diff options
author | Werner Koch <wk@gnupg.org> | 1998-07-09 13:37:05 +0000 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 1998-07-09 13:37:05 +0000 |
commit | 82a03a214a2ddc00a68a215158fbbad86e85678c (patch) | |
tree | 6a022c025c8f21ab75821397da7308f5513e30f0 /cipher | |
parent | 1bb8ca57ffc47f1d0194497eeab2089f94cf5c6d (diff) | |
download | libgcrypt-82a03a214a2ddc00a68a215158fbbad86e85678c.tar.gz |
fixed severe exploit
Diffstat (limited to 'cipher')
-rw-r--r-- | cipher/ChangeLog | 9 | ||||
-rw-r--r-- | cipher/dynload.c | 5 | ||||
-rw-r--r-- | cipher/rmd160.c | 20 |
3 files changed, 33 insertions, 1 deletions
diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 2e47f9a0..bee03492 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,12 @@ +Thu Jul 9 13:01:14 1998 Werner Koch (wk@isil.d.shuttle.de) + + * dynload.c (load_extension): Function now nbails out if + the program is run setuid. + +Wed Jul 8 18:58:23 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rmd160.c (rmd160_hash_buffer): New. + Thu Jul 2 10:50:30 1998 Werner Koch (wk@isil.d.shuttle.de) * cipher.c (cipher_open): algos >=100 use standard CFB diff --git a/cipher/dynload.c b/cipher/dynload.c index e2273170..a8c01f25 100644 --- a/cipher/dynload.c +++ b/cipher/dynload.c @@ -22,6 +22,7 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <unistd.h> #ifdef HAVE_DL_DLOPEN #include <dlfcn.h> #endif @@ -109,7 +110,11 @@ load_extension( EXTLIST el ) int seq = 0; int class, vers; + /* make sure we are not setuid */ + if( getuid() != geteuid() ) + log_bug("trying to load an extension while still setuid\n"); + /* now that we are not setuid anymore, we can safely load modules */ el->handle = dlopen(el->name, RTLD_NOW); if( !el->handle ) { log_error("%s: error loading extension: %s\n", el->name, dlerror() ); diff --git a/cipher/rmd160.c b/cipher/rmd160.c index e3817249..3b1702cb 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -26,7 +26,7 @@ #include "util.h" #include "memory.h" #include "rmd.h" - +#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */ /********************************* * RIPEMD-160 is not patented, see (as of 25.10.97) @@ -530,6 +530,24 @@ rmd160_read( RMD160_CONTEXT *hd ) return hd->buf; } + + +/**************** + * Shortcut functions which puts the hash value of the supplied buffer + * into outbuf which must have a size of 20 bytes. + */ +void +rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ) +{ + RMD160_CONTEXT hd; + + rmd160_init( &hd ); + rmd160_write( &hd, (byte*)buffer, length ); + rmd160_final( &hd ); + memcpy( outbuf, hd.buf, 20 ); +} + + /**************** * Return some information about the algorithm. We need algo here to * distinguish different flavors of the algorithm. |