[Mailman-Users] A scrubber issue
Todd Zullinger
tmz at pobox.com
Fri Dec 8 23:39:19 CET 2006
Mark Sapiro wrote:
> It shouldn't be a content filtering issue. If a part is missing a
> Content-Type: header, the message methods get_content_type() and
> get_content_maintype() which are used by MimeDel.py (content
> filtering) return the default types which are text/plain and text
> except for subparts of multipart/digest when they are message/rfc822
> and message.
Okay, good to know.
> I can't duplicate this.
It's quite possible this is something that's tickled by the way Gnus
creates the message. I know mutt doesn't create the sort of messages
that trigger this either.
> Can you just send me the original message that has parts lost?
Attached is the original message from the list mbox and one that I
munged up to included a content-type: text/plain; charset=us-ascii.
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
Women should be obscene and not heard.
-- Groucho Marx
-------------- next part --------------
From wk at gnupg.org Thu Dec 07 19:26:34 2006
Received: from kerckhoffs.g10code.com ([217.69.77.222])
by trithemius.gnupg.org with esmtp (Exim 4.50 #1 (Debian))
id 1GsNx4-0008G7-A7 for <mm.gnupg-users at trithemius.gnupg.org>;
Thu, 07 Dec 2006 19:26:34 +0100
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.50 #1
(Debian)) id 1GsO7a-0001Qr-HL
for <gnupg-users at gnupg.org>; Thu, 07 Dec 2006 19:37:26 +0100
Received: from wk by localhost with local (Exim 4.62 #1 (Debian))
id 1GsNsD-0001gg-RX
for <gnupg-users at gnupg.org>; Thu, 07 Dec 2006 19:21:33 +0100
From: Werner Koch <wk at gnupg.org>
To: gnupg-users at gnupg.org
Subject: Signed patch against 2.0.1
Organisation: g10 Code GmbH
OpenPGP: id=5B0358A2; url=finger:wk at g10code.com
Mail-Followup-To: gnupg-users at gnupg.org
Date: Thu, 07 Dec 2006 19:21:33 +0100
Message-ID: <87wt53a7o2.fsf at wheatstone.g10code.de>
User-Agent: Gnus/5.110006 (No Gnus v0.6)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B"
X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on
trithemius.gnupg.org
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=AWL autolearn=ham
version=3.0.3
X-BeenThere: gnupg-users at gnupg.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Help and discussion among users of GnuPG <gnupg-users.gnupg.org>
List-Unsubscribe: <http://lists.gnupg.org/mailman/listinfo/gnupg-users>,
<mailto:gnupg-users-request at gnupg.org?subject=unsubscribe>
List-Archive: </pipermail>
List-Post: <mailto:gnupg-users at gnupg.org>
List-Help: <mailto:gnupg-users-request at gnupg.org?subject=help>
List-Subscribe: <http://lists.gnupg.org/mailman/listinfo/gnupg-users>,
<mailto:gnupg-users-request at gnupg.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Dec 2006 18:27:13 -0000
Content-Length: 8376
Lines: 294
--=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B
Hi!
Here comes a signed patch against 2.0.1 for those who care to verify
signatures ;-).
Shalom-Salam,
Werner
--=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B
Content-Disposition: inline; filename=filter-context-20-small.diff
Content-Description: Patch against 2.0.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message
This is a patch against GnuPG 2.0.1. Change the directory to g10/ and
apply this patch.
2006-12-02 Werner Koch <wk at g10code.com>
* encr-data.c: Allocate DFX context on the heap and not on the
stack. Changes at several places. Fixes CVE-2006-6235.
