Re: [pacman-dev] [PATCH 1/1] libalpm: add default switch case to handle unknown pubkey algorithm
On 11/06/14 23:37, Christian Hesse wrote:
--- lib/libalpm/signing.c | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 8fb909d..a7a70f6 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -348,6 +348,11 @@ static int key_search(alpm_handle_t *handle, const char *fpr, #endif pgpkey->pubkey_algo = 'E'; break; + + default: + _alpm_log(handle, ALPM_LOG_DEBUG, "unknown public key algorithm\n"); + ret = 0; + goto gpg_error; }
ret = 1;
I like how we got a compile failure on the last gpgme update to flag we needed to deal with the new enum value. So I am not sure about adding the default here.
Allan McRae <allan@archlinux.org> on Thu, 2014/06/12 16:24:
On 11/06/14 23:37, Christian Hesse wrote:
--- lib/libalpm/signing.c | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 8fb909d..a7a70f6 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -348,6 +348,11 @@ static int key_search(alpm_handle_t *handle, const char *fpr, #endif pgpkey->pubkey_algo = 'E'; break; + + default: + _alpm_log(handle, ALPM_LOG_DEBUG, "unknown public key algorithm\n"); + ret = 0; + goto gpg_error; }
ret = 1;
I like how we got a compile failure on the last gpgme update to flag we needed to deal with the new enum value. So I am not sure about adding the default here.
The compile failure is nice, though the code can fail at runtime. Consider pacman has been compiled with gpgme-1.4.x, but links against gpgme-1.5.x at runtime. (libgpgme did not bump soname, so actually this is the case.) What will happen if pacman finds an ECC public key (or whatever future will bring)? -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);}
participants (2)
-
Allan McRae
-
Christian Hesse