xref: /aoo4110/main/nss/nss_bug_1437734.patch (revision b1cdbd2c) 
1*b1cdbd2cSJim Jagielski--- misc/nss-3.25/nss/cmd/signtool/sign.c	2016-06-20 14:11:28.000000000 -0300
2*b1cdbd2cSJim Jagielski+++ misc/build/nss-3.25/nss/cmd/signtool/sign.c	2019-11-01 13:32:56.496828470 -0300
3*b1cdbd2cSJim Jagielski@@ -8,6 +8,10 @@
4*b1cdbd2cSJim Jagielski #include "blapi.h"
5*b1cdbd2cSJim Jagielski #include "sechash.h" /* for HASH_GetHashObject() */
6*b1cdbd2cSJim Jagielski
7*b1cdbd2cSJim Jagielski+#if defined(_MSC_VER) && _MSC_VER < 1900
8*b1cdbd2cSJim Jagielski+#define snprintf _snprintf
9*b1cdbd2cSJim Jagielski+#endif
10*b1cdbd2cSJim Jagielski+
11*b1cdbd2cSJim Jagielski static int create_pk7(char *dir, char *keyName, int *keyType);
12*b1cdbd2cSJim Jagielski static int jar_find_key_type(CERTCertificate *cert);
13*b1cdbd2cSJim Jagielski static int manifesto(char *dirname, char *install_script, PRBool recurse);
14*b1cdbd2cSJim Jagielski@@ -43,6 +47,7 @@ SignArchive(char *tree, char *keyName, c
15*b1cdbd2cSJim Jagielski     int status;
16*b1cdbd2cSJim Jagielski     char tempfn[FNSIZE], fullfn[FNSIZE];
17*b1cdbd2cSJim Jagielski     int keyType = rsaKey;
18*b1cdbd2cSJim Jagielski+    int count;
19*b1cdbd2cSJim Jagielski
20*b1cdbd2cSJim Jagielski     metafile = meta_file;
21*b1cdbd2cSJim Jagielski     optimize = _optimize;
22*b1cdbd2cSJim Jagielski@@ -81,11 +86,18 @@ SignArchive(char *tree, char *keyName, c
23*b1cdbd2cSJim Jagielski         }
24*b1cdbd2cSJim Jagielski
25*b1cdbd2cSJim Jagielski         /* rsa/dsa to zip */
26*b1cdbd2cSJim Jagielski-        sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ?
27*b1cdbd2cSJim Jagielski-                                                                   "dsa"
28*b1cdbd2cSJim Jagielski-                                                                   :
29*b1cdbd2cSJim Jagielski-                                                                   "rsa"));
30*b1cdbd2cSJim Jagielski-        sprintf(fullfn, "%s/%s", tree, tempfn);
31*b1cdbd2cSJim Jagielski+        count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa" : "rsa"));
32*b1cdbd2cSJim Jagielski+        if (count >= sizeof(tempfn)) {
33*b1cdbd2cSJim Jagielski+            PR_fprintf(errorFD, "unable to write key metadata\n");
34*b1cdbd2cSJim Jagielski+            errorCount++;
35*b1cdbd2cSJim Jagielski+            exit(ERRX);
36*b1cdbd2cSJim Jagielski+        }
37*b1cdbd2cSJim Jagielski+        count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
38*b1cdbd2cSJim Jagielski+        if (count >= sizeof(fullfn)) {
39*b1cdbd2cSJim Jagielski+            PR_fprintf(errorFD, "unable to write key metadata\n");
40*b1cdbd2cSJim Jagielski+            errorCount++;
41*b1cdbd2cSJim Jagielski+            exit(ERRX);
42*b1cdbd2cSJim Jagielski+        }
43*b1cdbd2cSJim Jagielski         JzipAdd(fullfn, tempfn, zipfile, compression_level);
44*b1cdbd2cSJim Jagielski
45*b1cdbd2cSJim Jagielski         /* Loop through all files & subdirectories, add to archive */
46*b1cdbd2cSJim Jagielski@@ -95,22 +107,44 @@ SignArchive(char *tree, char *keyName, c
47*b1cdbd2cSJim Jagielski     }
48*b1cdbd2cSJim Jagielski     /* mf to zip */
49*b1cdbd2cSJim Jagielski     strcpy(tempfn, "META-INF/manifest.mf");
50*b1cdbd2cSJim Jagielski-    sprintf(fullfn, "%s/%s", tree, tempfn);
51*b1cdbd2cSJim Jagielski+    count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
52*b1cdbd2cSJim Jagielski+    if (count >= sizeof(fullfn)) {
53*b1cdbd2cSJim Jagielski+        PR_fprintf(errorFD, "unable to write manifest\n");
54*b1cdbd2cSJim Jagielski+        errorCount++;
55*b1cdbd2cSJim Jagielski+        exit(ERRX);
56*b1cdbd2cSJim Jagielski+    }
57*b1cdbd2cSJim Jagielski     JzipAdd(fullfn, tempfn, zipfile, compression_level);
58*b1cdbd2cSJim Jagielski
