nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-09 10:38:05 -05:00
Code Issues Projects Releases Wiki Activity

Checked cFolders value

Browse Source
This commit is contained in:
olszomal 2024-05-31 12:20:10 +02:00 committed by Michał Trojnara
parent 5232734071
commit 41b662a8fe
6 changed files with 73 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
appx.c
View File

@ -616,12 +616,12 @@ static int appx_process_data(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
entry = zipGetCDEntryByName(ctx->appx_ctx->zip, CONTENT_TYPES_FILENAME); entry = zipGetCDEntryByName(ctx->appx_ctx->zip, CONTENT_TYPES_FILENAME);
if (!entry) { if (!entry) {
printf("Not a valid .appx file: content types file missing\n"); printf("Not a valid .appx file: content types file missing\n");
return 1; /* FAILED */ return 0; /* FAILED */
} }
if (!appx_append_ct_signature_entry(ctx->appx_ctx->zip, entry)) { if (!appx_append_ct_signature_entry(ctx->appx_ctx->zip, entry)) {
return 1; /* FAILED */ return 0; /* FAILED */
} }
return 0; /* OK */ return 1; /* OK */
} }
/* /*

80
cab.c
View File

@ -396,7 +396,7 @@ static PKCS7 *cab_pkcs7_extract_to_nest(FILE_FORMAT_CTX *ctx)
*/ */
static int cab_remove_pkcs7(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata) static int cab_remove_pkcs7(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
{ {
size_t i, written, len; size_t idx, written, len;
uint32_t tmp; uint32_t tmp;
uint16_t nfolders, flags; uint16_t nfolders, flags;
char *buf; char *buf;
@ -441,29 +441,39 @@ static int cab_remove_pkcs7(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
* u2 iCabinet - number of this cabinet file in a set: 34-35 * u2 iCabinet - number of this cabinet file in a set: 34-35
*/ */
BIO_write(outdata, ctx->options->indata + 32, 4); BIO_write(outdata, ctx->options->indata + 32, 4);
i = cab_write_optional_names(outdata, ctx->options->indata, 60, flags); idx = cab_write_optional_names(outdata, ctx->options->indata, 60, flags);
if (idx >= ctx->cab_ctx->fileend) {
printf("Corrupt CAB file - too short\n");
OPENSSL_free(buf);
return 0; /* FAILED */
}
/* /*
* (u8 * cFolders) CFFOLDER - structure contains information about * (u8 * cFolders) CFFOLDER - structure contains information about
* one of the folders or partial folders stored in this cabinet file * one of the folders or partial folders stored in this cabinet file
*/ */
nfolders = GET_UINT16_LE(ctx->options->indata + 26); nfolders = GET_UINT16_LE(ctx->options->indata + 26);
if (nfolders * 8 >= ctx->cab_ctx->fileend - idx) {
printf("Corrupt cFolders value: 0x%08X\n", nfolders);
OPENSSL_free(buf);
return 0; /* FAILED */
}
while (nfolders) { while (nfolders) {
tmp = GET_UINT32_LE(ctx->options->indata + i); tmp = GET_UINT32_LE(ctx->options->indata + idx);
tmp -= 24; tmp -= 24;
PUT_UINT32_LE(tmp, buf); PUT_UINT32_LE(tmp, buf);
BIO_write(outdata, buf, 4); BIO_write(outdata, buf, 4);
BIO_write(outdata, ctx->options->indata + i + 4, 4); BIO_write(outdata, ctx->options->indata + idx + 4, 4);
i+=8; idx += 8;
nfolders--; nfolders--;
} }
OPENSSL_free(buf); OPENSSL_free(buf);
/* Write what's left - the compressed data bytes */ /* Write what's left - the compressed data bytes */
len = ctx->cab_ctx->fileend - ctx->cab_ctx->siglen - i; len = ctx->cab_ctx->fileend - ctx->cab_ctx->siglen - idx;
while (len > 0) { while (len > 0) {
if (!BIO_write_ex(outdata, ctx->options->indata + i, len, &written)) if (!BIO_write_ex(outdata, ctx->options->indata + idx, len, &written))
return 1; /* FAILED */ return 1; /* FAILED */
len -= written; len -= written;
i += written; idx += written;
} }
return 0; /* OK */ return 0; /* OK */
} }
@ -480,12 +490,12 @@ static int cab_process_data(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
/* Strip current signature and modify header */ /* Strip current signature and modify header */
if (ctx->cab_ctx->header_size == 20) { if (ctx->cab_ctx->header_size == 20) {
if (!cab_modify_header(ctx, hash, outdata)) if (!cab_modify_header(ctx, hash, outdata))
return 1; /* FAILED */ return 0; /* FAILED */
} else { } else {
if (!cab_add_header(ctx, hash, outdata)) if (!cab_add_header(ctx, hash, outdata))
return 1; /* FAILED */ return 0; /* FAILED */
} }
return 0; /* OK */ return 1; /* OK */
} }
/* /*
@ -802,7 +812,7 @@ static size_t cab_write_optional_names(BIO *outdata, char *indata, size_t i, uin
*/ */
