Esempio n. 1
0
/*
 * Everything here is predictible, only needs some patience.
 *
 * But there is a chance that the system-specific functions
 * did not work.  So keep faith and try to slow the attacker down.
 */
static uint8_t *try_unix_std(uint8_t *dst) {
    pid_t pid;
    int x;

    struct timeval tv;
    int res;

    /* process id */
    pid = getpid();
    memcpy(dst, (uint8_t *)&pid, sizeof(pid));
    dst += sizeof(pid);

    /* time */
    gettimeofday(&tv, NULL);
    memcpy(dst, (uint8_t *)&tv, sizeof(tv));
    dst += sizeof(tv);

    /* pointless, but should not hurt */
    x = random();
    memcpy(dst, (uint8_t *)&x, sizeof(x));
    dst += sizeof(x);

    /* hash of uninitialized stack and heap allocations */
    SHA1_CTX ctx;
    sha1_Init(&ctx);

    uint8_t *ptr;
    uint8_t stack[8192];
    int alloc = 32 * 1024;

    VALGRIND_MAKE_MEM_DEFINED(stack, sizeof(stack));
    sha1_Update(&ctx, stack, sizeof(stack));
    ptr = malloc(alloc);
    VALGRIND_MAKE_MEM_DEFINED(ptr, alloc);
    sha1_Update(&ctx, ptr, alloc);
    free(ptr);

    sha1_Final(dst, &ctx);
    memset(&ctx, 0, sizeof(SHA1_CTX));

    dst += SHA1_DIGEST_LENGTH;

    return dst;
}
Esempio n. 2
0
void PDFDocSaveUnPackedUnLinearized(PDFDocHandle Doc, PDFStreamHandle Strm)
{
    char str[128];
    ppUns32 i, xrefoffset;
	ppUns32 k;
    PDFCosHandle obj,wrk, ar, z, cr;
    PDFCosHandle tobj;
    PDFID ID, EID;
    char *pstr;
    TPDFCryptoType ncr, *UsedCrypto = NULL;
    ppBool crypting = false, delID = false;
    char c;

#ifndef NOT_USE_SIGN 
    sha1_Context hctx;
    PDFStreamHandle ms  = NULL;
    int fs, s1, o2, s2, hlen = SHA1_HASHSIZE;
    ppUns8 hash[SHA1_HASHSIZE]; 
#endif
    _CosNullNew (Doc, cr);
    _CosNullNew (Doc, tobj);

#ifndef NOT_USE_SIGN
	if ( _DOC->Signed ){
		sig_AddSigDict ( Doc );
		sig_AddSigAnnot ( Doc );
		sig_UpdateAcroForm ( Doc );
		sig_UpdatePageAnnots ( Doc );
		ms = ULStreamMemNew ( _LIB, 0 );
	}
#endif

