diff options
author | David Kalnischkies <david@kalnischkies.de> | 2019-01-28 18:17:00 +0100 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2019-01-28 18:17:00 +0100 |
commit | c8350b2b0b77bacf6a1b42eade20002546baac3a (patch) | |
tree | 65dfe07fef6bbfba02a22eae95a35f8a4235d57f /apt-pkg/contrib/gpgv.cc | |
parent | 73e3459689c05cd62f15c29d2faddb0fc215ef5e (diff) |
Explicitly remove the whitespaces defined by RFC
RFC 4880 section 7.1 "Dash-Escaped Text" at the end defines that only
space and tab are allowed, so we should remove only these even if due to
use complaining (or now failing) you can't really make use of it.
Note that strrstrip was removing '\r\n\t ', not other whitespaces like
\v or \f and another big reason to do it explicitly here now is to avoid
that a future change adding those could have unintended consequences.
Diffstat (limited to 'apt-pkg/contrib/gpgv.cc')
-rw-r--r-- | apt-pkg/contrib/gpgv.cc | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc index 054b815fb..087862b70 100644 --- a/apt-pkg/contrib/gpgv.cc +++ b/apt-pkg/contrib/gpgv.cc @@ -28,6 +28,20 @@ #include <apti18n.h> /*}}}*/ +// a "normal" find_last_not_of returns npos if not found +static int find_last_not_of_length(char * const buffer, APT::StringView const bad) +{ + if (buffer == nullptr) + return 0; + int result = strlen(buffer) - 1; + while (result >= 0) + { + if (std::find(bad.begin(), bad.end(), buffer[result]) == bad.end()) + break; + --result; + } + return result + 1; +} static bool GetLineErrno(std::unique_ptr<char, decltype(&free)> &buffer, size_t *n, FILE *stream, std::string const &InFile, bool acceptEoF = false)/*{{{*/ { errno = 0; @@ -42,10 +56,12 @@ static bool GetLineErrno(std::unique_ptr<char, decltype(&free)> &buffer, size_t return false; return _error->Error("Splitting of clearsigned file %s failed as it doesn't contain all expected parts", InFile.c_str()); } - // We remove all whitespaces including newline here as - // a) gpgv ignores them for signature - // b) we can write out a \n in code later instead of dealing with \r\n or not - _strrstrip(buffer.get()); + // a) remove newline characters, so we can work consistently with lines + auto line_length = find_last_not_of_length(buffer.get(), "\n\r"); + buffer.get()[line_length] = '\0'; + // b) remove trailing whitespaces as defined by rfc4880 ยง7.1 + line_length = find_last_not_of_length(buffer.get(), " \t"); + buffer.get()[line_length] = '\0'; return true; } /*}}}*/ |