59*b1cdbd2cSJim Jagielski     /* sf to zip */
60*b1cdbd2cSJim Jagielski-    sprintf(tempfn, "META-INF/%s.sf", base);
61*b1cdbd2cSJim Jagielski-    sprintf(fullfn, "%s/%s", tree, tempfn);
62*b1cdbd2cSJim Jagielski+    count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.sf", base);
63*b1cdbd2cSJim Jagielski+    if (count >= sizeof(tempfn)) {
64*b1cdbd2cSJim Jagielski+        PR_fprintf(errorFD, "unable to write sf metadata\n");
65*b1cdbd2cSJim Jagielski+        errorCount++;
66*b1cdbd2cSJim Jagielski+        exit(ERRX);
67*b1cdbd2cSJim Jagielski+    }
68*b1cdbd2cSJim Jagielski+    count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
69*b1cdbd2cSJim Jagielski+    if (count >= sizeof(fullfn)) {
70*b1cdbd2cSJim Jagielski+        PR_fprintf(errorFD, "unable to write sf metadata\n");
71*b1cdbd2cSJim Jagielski+        errorCount++;
72*b1cdbd2cSJim Jagielski+        exit(ERRX);
73*b1cdbd2cSJim Jagielski+    }
74*b1cdbd2cSJim Jagielski     JzipAdd(fullfn, tempfn, zipfile, compression_level);
75*b1cdbd2cSJim Jagielski
76*b1cdbd2cSJim Jagielski     /* Add the rsa/dsa file to the zip archive normally */
77*b1cdbd2cSJim Jagielski     if (!xpi_arc) {
78*b1cdbd2cSJim Jagielski         /* rsa/dsa to zip */
79*b1cdbd2cSJim Jagielski-        sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ?
80*b1cdbd2cSJim Jagielski-                                                                   "dsa"
81*b1cdbd2cSJim Jagielski-                                                                   :
82*b1cdbd2cSJim Jagielski-                                                                   "rsa"));
83*b1cdbd2cSJim Jagielski-        sprintf(fullfn, "%s/%s", tree, tempfn);
84*b1cdbd2cSJim Jagielski+        count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa" : "rsa"));
85*b1cdbd2cSJim Jagielski+        if (count >= sizeof(tempfn)) {
86*b1cdbd2cSJim Jagielski+            PR_fprintf(errorFD, "unable to write key metadata\n");
87*b1cdbd2cSJim Jagielski+            errorCount++;
88*b1cdbd2cSJim Jagielski+            exit(ERRX);
89*b1cdbd2cSJim Jagielski+        }
90*b1cdbd2cSJim Jagielski+        count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
91*b1cdbd2cSJim Jagielski+        if (count >= sizeof(fullfn)) {
92*b1cdbd2cSJim Jagielski+            PR_fprintf(errorFD, "unable to write key metadata\n");
93*b1cdbd2cSJim Jagielski+            errorCount++;
94*b1cdbd2cSJim Jagielski+            exit(ERRX);
95*b1cdbd2cSJim Jagielski+        }
96*b1cdbd2cSJim Jagielski         JzipAdd(fullfn, tempfn, zipfile, compression_level);
97*b1cdbd2cSJim Jagielski     }
98*b1cdbd2cSJim Jagielski
99*b1cdbd2cSJim Jagielski@@ -413,6 +447,7 @@ static int
100*b1cdbd2cSJim Jagielski manifesto_xpi_fn(char *relpath, char *basedir, char *reldir, char *filename, void *arg)
101*b1cdbd2cSJim Jagielski {
102*b1cdbd2cSJim Jagielski     char fullname[FNSIZE];
103*b1cdbd2cSJim Jagielski+    int count;
104*b1cdbd2cSJim Jagielski
105*b1cdbd2cSJim Jagielski     if (verbosity >= 0) {
106*b1cdbd2cSJim Jagielski         PR_fprintf(outputFD, "--> %s\n", relpath);
107*b1cdbd2cSJim Jagielski@@ -426,7 +461,10 @@ manifesto_xpi_fn(char *relpath, char *ba
108*b1cdbd2cSJim Jagielski         if (!PL_HashTableLookup(extensions, ext))
109*b1cdbd2cSJim Jagielski             return 0;
110*b1cdbd2cSJim Jagielski     }
111*b1cdbd2cSJim Jagielski-    sprintf(fullname, "%s/%s", basedir, relpath);
112*b1cdbd2cSJim Jagielski+    count = snprintf(fullname, sizeof(fullname), "%s/%s", basedir, relpath);
113*b1cdbd2cSJim Jagielski+    if (count >= sizeof(fullname)) {
114*b1cdbd2cSJim Jagielski+        return 1;
115*b1cdbd2cSJim Jagielski+    }
116*b1cdbd2cSJim Jagielski     JzipAdd(fullname, relpath, zipfile, compression_level);
117*b1cdbd2cSJim Jagielski
118*b1cdbd2cSJim Jagielski     return 0;
119