static int cab_modify_header(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata) static int cab_modify_header(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
{ {
size_t i, written, len; size_t idx, written, len;
uint16_t nfolders, flags; uint16_t nfolders, flags;
u_char buf[] = {0x00, 0x00}; u_char buf[] = {0x00, 0x00};
@ -840,24 +850,32 @@ static int cab_modify_header(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
/* u4 abReserve: 56-59 */ /* u4 abReserve: 56-59 */
BIO_write(hash, ctx->options->indata + 56, 4); BIO_write(hash, ctx->options->indata + 56, 4);
i = cab_write_optional_names(outdata, ctx->options->indata, 60, flags); idx = cab_write_optional_names(outdata, ctx->options->indata, 60, flags);
if (idx >= ctx->cab_ctx->fileend) {
printf("Corrupt CAB file - too short\n");
return 0; /* FAILED */
}
/* /*
* (u8 * cFolders) CFFOLDER - structure contains information about * (u8 * cFolders) CFFOLDER - structure contains information about
* one of the folders or partial folders stored in this cabinet file * one of the folders or partial folders stored in this cabinet file
*/ */
nfolders = GET_UINT16_LE(ctx->options->indata + 26); nfolders = GET_UINT16_LE(ctx->options->indata + 26);
if (nfolders * 8 >= ctx->cab_ctx->fileend - idx) {
printf("Corrupt cFolders value: 0x%08X\n", nfolders);
return 0; /* FAILED */
}
while (nfolders) { while (nfolders) {
BIO_write(hash, ctx->options->indata + i, 8); BIO_write(hash, ctx->options->indata + idx, 8);
i += 8; idx += 8;
nfolders--; nfolders--;
} }
/* Write what's left - the compressed data bytes */ /* Write what's left - the compressed data bytes */
len = ctx->cab_ctx->sigpos - i; len = ctx->cab_ctx->sigpos - idx;
while (len > 0) { while (len > 0) {
if (!BIO_write_ex(hash, ctx->options->indata + i, len, &written)) if (!BIO_write_ex(hash, ctx->options->indata + idx, len, &written))
return 0; /* FAILED */ return 0; /* FAILED */
len -= written; len -= written;
i += written; idx += written;
} }
return 1; /* OK */ return 1; /* OK */
} }
@ -871,7 +889,7 @@ static int cab_modify_header(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
*/ */
static int cab_add_header(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata) static int cab_add_header(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
{ {
size_t i, written, len; size_t idx, written, len;
uint32_t tmp; uint32_t tmp;
uint16_t nfolders, flags; uint16_t nfolders, flags;
u_char cabsigned[] = { u_char cabsigned[] = {
@ -916,29 +934,39 @@ static int cab_add_header(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
BIO_write(outdata, cabsigned, 20); BIO_write(outdata, cabsigned, 20);
BIO_write(hash, cabsigned+20, 4); BIO_write(hash, cabsigned+20, 4);
i = cab_write_optional_names(outdata, ctx->options->indata, 36, flags); idx = cab_write_optional_names(outdata, ctx->options->indata, 36, flags);
if (idx >= ctx->cab_ctx->fileend) {
printf("Corrupt CAB file - too short\n");
OPENSSL_free(buf);
return 0; /* FAILED */
}
/* /*
* (u8 * cFolders) CFFOLDER - structure contains information about * (u8 * cFolders) CFFOLDER - structure contains information about
* one of the folders or partial folders stored in this cabinet file * one of the folders or partial folders stored in this cabinet file
*/ */
nfolders = GET_UINT16_LE(ctx->options->indata + 26); nfolders = GET_UINT16_LE(ctx->options->indata + 26);
if (nfolders * 8 >= ctx->cab_ctx->fileend - idx) {
printf("Corrupt cFolders value: 0x%08X\n", nfolders);
OPENSSL_free(buf);
return 0; /* FAILED */
}
while (nfolders) { while (nfolders) {
tmp = GET_UINT32_LE(ctx->options->indata + i); tmp = GET_UINT32_LE(ctx->options->indata + idx);
tmp += 24; tmp += 24;
PUT_UINT32_LE(tmp, buf); PUT_UINT32_LE(tmp, buf);
BIO_write(hash, buf, 4); BIO_write(hash, buf, 4);
BIO_write(hash, ctx->options->indata + i + 4, 4); BIO_write(hash, ctx->options->indata + idx + 4, 4);
i += 8; idx += 8;
nfolders--; nfolders--;
} }
OPENSSL_free(buf); OPENSSL_free(buf);
/* Write what's left - the compressed data bytes */ /* Write what's left - the compressed data bytes */
len = ctx->cab_ctx->fileend - i; len = ctx->cab_ctx->fileend - idx;
while (len > 0) { while (len > 0) {
if (!BIO_write_ex(hash, ctx->options->indata + i, len, &written)) if (!BIO_write_ex(hash, ctx->options->indata + idx, len, &written))
return 0; /* FAILED */ return 0; /* FAILED */
len -= written; len -= written;
i += written; idx += written;
} }
return 1; /* OK */ return 1; /* OK */
} }