	if ( _DOC->Remove ){
		PDFDocRemoveUnUsed ( Doc, NULL );
		k = 1;
		for ( i = 1; i < _DOC->Size; i++ ){
			if ( ( ( CosDoc ) Doc )->Entries[i].Used != etFree )
				( ( CosDoc ) Doc )->Entries[i].Additional = k++;
			else 
				( ( CosDoc ) Doc )->Entries[i].Additional = 0x7FFFFFFF;
		} 
		PDFDocRenumAllObjects ( Doc );
		PDFDocPackFree ( ( CosDoc ) Doc );
	}
    if ( _DOC->UseOldSecurity ){
        if ( _DOC->Crypted ){ 
            crypting = true;
            UsedCrypto = &( _DOC->CryptoInfo );
        };
    } else{
        if ( _DOC->NewCrypted ){
            crypting = true;
			ULSetNewCryptoData( Doc, &ncr );
			UsedCrypto = &ncr;
            delID = true;
        };
    };
    PDFTRY ( _LIB ){
		if ( crypting ){
            cr = ULPrepareCryptoDictionary (Doc, UsedCrypto );
			EID= _CosObjFullID (cr);
        };
		if (((CosDoc)Doc)->Version >= 9){
			_CosDictAppend(_DOC->Root,Extensions,obj = CosDictNew(Doc,false,1));
			_CosDictAppend(obj,ADBE,wrk = CosDictNew(Doc,false,2));
			_CosDictAppend(wrk,BaseVersion,CosNameNew(Doc, false,ULStringToAtom(_LIB,"1.7")));
			_CosDictAppend(wrk,ExtensionLevel, CosIntNew(Doc,false,3));
		}
/*
#ifndef NOT_USE_SIGN
        if ( _DOC->Signed ){
            sig_AddSigDict ( Doc );
            sig_AddSigAnnot ( Doc );
            sig_UpdateAcroForm ( Doc );
            sig_UpdatePageAnnots ( Doc );
            ms = ULStreamMemNew ( _LIB, 0 );
        }
#endif*/
        _CosNullNew(Doc, z);
        _CosNullNew(Doc, ar);
        PDFTRY ( _LIB ){
            tobj = CosDictNew ( Doc, false, 4 );
            _CosDictAppend ( tobj, Size, CosIntNew ( Doc, false, _DOC->Size ) );
            _CosDictAppend ( tobj, Root, _DOC->Root );
            _CosDictAppend ( tobj, Info, _DOC->Info );
            if ( crypting )
                _CosDictAppend ( tobj, Encrypt, cr );
            _CosDictAppend ( tobj, ID, ( ar = CosArrayNew ( Doc, false, 2 ) ) );
            if ( crypting )
                z = CosCopy ( Doc, UsedCrypto->FileID );
            else
                z = ULCreateFileID ( Doc, PDFEngine );
            _CosStringHex(z) =  true;
            CosArrayAppend ( ar, z );
            CosArrayAppend ( ar, CosCopy (Doc, z ) );         
        } PDFEXCEPT ( _LIB ){
            CosFree ( tobj );
            CosFree ( z );
            PDFRERAISE ( _LIB );
        }
        PDFTRYEND ( _LIB );
#ifndef NOT_USE_SIGN
        if ( _DOC->Signed )
            sha1_Init ( &hctx );
#endif
        SULStrToStrm ( Strm, "%PDF-1." );
        c =(ppInt8)( _DOC->Version + '0');
        SULStrmWriteChar ( Strm, c );
        SULStrToStrm ( Strm, "\r\n" );
        SULStrToStrm ( Strm, "%\330\302\300\314\r\n" );
        for ( i = 1; i < _DOC->Size; i++ ){
            if ( _DOC->Entries[i].Used != etFree ){
#ifndef NOT_USE_SIGN 
                if ( _DOC->Signed && _CosObjID( _DOC->SigCtx->Sign) == i )
                    break;
#endif
                obj = CosGetFromDoc ( Doc, i );
                if ( crypting ){
                    obj = CosCopy( Doc, obj ); 
                    ID.ID = i;
                    ID.GenID = _DOC->Entries[i].Generation;
                    if ( i != EID.ID )
                        CosCryptObject ( obj, UsedCrypto, ID, true );
                };
                _DOC->Entries[i].Offset = ULStreamGetPosition ( Strm );
                ULitostr ( i, str );
                SULStrToStrm ( Strm, str );
                SULStrToStrm ( Strm, " " );
                ULitostr ( _DOC->Entries[i].Generation, str );
                SULStrToStrm ( Strm, str );
                if ( _CosGetType ( obj ) < CosName )
                    SULStrToStrm ( Strm, " obj " )
                else
                    SULStrToStrm ( Strm, " obj" )
#ifndef NOT_USE_SIGN 
                if ( _DOC->Signed ){
                    CosCopyObjToStream (obj, ms );
                    sha1_Update ( &hctx, ( ppUns8 *) ULStrmGetMem ( ms ),
                                  ULStreamGetSize ( ms ) );
                    ULStreamCopyToStream ( ms, Strm );
                    ULStreamClear ( ms, 0 );
                } else
#endif
                    CosCopyObjToStream (obj, Strm );
                if ( crypting )
                    CosFree ( obj );
                SULStrToStrm ( Strm, "\nendobj\n" );
            };
        };
#ifndef NOT_USE_SIGN

        if ( _DOC->Signed ){
            fs = ULStreamGetPosition ( Strm );
            TailPass ( Doc, i, tobj, UsedCrypto, EID, &fs, &s1, &o2, NULL );
            s2 = fs - o2; sig_UpdateByteRange ( Doc, s1, o2, s2 );
            fs = ULStreamGetPosition ( Strm );
            TailPass ( Doc, i, tobj, UsedCrypto, EID, &fs, &s1, &o2, &hctx );
            sha1_Finish ( &hctx, hash );
            sig_UpdateContents ( Doc, hash, hlen );

