 @@ -1,14 +1,14 @@
-/*	$NetBSD: bzlib.c,v 1.4 2015/02/03 21:13:17 agc Exp $	*/
+/*	$NetBSD: bzlib.c,v 1.5 2016/02/19 22:41:50 agc Exp $	*/
 /*-------------------------------------------------------------*/
 /*--- Library top-level functions.                          ---*/
 /*---                                               bzlib.c ---*/
 /*-------------------------------------------------------------*/
 /* ------------------------------------------------------------------
    This file is part of bzip2/libbzip2, a program and library for
    lossless, block-sorting data compression.
    bzip2/libbzip2 version 1.0.6 of 6 September 2010
    Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
 @@ -25,27 +25,31 @@
 .9.0a/b -- no changes in this file.
 .9.0c   -- made zero-length BZ_FLUSH work correctly in bzCompress().
      fixed bzWrite/bzRead to ignore zero-length requests.
      fixed bzread to correctly handle read requests after EOF.
      wrong parameter order in call to bzDecompressInit in
      bzBuffToBuffDecompress.  Fixed.
 */
 #include "config.h"
 #include "bzlib_private.h"
-/*	$NetBSD: bzlib.c,v 1.4 2015/02/03 21:13:17 agc Exp $	*/
+#ifndef USE_ARG
 #define	USE_ARG(x)	/*LINTED*/(void)&(x)
 #endif
 /*	$NetBSD: bzlib.c,v 1.5 2016/02/19 22:41:50 agc Exp $	*/
 /*-------------------------------------------------------------*/
 /*--- Table for randomising repetitive blocks               ---*/
 /*---                                           randtable.c ---*/
 /*-------------------------------------------------------------*/
 /* ------------------------------------------------------------------
    This file is part of bzip2/libbzip2, a program and library for
    lossless, block-sorting data compression.
    bzip2/libbzip2 version 1.0.6 of 6 September 2010
    Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
 @@ -1072,27 +1076,27 @@ const char * BZ_API(BZ2_bzerror) (BZFILE
+{
    int err = ((bzFile *)b)->lastErr;
    if(err>0) err = 0;
    *errnum = err;
    return bzerrorstrings[err*-1];
+}
 #endif
 /*-------------------------------------------------------------*/
 /*--- end                                           bzlib.c ---*/
 /*-------------------------------------------------------------*/
-/*	$NetBSD: bzlib.c,v 1.4 2015/02/03 21:13:17 agc Exp $	*/
+/*	$NetBSD: bzlib.c,v 1.5 2016/02/19 22:41:50 agc Exp $	*/
 /*-------------------------------------------------------------*/
 /*--- Decompression machinery                               ---*/
 /*---                                          decompress.c ---*/
 /*-------------------------------------------------------------*/
 /* ------------------------------------------------------------------
    This file is part of bzip2/libbzip2, a program and library for
    lossless, block-sorting data compression.
    bzip2/libbzip2 version 1.0.6 of 6 September 2010
    Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
 @@ -1718,27 +1722,27 @@ Int32 BZ2_decompress ( DState* s )
    s->save_gSel        = gSel;
    s->save_gMinlen     = gMinlen;
    s->save_gLimit      = gLimit;
    s->save_gBase       = gBase;
    s->save_gPerm       = gPerm;
    return retVal;
+}
 /*-------------------------------------------------------------*/
 /*--- end                                      decompress.c ---*/
 /*-------------------------------------------------------------*/
-/*	$NetBSD: bzlib.c,v 1.4 2015/02/03 21:13:17 agc Exp $	*/
+/*	$NetBSD: bzlib.c,v 1.5 2016/02/19 22:41:50 agc Exp $	*/
 /*-------------------------------------------------------------*/
 /*--- Table for doing CRCs                                  ---*/
 /*---                                            crctable.c ---*/
 /*-------------------------------------------------------------*/
 /* ------------------------------------------------------------------
    This file is part of bzip2/libbzip2, a program and library for
    lossless, block-sorting data compression.
    bzip2/libbzip2 version 1.0.6 of 6 September 2010
    Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
 @@ -1822,27 +1826,27 @@ UInt32 BZ2_crc32Table[256] = {
 xd6ad50a5L, 0xd26c4d12L, 0xdf2f6bcbL, 0xdbee767cL,
 xe3a1cbc1L, 0xe760d676L, 0xea23f0afL, 0xeee2ed18L,
 xf0a5bd1dL, 0xf464a0aaL, 0xf9278673L, 0xfde69bc4L,
 x89b8fd09L, 0x8d79e0beL, 0x803ac667L, 0x84fbdbd0L,
 x9abc8bd5L, 0x9e7d9662L, 0x933eb0bbL, 0x97ffad0cL,
 xafb010b1L, 0xab710d06L, 0xa6322bdfL, 0xa2f33668L,
 xbcb4666dL, 0xb8757bdaL, 0xb5365d03L, 0xb1f740b4L
 };
 /*-------------------------------------------------------------*/
 /*--- end                                        crctable.c ---*/
 /*-------------------------------------------------------------*/
-/*	$NetBSD: bzlib.c,v 1.4 2015/02/03 21:13:17 agc Exp $	*/
+/*	$NetBSD: bzlib.c,v 1.5 2016/02/19 22:41:50 agc Exp $	*/
 /*-------------------------------------------------------------*/
 /*--- Huffman coding low-level stuff                        ---*/
 /*---                                             huffman.c ---*/
 /*-------------------------------------------------------------*/
 /* ------------------------------------------------------------------
    This file is part of bzip2/libbzip2, a program and library for
    lossless, block-sorting data compression.
