chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
4da416a
)
journal: verify compressed objects
author
Lennart Poettering
<lennart@poettering.net>
Thu, 16 Aug 2012 01:43:07 +0000
(
03:43
+0200)
committer
Lennart Poettering
<lennart@poettering.net>
Thu, 16 Aug 2012 15:10:57 +0000
(17:10 +0200)
src/journal/journal-verify.c
patch
|
blob
|
history
diff --git
a/src/journal/journal-verify.c
b/src/journal/journal-verify.c
index 9318f3df8b82fd586e5cf2c435d1efa0c57cc19a..8ef91ce4854fdb337c256af2771aec0421f6b5f8 100644
(file)
--- a/
src/journal/journal-verify.c
+++ b/
src/journal/journal-verify.c
@@
-30,13
+30,14
@@
#include "journal-authenticate.h"
#include "journal-verify.h"
#include "lookup3.h"
#include "journal-authenticate.h"
#include "journal-verify.h"
#include "lookup3.h"
+#include "compress.h"
/* FIXME:
*
/* FIXME:
*
- * - verify hashes of compressed objects
* - follow all chains
* - check for unreferenced objects
* - verify FSPRG
* - follow all chains
* - check for unreferenced objects
* - verify FSPRG
+ * - Allow building without libgcrypt
*
* */
*
* */
@@
-54,7
+55,9
@@
static int journal_file_object_verify(JournalFile *f, Object *o) {
switch (o->object.type) {
switch (o->object.type) {
- case OBJECT_DATA:
+ case OBJECT_DATA: {
+ uint64_t h1, h2;
+
if (le64toh(o->data.entry_offset) <= 0 ||
le64toh(o->data.n_entries) <= 0)
return -EBADMSG;
if (le64toh(o->data.entry_offset) <= 0 ||
le64toh(o->data.n_entries) <= 0)
return -EBADMSG;
@@
-62,17
+65,27
@@
static int journal_file_object_verify(JournalFile *f, Object *o) {
if (le64toh(o->object.size) - offsetof(DataObject, payload) <= 0)
return -EBADMSG;
if (le64toh(o->object.size) - offsetof(DataObject, payload) <= 0)
return -EBADMSG;
- if (!(o->object.flags & OBJECT_COMPRESSED)) {
- uint64_t h1, h2;
+ h1 = le64toh(o->data.hash);
- h1 = le64toh(o->data.hash);
- h2 = hash64(o->data.payload, le64toh(o->object.size) - offsetof(Object, data.payload));
+ if (o->object.flags & OBJECT_COMPRESSED) {
+ void *b = NULL;
+ uint64_t alloc = 0, b_size;
- if (h1 != h2)
+ if (!uncompress_blob(o->data.payload,
+ le64toh(o->object.size) - offsetof(Object, data.payload),
+ &b, &alloc, &b_size))
return -EBADMSG;
return -EBADMSG;
- }
+
+ h2 = hash64(b, b_size);
+ free(b);
+ } else
+ h2 = hash64(o->data.payload, le64toh(o->object.size) - offsetof(Object, data.payload));
+
+ if (h1 != h2)
+ return -EBADMSG;
break;
break;
+ }
case OBJECT_FIELD:
if (le64toh(o->object.size) - offsetof(FieldObject, payload) <= 0)
case OBJECT_FIELD:
if (le64toh(o->object.size) - offsetof(FieldObject, payload) <= 0)