            for ( ; i < _DOC->Size; i++ ){
                if ( _DOC->Entries[i].Used != etFree ){
                    obj = CosGetFromDoc ( Doc, i );
                    if ( crypting ){
                        obj = CosCopy( Doc, obj );
                        ID.ID = i; ID.GenID = _DOC->Entries[i].Generation;
                        if ( i != EID.ID )
                            CosCryptObject ( obj, UsedCrypto, ID, true );
                    }
                    _DOC->Entries[i].Offset = ULStreamGetPosition ( Strm );
                    ULitostr ( i, str );
                    ULStrToStrm ( Strm, str );
                    ULStrToStrm ( Strm, " " );
                    ULitostr ( _DOC->Entries[i].Generation, str );
                    ULStrToStrm ( Strm, str );
                    if ( _CosGetType ( obj ) < CosName )
                        ULStrToStrm ( Strm, " obj " );
                    else
                        ULStrToStrm ( Strm, " obj" );
                    CosCopyObjToStream ( obj, Strm );
                    if ( crypting )
                        CosFree ( obj );
                    ULStrToStrm ( Strm, "\nendobj\n" );
                }
            }
        }

#endif        
        xrefoffset = ULStreamGetPosition ( Strm );
        ULStrToStrm ( Strm, "xref\r\n0 " );
        ULitostr ( _DOC->Size, str );
        ULStrToStrm ( Strm, str );
        ULStrToStrm ( Strm, "\r\n0000000000 65535 f\r\n" );
        for ( i = 1; i < _DOC->Size; i++ ){
            if ( _DOC->Entries[i].Used != etFree ){
                pstr = ULIntToStrWithZero ( _LIB, _DOC->Entries[i].Offset, 10 );
                ULStrToStrm ( Strm, pstr );
                mfree (  _LIB, pstr );
                ULStreamWriteChar ( Strm, ' ' );
            } else
                ULStrToStrm ( Strm, "0000000000 " );

            if ( _DOC->Entries[i].Generation == 0xFFFF )
                pstr = ULIntToStrWithZero ( _LIB, 0, 5 );
            else
                pstr = ULIntToStrWithZero ( _LIB, _DOC->Entries[i].Generation,
                                            5 );
            ULStrToStrm ( Strm, pstr );
            mfree ( _LIB, pstr );
            _DOC->Entries[i].Used != etFree ? ULStrToStrm ( Strm, " n\r\n" ) :
            ULStrToStrm ( Strm, " f\r\n" );
        }
        ULStrToStrm ( Strm, "trailer\r\n" );
        CosCopyObjToStream ( tobj, Strm );
        CosFree ( tobj );
        ULStrToStrm ( Strm, "\r\nstartxref\r\n" );
        ULIntToStrm ( Strm, xrefoffset );
        ULStrToStrm ( Strm, "\r\n%%EOF" );
        if ( crypting )
            PDFDocDeleteObjEx ( Doc, EID.ID);
#ifndef NOT_USE_SIGN
        if ( _DOC->Signed )
            ULStreamClose ( ms );
#endif
    } PDFEXCEPT ( _LIB ){
        CosFree ( ncr.FileID );
#ifndef NOT_USE_SIGN
        if ( ms )
            ULStreamClose ( ms );
#endif
        CosFree ( tobj );
        PDFRERAISE ( _LIB );
    }
    PDFTRYEND ( _LIB );
    if ( delID )
        CosFree ( ncr.FileID );
}
Esempio n. 3
0
void TailPass(PDFDocHandle Doc, int start, PDFCosHandle tobj,
              TPDFCryptoType *crypto, PDFID EID, int *fsize, int *s1, int *o2,
              sha1_Context *ctx)
{
    PDFStreamHandle strm= NULL;
    PDFCosHandle obj    ;
    PDFID ID;
    ppBool crypting;
    char str[128], *pstr, *p, *q;
    ppUns32 i, l;

    _CosNullNew(Doc, obj);

    crypting = (ppBool)( crypto != NULL );
    PDFTRY ( _LIB ){
        strm = ULStreamMemNew ( _LIB, 0 );
        obj = CosGetFromDoc ( Doc, start);
        if ( crypting ){
            obj= CosCopy( Doc, obj );
            ID.ID = start;
            ID.GenID = _DOC->Entries[start].Generation;
            CosCryptObject ( obj, crypto, ID, true );
        }
        _DOC->Entries[start].Offset = *fsize;
        ULitostr ( start, str );
        ULStrToStrm ( strm, str );
        ULStrToStrm ( strm, " " );
        ULitostr ( _DOC->Entries[start].Generation, str );
        ULStrToStrm ( strm, str );
        if ( _CosGetType ( obj ) < CosName )
            ULStrToStrm ( strm, " obj " );
        else
            ULStrToStrm ( strm, " obj" );
        CosCopyObjToStream ( obj, strm );
        if ( crypting )
            CosFree ( obj );
        ULStrToStrm ( strm, "\nendobj\n" );
        p = ( char * ) ULStrmGetMem ( strm );
        q = strstr ( p, "/Contents" );
        q += strlen ( "/Contents" );
        ( *s1 ) = *fsize + ( int ) ( q - p );
        if ( ctx != NULL )
            sha1_Update ( ctx, (ppUns8 *) p, ( int ) ( q - p ) );
        q = strchr ( p, '>' );
        l = ULStreamGetSize ( strm );
        if ( ctx != NULL )
            sha1_Update ( ctx, (ppUns8 *) (q + 1), l - ( int ) ( q - p ) - 1 );
        ( *o2 ) = *fsize + ( int ) ( q - p ) + 1;
        ( *fsize ) += ULStreamGetSize ( strm );
        ULStreamClear ( strm, 0 );

        for ( i = start + 1; i < _DOC->Size; i++ ){
            if ( _DOC->Entries[i].Used != etFree ){
                obj = CosGetFromDoc ( Doc, i );
                if ( crypting ){
                    obj = CosCopy ( Doc, obj );
                    ID.ID = i;
                    ID.GenID = _DOC->Entries[i].Generation;
                    if ( i != EID.ID )
                        CosCryptObject ( obj, crypto, ID, true );
                }
                _DOC->Entries[i].Offset = *fsize;
                ULitostr ( i, str );
                ULStrToStrm ( strm, str );
                ULStrToStrm ( strm, " " );
                ULitostr ( _DOC->Entries[i].Generation, str );
                ULStrToStrm ( strm, str );
                if ( _CosGetType ( obj ) < CosName )
                    ULStrToStrm ( strm, " obj " );
                else
                    ULStrToStrm ( strm, " obj" );
                CosCopyObjToStream ( obj, strm );
                if ( crypting )
                    CosFree ( obj );
                ULStrToStrm ( strm, "\nendobj\n" );
                ( *fsize ) += ULStreamGetSize ( strm );
                if ( ctx != NULL )
                    sha1_Update ( ctx, ( ppUns8 * ) ULStrmGetMem ( strm ),
                                  ULStreamGetSize ( strm ) );
                ULStreamClear ( strm, 0 );
            }
        }

        ULStrToStrm ( strm, "xref\r\n0 " );
        ULitostr ( _DOC->Size, str );
        ULStrToStrm ( strm, str );
        ULStrToStrm ( strm, "\r\n0000000000 65535 f\r\n" );
        for ( i = 1; i < _DOC->Size; i++ ){
            if ( _DOC->Entries[i].Used != etFree ){
                pstr = ULIntToStrWithZero ( _LIB, _DOC->Entries[i].Offset, 10 );
                ULStrToStrm ( strm, pstr );
                mfree ( _LIB, pstr );
                ULStreamWriteChar ( strm, ' ' );
            } else
                ULStrToStrm ( strm, "0000000000 " );

            if ( _DOC->Entries[i].Generation == 0xFFFF )
                pstr = ULIntToStrWithZero ( _LIB, 0, 5 );
            else
                pstr = ULIntToStrWithZero ( _LIB, _DOC->Entries[i].Generation, 5 );
            ULStrToStrm ( strm, pstr );
            mfree ( _LIB, pstr );
            if ( _DOC->Entries[i].Used != etFree )
                ULStrToStrm ( strm, " n\r\n" );
            else
                ULStrToStrm ( strm, " f\r\n" );
        }
        ULStrToStrm ( strm, "trailer\r\n" );
        CosCopyObjToStream (tobj, strm );
        ULStrToStrm ( strm, "\r\nstartxref\r\n" );
        ULIntToStrm ( strm, *fsize );
        ULStrToStrm ( strm, "\r\n%%EOF" );
        ( *fsize ) += ULStreamGetSize ( strm );
        if ( ctx != NULL )
            sha1_Update ( ctx, ( ppUns8 * ) ULStrmGetMem ( strm ), ULStreamGetSize ( strm ) );
        ULStreamClose ( strm );
    } PDFEXCEPT ( _LIB ){
        if ( strm )
            ULStreamClose ( strm );
        if ( crypting )
            CosFree ( obj );
        PDFRERAISE ( _LIB );
    }
    PDFTRYEND ( _LIB );
}