Index: encr-data.c
===================================================================
--- encr-data.c (revision 4352)
+++ encr-data.c (working copy)
@@ -39,16 +39,37 @@
static int decode_filter ( void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len);
-typedef struct
+typedef struct decode_filter_context_s
{
gcry_cipher_hd_t cipher_hd;
gcry_md_hd_t mdc_hash;
char defer[22];
int defer_filled;
int eof_seen;
-} decode_filter_ctx_t;
+ int refcount;
+} *decode_filter_ctx_t;
+/* Helper to release the decode context. */
+static void
+release_dfx_context (decode_filter_ctx_t dfx)
+{
+ if (!dfx)
+ return;
+
+ assert (dfx->refcount);
+ if ( !--dfx->refcount )
+ {
+ gcry_cipher_close (dfx->cipher_hd);
+ dfx->cipher_hd = NULL;
+ gcry_md_close (dfx->mdc_hash);
+ dfx->mdc_hash = NULL;
+ xfree (dfx);
+ }
+}
+
+
+
/****************
* Decrypt the data, specified by ED with the key DEK.
*/
@@ -62,7 +83,11 @@
unsigned blocksize;
unsigned nprefix;
- memset( &dfx, 0, sizeof dfx );
+ dfx = xtrycalloc (1, sizeof *dfx);
+ if (!dfx)
+ return gpg_error_from_syserror ();
+ dfx->refcount = 1;
+
if ( opt.verbose && !dek->algo_info_printed )
{
const char *s = gcry_cipher_algo_name (dek->algo);
@@ -77,20 +102,20 @@
goto leave;
blocksize = gcry_cipher_get_algo_blklen (dek->algo);
if ( !blocksize || blocksize > 16 )
- log_fatal("unsupported blocksize %u\n", blocksize );
+ log_fatal ("unsupported blocksize %u\n", blocksize );
nprefix = blocksize;
if ( ed->len && ed->len < (nprefix+2) )
BUG();
if ( ed->mdc_method )
{
- if (gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 ))
+ if (gcry_md_open (&dfx->mdc_hash, ed->mdc_method, 0 ))
BUG ();
if ( DBG_HASHING )
- gcry_md_start_debug (dfx.mdc_hash, "checkmdc");
+ gcry_md_start_debug (dfx->mdc_hash, "checkmdc");
}
- rc = gcry_cipher_open (&dfx.cipher_hd, dek->algo,
+ rc = gcry_cipher_open (&dfx->cipher_hd, dek->algo,
GCRY_CIPHER_MODE_CFB,
(GCRY_CIPHER_SECURE
| ((ed->mdc_method || dek->algo >= 100)?
@@ -104,7 +129,7 @@
/* log_hexdump( "thekey", dek->key, dek->keylen );*/
- rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen);
+ rc = gcry_cipher_setkey (dfx->cipher_hd, dek->key, dek->keylen);
if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY )
{
log_info(_("WARNING: message was encrypted with"
@@ -123,7 +148,7 @@
goto leave;
}
- gcry_cipher_setiv (dfx.cipher_hd, NULL, 0);
+ gcry_cipher_setiv (dfx->cipher_hd, NULL, 0);
if ( ed->len )
{
@@ -144,8 +169,8 @@
temp[i] = c;
}
- gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0);
- gcry_cipher_sync (dfx.cipher_hd);
+ gcry_cipher_decrypt (dfx->cipher_hd, temp, nprefix+2, NULL, 0);
+ gcry_cipher_sync (dfx->cipher_hd);
p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */
if (dek->symmetric
@@ -155,17 +180,18 @@
goto leave;
}
- if ( dfx.mdc_hash )
- gcry_md_write (dfx.mdc_hash, temp, nprefix+2);
-
+ if ( dfx->mdc_hash )
+ gcry_md_write (dfx->mdc_hash, temp, nprefix+2);
+
+ dfx->refcount++;
if ( ed->mdc_method )
- iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
+ iobuf_push_filter ( ed->buf, mdc_decode_filter, dfx );
else
- iobuf_push_filter( ed->buf, decode_filter, &dfx );
+ iobuf_push_filter ( ed->buf, decode_filter, dfx );
proc_packets ( procctx, ed->buf );
ed->buf = NULL;
- if ( ed->mdc_method && dfx.eof_seen == 2 )
+ if ( ed->mdc_method && dfx->eof_seen == 2 )
rc = gpg_error (GPG_ERR_INV_PACKET);
