Sophie

Sophie

distrib > Fedora > 14 > x86_64 > by-pkgid > b09ad75c3b920319121292e89fe05631 > files > 1

xml-security-c-1.5.1-4.fc14.src.rpm

diff -up xml-security-c-1.5.1/src/dsig/DSIGAlgorithmHandlerDefault.cpp.orig xml-security-c-1.5.1/src/dsig/DSIGAlgorithmHandlerDefault.cpp
--- xml-security-c-1.5.1/src/dsig/DSIGAlgorithmHandlerDefault.cpp.orig	2009-07-21 17:48:45.000000000 +0300
+++ xml-security-c-1.5.1/src/dsig/DSIGAlgorithmHandlerDefault.cpp	2011-07-08 10:49:00.000000000 +0300
@@ -42,6 +42,7 @@
 
 XERCES_CPP_NAMESPACE_USE
 
+#define MAXB64BUFSIZE 2048
 
 // --------------------------------------------------------------------------------
 //           Some useful utility functions
@@ -53,10 +54,10 @@ bool compareBase64StringToRaw(const char
 							  unsigned int rawLen, 
 							  unsigned int maxCompare = 0) {
 	// Decode a base64 buffer and then compare the result to a raw buffer
-	// Compare at most maxCompare bits (if maxComare > 0)
+	// Compare at most maxCompare bits (if maxCompare > 0)
 	// Note - whilst the other parameters are bytes, maxCompare is bits
 
-	unsigned char outputStr[1024];
+	unsigned char outputStr[MAXB64BUFSIZE];
 	unsigned int outputLen = 0;
 	
 	XSECCryptoBase64 * b64 = XSECPlatformUtils::g_cryptoProvider->base64();
@@ -71,8 +72,8 @@ bool compareBase64StringToRaw(const char
 	Janitor<XSECCryptoBase64> j_b64(b64);
 
 	b64->decodeInit();
-	outputLen = b64->decode((unsigned char *) b64Str, (unsigned int) strlen((char *) b64Str), outputStr, 1024);
-	outputLen += b64->decodeFinish(&outputStr[outputLen], 1024 - outputLen);
+	outputLen = b64->decode((unsigned char *) b64Str, (unsigned int) strlen((char *) b64Str), outputStr, MAXB64BUFSIZE);
+	outputLen += b64->decodeFinish(&outputStr[outputLen], MAXB64BUFSIZE - outputLen);
 
 	// Compare
 
@@ -144,7 +145,7 @@ void convertRawToBase64String(safeBuffer
 	// Translate the rawbuffer (at most maxBits or rawLen - whichever is smaller)
 	// to a base64 string
 
-	unsigned char b64Str[1024];
+	unsigned char b64Str[MAXB64BUFSIZE];
 	unsigned int outputLen = 0;
 	
 	XSECCryptoBase64 * b64 = XSECPlatformUtils::g_cryptoProvider->base64();
@@ -175,8 +176,8 @@ void convertRawToBase64String(safeBuffer
 		size = rawLen;
 
 	b64->encodeInit();
-	outputLen = b64->encode((unsigned char *) raw, rawLen, b64Str, 1024);
-	outputLen += b64->encodeFinish(&b64Str[outputLen], 1024 - outputLen);
+	outputLen = b64->encode((unsigned char *) raw, rawLen, b64Str, MAXB64BUFSIZE - 1);
+	outputLen += b64->encodeFinish(&b64Str[outputLen], MAXB64BUFSIZE - outputLen - 1);
 	b64Str[outputLen] = '\0';
 
 	// Copy out
@@ -380,7 +381,10 @@ unsigned int DSIGAlgorithmHandlerDefault
 	
 	// Now check the calculated hash
 
-	char b64Buf[1024];
+	// For now, use a fixed length buffer, but expand it,
+	// and detect if the signature size exceeds what we can
+	// handle.
+	char b64Buf[MAXB64BUFSIZE];
 	unsigned int b64Len;
 	safeBuffer b64SB;
 	
@@ -400,7 +404,7 @@ unsigned int DSIGAlgorithmHandlerDefault
 			hash, 
 			hashLen,
 			(char *) b64Buf, 
-			1024);
+			MAXB64BUFSIZE);
 
 		if (b64Len <= 0) {
 
@@ -408,6 +412,12 @@ unsigned int DSIGAlgorithmHandlerDefault
 				"Unknown error occured during a DSA Signing operation");
 