4
msi.c
View File

@ -595,9 +595,9 @@ static int msi_process_data(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
hash = msi_digest_calc_bio(ctx, hash); hash = msi_digest_calc_bio(ctx, hash);
if (!hash) { if (!hash) {
return 1; /* FAILED */ return 0; /* FAILED */
} }
return 0; /* OK */ return 1; /* OK */
} }
/* /*

12
osslsigncode.c
View File

@ -4878,7 +4878,9 @@ int main(int argc, char **argv)
DO_EXIT_0("Unable to extract existing signature\n"); DO_EXIT_0("Unable to extract existing signature\n");
} }
if (ctx->format->process_data) { if (ctx->format->process_data) {
ctx->format->process_data(ctx, hash, outdata); if (!ctx->format->process_data(ctx, hash, outdata)) {
DO_EXIT_0("Unable to read input file\n");
}
} }
} else if (options.cmd == CMD_ATTACH) { } else if (options.cmd == CMD_ATTACH) {
if (options.nest) { if (options.nest) {
@ -4904,7 +4906,9 @@ int main(int argc, char **argv)
DO_EXIT_0("Unable to extract valid signature\n"); DO_EXIT_0("Unable to extract valid signature\n");
} }
if (ctx->format->process_data) { if (ctx->format->process_data) {
ctx->format->process_data(ctx, hash, outdata); if (!ctx->format->process_data(ctx, hash, outdata)) {
DO_EXIT_0("Unable to read input file\n");
}
} }
} else if (options.cmd == CMD_SIGN) { } else if (options.cmd == CMD_SIGN) {
if (options.nest) { if (options.nest) {
@ -4924,7 +4928,9 @@ int main(int argc, char **argv)
} }
} }
if (ctx->format->process_data) { if (ctx->format->process_data) {
ctx->format->process_data(ctx, hash, outdata); if (!ctx->format->process_data(ctx, hash, outdata)) {
DO_EXIT_0("Unable to read input file\n");
}
} }
if (ctx->format->pkcs7_signature_new) { if (ctx->format->pkcs7_signature_new) {
/* Create a new PKCS#7 signature */ /* Create a new PKCS#7 signature */

4
pe.c
View File

@ -374,9 +374,9 @@ static int pe_process_data(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
} }
if (!pe_modify_header(ctx, hash, outdata)) { if (!pe_modify_header(ctx, hash, outdata)) {
printf("Unable to modify file header\n"); printf("Unable to modify file header\n");
return 1; /* FAILED */ return 0; /* FAILED */
} }
return 0; /* OK */ return 1; /* OK */
} }
/* /*

6
script.c
View File

@ -455,10 +455,10 @@ static int script_process_data(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
ctx->script_ctx->fileend = ctx->script_ctx->sigpos; ctx->script_ctx->fileend = ctx->script_ctx->sigpos;
} }
if (!script_write_bio(outdata, ctx->options->indata, ctx->script_ctx->fileend)) if (!script_write_bio(outdata, ctx->options->indata, ctx->script_ctx->fileend))
return 1; /* FAILED */ return 0; /* FAILED */
if (!script_digest_convert(hash, ctx, ctx->script_ctx->fileend)) if (!script_digest_convert(hash, ctx, ctx->script_ctx->fileend))
return 1; /* FAILED */ return 0; /* FAILED */
return 0; /* OK */ return 1; /* OK */
} }
/* /*