else if ( ed->mdc_method )
{
@@ -184,26 +210,28 @@
bytes are appended. */
int datalen = gcry_md_get_algo_dlen (ed->mdc_method);
- gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 22, NULL, 0);
- gcry_md_write (dfx.mdc_hash, dfx.defer, 2);
- gcry_md_final (dfx.mdc_hash);
+ assert (dfx->cipher_hd);
+ assert (dfx->mdc_hash);
+ gcry_cipher_decrypt (dfx->cipher_hd, dfx->defer, 22, NULL, 0);
+ gcry_md_write (dfx->mdc_hash, dfx->defer, 2);
+ gcry_md_final (dfx->mdc_hash);
- if (dfx.defer[0] != '\xd3' || dfx.defer[1] != '\x14' )
+ if (dfx->defer[0] != '\xd3' || dfx->defer[1] != '\x14' )
{
log_error("mdc_packet with invalid encoding\n");
rc = gpg_error (GPG_ERR_INV_PACKET);
}
else if (datalen != 20
- || memcmp (gcry_md_read (dfx.mdc_hash, 0),dfx.defer+2,datalen))
+ || memcmp (gcry_md_read (dfx->mdc_hash, 0),
+ dfx->defer+2,datalen ))
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
- /* log_printhex("MDC message:", dfx.defer, 22); */
- /* log_printhex("MDC calc:", gcry_md_read (dfx.mdc_hash,0), datalen); */
+ /* log_printhex("MDC message:", dfx->defer, 22); */
+ /* log_printhex("MDC calc:", gcry_md_read (dfx->mdc_hash,0), datalen); */
}
leave:
- gcry_cipher_close (dfx.cipher_hd);
- gcry_md_close (dfx.mdc_hash);
+ release_dfx_context (dfx);
return rc;
}
@@ -214,7 +242,7 @@
mdc_decode_filter (void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len)
{
- decode_filter_ctx_t *dfx = opaque;
+ decode_filter_ctx_t dfx = opaque;
size_t n, size = *ret_len;
int rc = 0;
int c;
@@ -226,11 +254,11 @@
}
else if( control == IOBUFCTRL_UNDERFLOW )
{
- assert(a);
- assert( size > 44 );
+ assert (a);
+ assert ( size > 44 );
/* Get at least 22 bytes and put it somewhere ahead in the buffer. */
- for(n=22; n < 44 ; n++ )
+ for (n=22; n < 44 ; n++ )
{
if( (c = iobuf_get(a)) == -1 )
break;
@@ -279,8 +307,10 @@
if ( n )
{
- gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0);
- gcry_md_write (dfx->mdc_hash, buf, n);
+ if ( dfx->cipher_hd )
+ gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0);
+ if ( dfx->mdc_hash )
+ gcry_md_write (dfx->mdc_hash, buf, n);
}
else
{
@@ -289,6 +319,10 @@
}
*ret_len = n;
}
+ else if ( control == IOBUFCTRL_FREE )
+ {
+ release_dfx_context (dfx);
+ }
else if ( control == IOBUFCTRL_DESC )
{
*(char**)buf = "mdc_decode_filter";
@@ -300,7 +334,7 @@
static int
decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
{
- decode_filter_ctx_t *fc = opaque;
+ decode_filter_ctx_t fc = opaque;
size_t n, size = *ret_len;
int rc = 0;
@@ -311,11 +345,18 @@
if ( n == -1 )
n = 0;
if ( n )
- gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0);
+ {
+ if (fc->cipher_hd)
+ gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0);
+ }
else
rc = -1; /* EOF */
*ret_len = n;
}
+ else if ( control == IOBUFCTRL_FREE )
+ {
+ release_dfx_context (fc);
+ }
else if ( control == IOBUFCTRL_DESC )
{
*(char**)buf = "decode_filter";
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iJwEAQECAAYFAkV4WeUACgkQU7Yg0BzgxjDi+wQAjSexBMzjGL7v0PdpqnS4GmIb
/FvThc3+oi//x+nboaber4xTwh02NgcVhl18la+YEQfvos0qJNIoHIn9WA7VzdmP
7DlSlw7UgBtuvOFsUl52406q6Bq4C09LIcKu5Un2DCqVa8TP7xhoDvjwP3gNwOZY
YXuoHyMKvt4IWmXg0Wg=
=uq2k
-----END PGP SIGNATURE-----
--=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B--
-------------- next part --------------
From wk at gnupg.org Thu Dec 07 19:26:34 2006