 		}
+		else if (b64Len >= MAXB64BUFSIZE) {
+
+            throw XSECException(XSECException::AlgorithmMapperError,
+                "DSA Signing operation exceeded size of buffer");
+
+		}
 
 		if (b64Buf[b64Len-1] == '\n')
 			b64Buf[b64Len-1] = '\0';
@@ -430,7 +440,7 @@ unsigned int DSIGAlgorithmHandlerDefault
 			hash, 
 			hashLen,
 			(char *) b64Buf, 
-			1024,
+			MAXB64BUFSIZE,
 			hm);
 
 		if (b64Len <= 0) {
@@ -439,6 +449,12 @@ unsigned int DSIGAlgorithmHandlerDefault
 				"Unknown error occured during a RSA Signing operation");
 
 		}
+        else if (b64Len >= MAXB64BUFSIZE) {
+
+            throw XSECException(XSECException::AlgorithmMapperError,
+                "RSA Signing operation exceeded size of buffer");
+
+        }
 
 		// Clean up some "funnies" and make sure the string is NULL terminated
 
@@ -471,7 +487,7 @@ unsigned int DSIGAlgorithmHandlerDefault
 								hashLen, 
 								outputLength);
 		
-		strncpy(b64Buf, (char *) b64SB.rawBuffer(), 1024);
+		strncpy(b64Buf, (char *) b64SB.rawBuffer(), MAXB64BUFSIZE);
 		break;
 
 	default :
diff -up xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp.orig xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp
--- xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp.orig	2008-12-08 20:52:47.000000000 +0200
+++ xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp	2011-07-08 11:21:12.000000000 +0300
@@ -33,6 +33,10 @@
 #include <xsec/enc/XSECCryptoUtils.hpp>
 #include <xsec/framework/XSECError.hpp>
 
+#include <xercesc/util/Janitor.hpp>
+
+XSEC_USING_XERCES(ArrayJanitor);
+
 #include <openssl/dsa.h>
 
 OpenSSLCryptoKeyDSA::OpenSSLCryptoKeyDSA() : mp_dsaKey(NULL) {
@@ -157,8 +161,9 @@ bool OpenSSLCryptoKeyDSA::verifyBase64Si
 			"OpenSSL:DSA - Attempt to validate signature with empty key");
 	}
 
-	unsigned char sigVal[512];
 	int sigValLen;
+	unsigned char* sigVal = new unsigned char[sigLen + 1];
+	ArrayJanitor<unsigned char> j_sigVal(sigVal);
 	int err;
 
 	EVP_ENCODE_CTX m_dctx;
@@ -271,10 +276,10 @@ unsigned int OpenSSLCryptoKeyDSA::signBa
 
 	// Now turn the signature into a base64 string
 
-	unsigned char rawSigBuf[256];
-	unsigned int rawLen;
-
-	rawLen = BN_bn2bin(dsa_sig->r, rawSigBuf);
+	unsigned char* rawSigBuf = new unsigned char[(BN_num_bits(dsa_sig->r) + BN_num_bits(dsa_sig->s)) / 8];
+    ArrayJanitor<unsigned char> j_sigbuf(rawSigBuf);
+	
+    unsigned int rawLen = BN_bn2bin(dsa_sig->r, rawSigBuf);
 
 	if (rawLen <= 0) {
 
diff -up xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp.orig xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
--- xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp.orig	2008-12-08 20:52:47.000000000 +0200
+++ xml-security-c-1.5.1/src/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp	2011-07-08 10:48:58.000000000 +0300
@@ -186,21 +186,20 @@ bool OpenSSLCryptoKeyRSA::verifySHA1PKCS
 			"OpenSSL:RSA - Attempt to validate signature with empty key");
 	}
 
-	unsigned char sigVal[1024];
-	int sigValLen;
-
-	EVP_ENCODE_CTX m_dctx;
-	int rc;
-
-	char * cleanedBase64Signature;
+	char* cleanedBase64Signature;
 	unsigned int cleanedBase64SignatureLen = 0;
 
 	cleanedBase64Signature =
 		XSECCryptoBase64::cleanBuffer(base64Signature, sigLen, cleanedBase64SignatureLen);
 	ArrayJanitor<char> j_cleanedBase64Signature(cleanedBase64Signature);
 
+	int sigValLen;
+	unsigned char* sigVal = new unsigned char[sigLen + 1];
+    ArrayJanitor<unsigned char> j_sigVal(sigVal);
+
+    EVP_ENCODE_CTX m_dctx;
 	EVP_DecodeInit(&m_dctx);
-	rc = EVP_DecodeUpdate(&m_dctx,
+	int rc = EVP_DecodeUpdate(&m_dctx,
 						  sigVal,
 						  &sigValLen,
 						  (unsigned char *) cleanedBase64Signature,

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional