Introduce xbps_mmap_file() and use it in strategic points.
Rather than using a random buffer from stack or heap, and decide what size to use, create a private memory mapped object... This simplifies the code in lib/verifysig.c and xbps-create.
This commit is contained in:
Juan RP
@@ -22,7 +22,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include <sys/mman.h>
|
||||
#include <stdio.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdlib.h>
|
||||
@@ -57,44 +57,77 @@ digest2string(const uint8_t *digest, char *string, size_t len)
|
||||
*string = '\0';
|
||||
}
|
||||
|
||||
char *
|
||||
xbps_file_hash(const char *file)
|
||||
bool
|
||||
xbps_mmap_file(const char *file, void **mmf, size_t *mmflen, size_t *filelen)
|
||||
{
|
||||
struct stat st;
|
||||
SHA256_CTX ctx;
|
||||
char hash[SHA256_DIGEST_LENGTH * 2 + 1];
|
||||
unsigned char digest[SHA256_DIGEST_LENGTH];
|
||||
ssize_t ret;
|
||||
unsigned char buf[4096];
|
||||
size_t pgsize = (size_t)sysconf(_SC_PAGESIZE);
|
||||
size_t pgmask = pgsize - 1, mapsize;
|
||||
unsigned char *mf;
|
||||
bool need_guard = false;
|
||||
int fd;
|
||||
|
||||
assert(file);
|
||||
|
||||
if ((fd = open(file, O_RDONLY)) == -1)
|
||||
return NULL;
|
||||
return false;
|
||||
|
||||
if (fstat(fd, &st) == -1) {
|
||||
(void)close(fd);
|
||||
return NULL;
|
||||
return false;
|
||||
}
|
||||
if (st.st_size > SSIZE_MAX - 1) {
|
||||
(void)close(fd);
|
||||
return NULL;
|
||||
return false;
|
||||
}
|
||||
|
||||
SHA256_Init(&ctx);
|
||||
while ((ret = read(fd, buf, sizeof(buf))) > 0)
|
||||
SHA256_Update(&ctx, buf, ret);
|
||||
|
||||
if (ret == -1) {
|
||||
/* read error */
|
||||
mapsize = ((size_t)st.st_size + pgmask) & ~pgmask;
|
||||
if (mapsize < (size_t)st.st_size) {
|
||||
(void)close(fd);
|
||||
return NULL;
|
||||
return false;
|
||||
}
|
||||
/*
|
||||
* If the file length is an integral number of pages, then we
|
||||
* need to map a guard page at the end in order to provide the
|
||||
* necessary NUL-termination of the buffer.
|
||||
*/
|
||||
if ((st.st_size & pgmask) == 0)
|
||||
need_guard = true;
|
||||
|
||||
mf = mmap(NULL, need_guard ? mapsize + pgsize : mapsize,
|
||||
PROT_READ, MAP_PRIVATE, fd, 0);
|
||||
(void)close(fd);
|
||||
if (mf == MAP_FAILED) {
|
||||
(void)munmap(mf, mapsize);
|
||||
return false;
|
||||
}
|
||||
|
||||
SHA256_Final(digest, &ctx);
|
||||
(void)close(fd);
|
||||
digest2string(digest, hash, SHA256_DIGEST_LENGTH);
|
||||
*mmf = mf;
|
||||
*mmflen = mapsize;
|
||||
*filelen = st.st_size;
|
||||
|
||||
return strdup(hash);
|
||||
return true;
|
||||
}
|
||||
|
||||
char *
|
||||
xbps_file_hash(const char *file)
|
||||
{
|
||||
char *res, hash[SHA256_DIGEST_LENGTH * 2 + 1];
|
||||
unsigned char digest[SHA256_DIGEST_LENGTH];
|
||||
unsigned char *mmf = NULL;
|
||||
size_t mmflen, filelen;
|
||||
|
||||
if (!xbps_mmap_file(file, (void *)&mmf, &mmflen, &filelen))
|
||||
return NULL;
|
||||
|
||||
if (SHA256(mmf, filelen, digest) == NULL) {
|
||||
(void)munmap(mmf, mmflen);
|
||||
return NULL;
|
||||
}
|
||||
digest2string(digest, hash, SHA256_DIGEST_LENGTH);
|
||||
res = strdup(hash);
|
||||
(void)munmap(mmf, mmflen);
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
int
|
||||
|
||||
@@ -30,6 +30,7 @@
|
||||
#include <libgen.h>
|
||||
#include <fcntl.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/mman.h>
|
||||
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/sha.h>
|
||||
@@ -81,11 +82,10 @@ xbps_verify_file_signature(struct xbps_repo *repo, const char *fname)
|
||||
{
|
||||
xbps_dictionary_t repokeyd = NULL;
|
||||
xbps_data_t pubkey;
|
||||
struct stat st, sig_st;
|
||||
const char *hexfp = NULL;
|
||||
unsigned char *buf = NULL, *sig_buf = NULL;
|
||||
size_t buflen, filelen, sigbuflen, sigfilelen;
|
||||
char *rkeyfile = NULL, *sig = NULL;
|
||||
int fd = -1, sig_fd = -1;
|
||||
bool val = false;
|
||||
|
||||
if (!xbps_dictionary_count(repo->idxmeta)) {
|
||||
@@ -116,50 +116,30 @@ xbps_verify_file_signature(struct xbps_repo *repo, const char *fname)
|
||||
/*
|
||||
* Prepare fname and signature data buffers.
|
||||
*/
|
||||
if ((fd = open(fname, O_RDONLY)) == -1) {
|
||||
if (!xbps_mmap_file(fname, (void *)&buf, &buflen, &filelen)) {
|
||||
xbps_dbg_printf(repo->xhp, "can't open file %s: %s\n", fname, strerror(errno));
|
||||
goto out;
|
||||
}
|
||||
sig = xbps_xasprintf("%s.sig", fname);
|
||||
if ((sig_fd = open(sig, O_RDONLY)) == -1) {
|
||||
if (!xbps_mmap_file(sig, (void *)&sig_buf, &sigbuflen, &sigfilelen)) {
|
||||
xbps_dbg_printf(repo->xhp, "can't open signature file %s: %s\n", sig, strerror(errno));
|
||||
goto out;
|
||||
}
|
||||
fstat(fd, &st);
|
||||
fstat(sig_fd, &sig_st);
|
||||
|
||||
buf = malloc(st.st_size);
|
||||
assert(buf);
|
||||
sig_buf = malloc(sig_st.st_size);
|
||||
assert(sig_buf);
|
||||
|
||||
if (read(fd, buf, st.st_size) != st.st_size) {
|
||||
xbps_dbg_printf(repo->xhp, "failed to read file %s: %s\n", fname, strerror(errno));
|
||||
goto out;
|
||||
}
|
||||
if (read(sig_fd, sig_buf, sig_st.st_size) != sig_st.st_size) {
|
||||
xbps_dbg_printf(repo->xhp, "failed to read signature file %s: %s\n", sig, strerror(errno));
|
||||
goto out;
|
||||
}
|
||||
/*
|
||||
* Verify fname RSA signature.
|
||||
*/
|
||||
if (rsa_verify_buf(repo, pubkey, sig_buf, sig_st.st_size, buf, st.st_size))
|
||||
if (rsa_verify_buf(repo, pubkey, sig_buf, sigfilelen, buf, filelen))
|
||||
val = true;
|
||||
|
||||
out:
|
||||
if (rkeyfile)
|
||||
free(rkeyfile);
|
||||
if (fd != -1)
|
||||
close(fd);
|
||||
if (sig_fd != -1)
|
||||
close(sig_fd);
|
||||
if (buf)
|
||||
free(buf);
|
||||
(void)munmap(buf, buflen);
|
||||
if (sig_buf)
|
||||
(void)munmap(sig_buf, sigbuflen);
|
||||
if (sig)
|
||||
free(sig);
|
||||
if (sig_buf)
|
||||
free(sig_buf);
|
||||
if (repokeyd)
|
||||
xbps_object_release(repokeyd);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user