Received: from kerckhoffs.g10code.com ([217.69.77.222])
by trithemius.gnupg.org with esmtp (Exim 4.50 #1 (Debian))
id 1GsNx4-0008G7-A7 for <mm.gnupg-users at trithemius.gnupg.org>;
Thu, 07 Dec 2006 19:26:34 +0100
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.50 #1
(Debian)) id 1GsO7a-0001Qr-HL
for <gnupg-users at gnupg.org>; Thu, 07 Dec 2006 19:37:26 +0100
Received: from wk by localhost with local (Exim 4.62 #1 (Debian))
id 1GsNsD-0001gg-RX
for <gnupg-users at gnupg.org>; Thu, 07 Dec 2006 19:21:33 +0100
From: Werner Koch <wk at gnupg.org>
To: gnupg-users at gnupg.org
Subject: Signed patch against 2.0.1
Organisation: g10 Code GmbH
OpenPGP: id=5B0358A2; url=finger:wk at g10code.com
Mail-Followup-To: gnupg-users at gnupg.org
Date: Thu, 07 Dec 2006 19:21:33 +0100
Message-ID: <87wt53a7o2.fsf at wheatstone.g10code.de>
User-Agent: Gnus/5.110006 (No Gnus v0.6)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B"
X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on
trithemius.gnupg.org
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=AWL autolearn=ham
version=3.0.3
X-BeenThere: gnupg-users at gnupg.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Help and discussion among users of GnuPG <gnupg-users.gnupg.org>
List-Unsubscribe: <http://lists.gnupg.org/mailman/listinfo/gnupg-users>,
<mailto:gnupg-users-request at gnupg.org?subject=unsubscribe>
List-Archive: </pipermail>
List-Post: <mailto:gnupg-users at gnupg.org>
List-Help: <mailto:gnupg-users-request at gnupg.org?subject=help>
List-Subscribe: <http://lists.gnupg.org/mailman/listinfo/gnupg-users>,
<mailto:gnupg-users-request at gnupg.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Dec 2006 18:27:13 -0000
Content-Length: 8376
Lines: 294
--=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B
Content-type: text/plain; charset=us-ascii
Hi!
Here comes a signed patch against 2.0.1 for those who care to verify
signatures ;-).
Shalom-Salam,
Werner
--=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B
Content-type: text/plain; charset=us-ascii
Content-Disposition: inline; filename=filter-context-20-small.diff
Content-Description: Patch against 2.0.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message
This is a patch against GnuPG 2.0.1. Change the directory to g10/ and
apply this patch.
2006-12-02 Werner Koch <wk at g10code.com>
* encr-data.c: Allocate DFX context on the heap and not on the
stack. Changes at several places. Fixes CVE-2006-6235.
Index: encr-data.c
===================================================================
--- encr-data.c (revision 4352)
+++ encr-data.c (working copy)
@@ -39,16 +39,37 @@
static int decode_filter ( void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len);
-typedef struct
+typedef struct decode_filter_context_s
{
gcry_cipher_hd_t cipher_hd;
gcry_md_hd_t mdc_hash;
char defer[22];
int defer_filled;
int eof_seen;
-} decode_filter_ctx_t;
+ int refcount;
+} *decode_filter_ctx_t;
+/* Helper to release the decode context. */
+static void
+release_dfx_context (decode_filter_ctx_t dfx)
+{
+ if (!dfx)
+ return;
+
+ assert (dfx->refcount);
+ if ( !--dfx->refcount )
+ {
+ gcry_cipher_close (dfx->cipher_hd);
+ dfx->cipher_hd = NULL;
+ gcry_md_close (dfx->mdc_hash);
+ dfx->mdc_hash = NULL;
+ xfree (dfx);
+ }
+}
+
+
+
/****************
* Decrypt the data, specified by ED with the key DEK.
*/
@@ -62,7 +83,11 @@
unsigned blocksize;
unsigned nprefix;
- memset( &dfx, 0, sizeof dfx );
+ dfx = xtrycalloc (1, sizeof *dfx);
+ if (!dfx)
+ return gpg_error_from_syserror ();
+ dfx->refcount = 1;
+
if ( opt.verbose && !dek->algo_info_printed )
{
const char *s = gcry_cipher_algo_name (dek->algo);
@@ -77,20 +102,20 @@
goto leave;
blocksize = gcry_cipher_get_algo_blklen (dek->algo);
if ( !blocksize || blocksize > 16 )
- log_fatal("unsupported blocksize %u\n", blocksize );
+ log_fatal ("unsupported blocksize %u\n", blocksize );
nprefix = blocksize;
if ( ed->len && ed->len < (nprefix+2) )
BUG();
if ( ed->mdc_method )
{
- if (gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 ))
+ if (gcry_md_open (&dfx->mdc_hash, ed->mdc_method, 0 ))
BUG ();
if ( DBG_HASHING )
- gcry_md_start_debug (dfx.mdc_hash, "checkmdc");
+ gcry_md_start_debug (dfx->mdc_hash, "checkmdc");
}
- rc = gcry_cipher_open (&dfx.cipher_hd, dek->algo,
+ rc = gcry_cipher_open (&dfx->cipher_hd, dek->algo,
GCRY_CIPHER_MODE_CFB,
(GCRY_CIPHER_SECURE
| ((ed->mdc_method || dek->algo >= 100)?
@@ -104,7 +129,7 @@
/* log_hexdump( "thekey", dek->key, dek->keylen );*/
- rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen);
+ rc = gcry_cipher_setkey (dfx->cipher_hd, dek->key, dek->keylen);
if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY )
{
log_info(_("WARNING: message was encrypted with"
@@ -123,7 +148,7 @@
goto leave;
}
- gcry_cipher_setiv (dfx.cipher_hd, NULL, 0);
+ gcry_cipher_setiv (dfx->cipher_hd, NULL, 0);
if ( ed->len )
{
@@ -144,8 +169,8 @@
temp[i] = c;
}
- gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0);
- gcry_cipher_sync (dfx.cipher_hd);
+ gcry_cipher_decrypt (dfx->cipher_hd, temp, nprefix+2, NULL, 0);
+ gcry_cipher_sync (dfx->cipher_hd);
p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */
if (dek->symmetric
@@ -155,17 +180,18 @@
goto leave;
}
- if ( dfx.mdc_hash )
- gcry_md_write (dfx.mdc_hash, temp, nprefix+2);
-
+ if ( dfx->mdc_hash )
+ gcry_md_write (dfx->mdc_hash, temp, nprefix+2);
+
+ dfx->refcount++;
if ( ed->mdc_method )
- iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
+ iobuf_push_filter ( ed->buf, mdc_decode_filter, dfx );
else
- iobuf_push_filter( ed->buf, decode_filter, &dfx );
+ iobuf_push_filter ( ed->buf, decode_filter, dfx );
proc_packets ( procctx, ed->buf );
ed->buf = NULL;
- if ( ed->mdc_method && dfx.eof_seen == 2 )
+ if ( ed->mdc_method && dfx->eof_seen == 2 )
rc = gpg_error (GPG_ERR_INV_PACKET);
else if ( ed->mdc_method )
{
@@ -184,26 +210,28 @@
bytes are appended. */
int datalen = gcry_md_get_algo_dlen (ed->mdc_method);
- gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 22, NULL, 0);
- gcry_md_write (dfx.mdc_hash, dfx.defer, 2);
- gcry_md_final (dfx.mdc_hash);
+ assert (dfx->cipher_hd);
+ assert (dfx->mdc_hash);
+ gcry_cipher_decrypt (dfx->cipher_hd, dfx->defer, 22, NULL, 0);
+ gcry_md_write (dfx->mdc_hash, dfx->defer, 2);
+ gcry_md_final (dfx->mdc_hash);
- if (dfx.defer[0] != '\xd3' || dfx.defer[1] != '\x14' )
+ if (dfx->defer[0] != '\xd3' || dfx->defer[1] != '\x14' )
{
log_error("mdc_packet with invalid encoding\n");
rc = gpg_error (GPG_ERR_INV_PACKET);
}
else if (datalen != 20
- || memcmp (gcry_md_read (dfx.mdc_hash, 0),dfx.defer+2,datalen))
+ || memcmp (gcry_md_read (dfx->mdc_hash, 0),
+ dfx->defer+2,datalen ))
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
- /* log_printhex("MDC message:", dfx.defer, 22); */
- /* log_printhex("MDC calc:", gcry_md_read (dfx.mdc_hash,0), datalen); */
+ /* log_printhex("MDC message:", dfx->defer, 22); */
+ /* log_printhex("MDC calc:", gcry_md_read (dfx->mdc_hash,0), datalen); */
}
leave:
- gcry_cipher_close (dfx.cipher_hd);
- gcry_md_close (dfx.mdc_hash);
+ release_dfx_context (dfx);
return rc;
}
@@ -214,7 +242,7 @@
mdc_decode_filter (void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len)
{
- decode_filter_ctx_t *dfx = opaque;
+ decode_filter_ctx_t dfx = opaque;
size_t n, size = *ret_len;
int rc = 0;
int c;
@@ -226,11 +254,11 @@
}
else if( control == IOBUFCTRL_UNDERFLOW )
{
- assert(a);
- assert( size > 44 );
+ assert (a);
+ assert ( size > 44 );
/* Get at least 22 bytes and put it somewhere ahead in the buffer. */
- for(n=22; n < 44 ; n++ )
+ for (n=22; n < 44 ; n++ )
{
if( (c = iobuf_get(a)) == -1 )
break;
@@ -279,8 +307,10 @@
if ( n )
{
- gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0);
- gcry_md_write (dfx->mdc_hash, buf, n);
+ if ( dfx->cipher_hd )
+ gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0);
+ if ( dfx->mdc_hash )
+ gcry_md_write (dfx->mdc_hash, buf, n);
}
else
{
@@ -289,6 +319,10 @@
}
*ret_len = n;
}
+ else if ( control == IOBUFCTRL_FREE )
+ {
+ release_dfx_context (dfx);
+ }
else if ( control == IOBUFCTRL_DESC )
{
*(char**)buf = "mdc_decode_filter";
@@ -300,7 +334,7 @@
static int
decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
{
- decode_filter_ctx_t *fc = opaque;
+ decode_filter_ctx_t fc = opaque;
size_t n, size = *ret_len;
int rc = 0;
@@ -311,11 +345,18 @@
if ( n == -1 )
n = 0;
if ( n )
- gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0);
+ {
+ if (fc->cipher_hd)
+ gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0);
+ }
else
rc = -1; /* EOF */
*ret_len = n;
}
+ else if ( control == IOBUFCTRL_FREE )
+ {
+ release_dfx_context (fc);
+ }
else if ( control == IOBUFCTRL_DESC )
{
*(char**)buf = "decode_filter";
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iJwEAQECAAYFAkV4WeUACgkQU7Yg0BzgxjDi+wQAjSexBMzjGL7v0PdpqnS4GmIb
/FvThc3+oi//x+nboaber4xTwh02NgcVhl18la+YEQfvos0qJNIoHIn9WA7VzdmP
7DlSlw7UgBtuvOFsUl52406q6Bq4C09LIcKu5Un2DCqVa8TP7xhoDvjwP3gNwOZY
YXuoHyMKvt4IWmXg0Wg=
=uq2k
-----END PGP SIGNATURE-----
--=KGB-Sundevil-gamma-Skipjack-government-Vince-Foster-Treasury-bce-S-B--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
Url : http://mail.python.org/pipermail/mailman-users/attachments/20061208/2790aeeb/attachment.pgp
More information about the Mailman-Users
mailing list