This should get detected and rejected by gpgv anyway, but it's better
to check the structure of the message before doing any further parsing
on it.
Guillem Jover лет назад: 13
Родитель
Сommit
b08f7a8306

+ 1 - 0
debian/changelog

@@ -8,6 +8,7 @@ dpkg (1.16.10) UNRELEASED; urgency=low
   * Abort installation if we cannot set the security context for a file.
   * Fix OpenPGP armored signature parsing, to be resilient against doctored
     input, including source package control files. Closes: #695919
+  * Make sure the OpenGPG armor contains a signature block, even on EOF.
 
   [ Updated programs translations ]
   * Esperanto (Felipe Castro).

+ 10 - 0
scripts/Dpkg/Control/Hash.pm

@@ -171,6 +171,8 @@ sub parse {
     my $paraborder = 1;
     my $cf; # Current field
     my $expect_pgp_sig = 0;
+    my $pgp_signed = 0;
+
     while (<$fh>) {
 	s/\s*\n$//;
 	next if (m/^$/ and $paraborder);
@@ -223,6 +225,9 @@ sub parse {
 		unless (defined($_)) {
                     syntaxerr($desc, _g("unfinished PGP signature"));
                 }
+		# This does not mean the signature is correct, that needs to
+		# be verified by gnupg.
+		$pgp_signed = 1;
 	    }
 	    last; # Finished parsing one block
 	} else {
@@ -230,6 +235,11 @@ sub parse {
                       _g("line with unknown format (not field-colon-value)"));
 	}
     }
+
+    if ($expect_pgp_sig and not $pgp_signed) {
+        syntaxerr($desc, _g("unfinished PGP signature"));
+    }
+
     return defined($cf);
 }
 

+ 1 - 0
scripts/Makefile.am

@@ -231,6 +231,7 @@ test_data = \
 	t/700_Dpkg_Control/control-1 \
 	t/700_Dpkg_Control/bogus-unsigned.dsc \
 	t/700_Dpkg_Control/bogus-armor-double.dsc \
+	t/700_Dpkg_Control/bogus-armor-no-sig.dsc \
 	t/700_Dpkg_Control/bogus-armor-trail.dsc \
 	t/700_Dpkg_Control/bogus-armor-nested.dsc \
 	t/700_Dpkg_Control/bogus-armor-spaces.dsc \

+ 4 - 1
scripts/t/700_Dpkg_Control.t

@@ -13,7 +13,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-use Test::More tests => 20;
+use Test::More tests => 21;
 
 use strict;
 use warnings;
@@ -109,6 +109,9 @@ my $dsc;
 $dsc = parse_dsc("$datadir/bogus-unsigned.dsc");
 is($dsc, undef, 'Unsigned .dsc w/ OpenPGP armor');
 
+$dsc = parse_dsc("$datadir/bogus-armor-no-sig.dsc");
+is($dsc, undef, 'Signed .dsc w/ OpenPGP armor missing signature');
+
 $dsc = parse_dsc("$datadir/bogus-armor-trail.dsc");
 is($dsc, undef, 'Signed .dsc w/ bogus OpenPGP armor trailer');
 

+ 4 - 0
scripts/t/700_Dpkg_Control/bogus-armor-no-sig.dsc

@@ -0,0 +1,4 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Source: pass