From bb0c140c38ef26352ad5618ddb4aebb1e184c50d Mon Sep 17 00:00:00 2001 From: Timo Weingärtner Date: Sun, 18 Nov 2018 16:42:06 +0100 Subject: tests: describe the asserts --- tests | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/tests b/tests index d47daf1..0e7e1e7 100755 --- a/tests +++ b/tests @@ -57,19 +57,18 @@ produce_filtered_list () ( test_list_filter () { reference_out=$(ssh-add -L | grep ' key0$') - # sanity check: unfiltered shold be different from filtered - assertNotSame "$reference_out" "$(ssh-add -L)" + assertNotSame "sanity check: unfiltered shold be different from filtered" "$reference_out" "$(ssh-add -L)" - assertSame "$reference_out" "$(produce_filtered_list --comment key0)" - assertSame "$reference_out" "$(produce_filtered_list --comment-confirmed key0)" + assertSame "by comment" "$reference_out" "$(produce_filtered_list --comment key0)" + assertSame "by comment, confirmed" "$reference_out" "$(produce_filtered_list --comment-confirmed key0)" key0_md5=$(cut -d\ -f2 "$SHUNIT_TMPDIR/key0.pub" | base64 -d | md5sum - | cut -d\ -f1) - assertSame "$reference_out" "$(produce_filtered_list --fingerprint "$key0_md5")" - assertSame "$reference_out" "$(produce_filtered_list --fingerprint-confirmed "$key0_md5")" + assertSame "by md5 fingerprint" "$reference_out" "$(produce_filtered_list --fingerprint "$key0_md5")" + assertSame "by md5 fingerprint, confirmed" "$reference_out" "$(produce_filtered_list --fingerprint-confirmed "$key0_md5")" key0_base64=$(cut -d\ -f2 "$SHUNIT_TMPDIR/key0.pub") - assertSame "$reference_out" "$(produce_filtered_list --key "$key0_base64")" - assertSame "$reference_out" "$(produce_filtered_list --key-confirmed "$key0_base64")" + assertSame "by base64 encoded key" "$reference_out" "$(produce_filtered_list --key "$key0_base64")" + assertSame "by base64 encoded key, confirmed" "$reference_out" "$(produce_filtered_list --key-confirmed "$key0_base64")" } sign_key_with_key_filtered () ( -- cgit v1.2.3 From 87f2de93a6522bbcf17d1960e78641df8ecd85d3 Mon Sep 17 00:00:00 2001 From: Timo Weingärtner Date: Mon, 19 Nov 2018 21:27:42 +0100 Subject: base64_encode: fix two-byte out-of-bounds stack write BASE64_ENCODE_LENGTH() calculates the encoded size without padding --- ssh-agent-filter.C | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C index 307be1f..b6d906b 100644 --- a/ssh-agent-filter.C +++ b/ssh-agent-filter.C @@ -116,12 +116,9 @@ string md5_hex (string const & s) { } string base64_encode (string const & s) { - struct base64_encode_ctx ctx; - base64_encode_init(&ctx); - char b64[BASE64_ENCODE_LENGTH(s.size())]; - auto len = base64_encode_update(&ctx, b64, s.size(), reinterpret_cast(s.data())); - len += base64_encode_final(&ctx, b64 + len); - return {b64, len}; + char b64[BASE64_ENCODE_RAW_LENGTH(s.size())]; + base64_encode_raw(b64, s.size(), reinterpret_cast(s.data())); + return {b64, sizeof(b64)}; } void cloexec (int fd) { -- cgit v1.2.3 From 6036ef52c956d8de14279b6f160ece60ae596eae Mon Sep 17 00:00:00 2001 From: Timo Weingärtner Date: Fri, 23 Nov 2018 23:20:30 +0100 Subject: release 0.5.2 --- changelog | 20 ++++++++++++++++++++ version.h | 2 +- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/changelog b/changelog index aaf1a24..dba174e 100644 --- a/changelog +++ b/changelog @@ -1,3 +1,23 @@ +commit 87f2de93a6522bbcf17d1960e78641df8ecd85d3 (HEAD -> master) +Author: Timo Weingärtner +Date: 2018-11-19 21:27:42 +0100 + + base64_encode: fix two-byte out-of-bounds stack write + + BASE64_ENCODE_LENGTH() calculates the encoded size without padding + +commit bb0c140c38ef26352ad5618ddb4aebb1e184c50d +Author: Timo Weingärtner +Date: 2018-11-18 16:42:06 +0100 + + tests: describe the asserts + +commit cc7b883c67b78021c13df453abeb35d8d9055c35 (tag: 0.5.1, tiwe/master) +Author: Timo Weingärtner +Date: 2018-07-18 20:42:58 +0200 + + release 0.5.1 + commit ddea0ce92bad7e218be9ac46f76ff2c34fd43a15 Author: Timo Weingärtner Date: 2018-05-10 17:50:04 +0200 diff --git a/version.h b/version.h index 2655862..923bc6f 100644 --- a/version.h +++ b/version.h @@ -1 +1 @@ -#define SSH_AGENT_FILTER_VERSION "ssh-agent-filter 0.5.1" +#define SSH_AGENT_FILTER_VERSION "ssh-agent-filter 0.5.2" -- cgit v1.2.3