    bzip2/libbzip2 version 1.0.6 of 6 September 2010
    Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>

 @@ -23,26 +23,27 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "config.h"
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/param.h>
 #include <sys/mman.h>
 #include <arpa/inet.h>
 #include <inttypes.h>
 #include <limits.h>
 #include <stdbool.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
 #include <unistd.h>
 #include "bzlib.h"
 #include "zlib.h"
 #include "array.h"
 #include "b64.h"
 #include "bn.h"
 @@ -157,26 +158,91 @@
 #define SIGTYPE_KEY_REVOCATION		0x20	/* Key revocation signature */
 #define SIGTYPE_SUBKEY_REVOCATION	0x28	/* Subkey revocation signature */
 #define SIGTYPE_CERT_REVOCATION		0x30	/* Certification revocation signature */
 #define SIGTYPE_TIMESTAMP_SIG		0x40	/* Timestamp signature */
 #define SIGTYPE_3RDPARTY		0x50	/* Third-Party Confirmation signature */
 /* Forward declarations */
 static int read_all_packets(pgpv_t */*pgp*/, pgpv_mem_t */*mem*/, const char */*op*/);
 static int read_binary_file(pgpv_t */*pgp*/, const char */*op*/, const char */*fmt*/, ...) __printflike(3, 4);
 static int read_binary_memory(pgpv_t */*pgp*/, const char */*op*/, const void */*memory*/, size_t /*size*/);
 /* output buffer structure */
 typedef struct obuf_t {
 	size_t	 alloc;		/* amount of memory allocated */
 	size_t	 c;		/* # of chars used so far */
 	uint8_t	*v;		/* array of bytes */
 	uint32_t endian;	/* byte order of output stream */
 } obuf_t;
 /* grow the buffer, if needed */
 static bool
 growbuf(obuf_t *obuf, size_t cc)
+{
 	size_t	 newalloc;
 	uint8_t	*newv;
 	if (obuf->c + cc > obuf->alloc) {
 		newalloc = howmany(obuf->alloc + cc, 128) * 128;
 		newv = realloc(obuf->v, newalloc);
 		if (newv == NULL) {
 			return false;
+		}
 		obuf->v = newv;
 		obuf->alloc = newalloc;
+	}
 	return true;
+}
 /* add a fixed-length area of memory */
 static bool
 obuf_add_mem(obuf_t *obuf, const char *s, size_t len)
+{
 	if (obuf && s && len > 0) {
 		if (!growbuf(obuf, len)) {
 			return false;
+		}
 		memcpy(&obuf->v[obuf->c], s, len);
 		obuf->c += len;
 		return true;
+	}
 	return false;
+}
 /* varargs-based printf to string */
 static bool
 obuf_printf(obuf_t *obuf, const char *fmt, ...)
+{
 	va_list	 args;
 	char	*cp;
 	bool	 ret;
 	int	 cc;
 	if (obuf && fmt) {
 		ret = true;
 		va_start(args, fmt);
 		cc = vasprintf(&cp, fmt, args);
 		va_end(args);
 		if (cc > 0) {
 			ret = obuf_add_mem(obuf, cp, (size_t)cc);
 			free(cp);
+		}
 		return ret;
+	}
 	return false;
+}
 /* read a file into the pgpv_mem_t struct */
 static int
 read_file(pgpv_t *pgp, const char *f)
+{
 	struct stat	 st;
 	pgpv_mem_t	*mem;
 	ARRAY_EXPAND(pgp->areas);
 	ARRAY_COUNT(pgp->areas) += 1;
 	mem = &ARRAY_LAST(pgp->areas);
 	memset(mem, 0x0, sizeof(*mem));
 	if ((mem->fp = fopen(f, "r")) == NULL) {
 		fprintf(stderr, "can't read '%s'", f);
 @@ -405,35 +471,36 @@ fmt_32(uint8_t *p, uint32_t a)
+}
 /* copy the 16bit integer in memory in network order */
 static unsigned
 fmt_16(uint8_t *p, uint16_t a)
+{
 	a = pgp_hton16(a);
 	memcpy(p, &a, sizeof(a));
 	return sizeof(a);
+}
 /* format a binary string in memory */
 static size_t
-fmt_binary(char *s, size_t size, const uint8_t *bin, unsigned len)
+fmt_binary(obuf_t *obuf, const uint8_t *bin, unsigned len)
+{
 	unsigned	i;
 	size_t		cc;
-	for (cc = 0, i = 0 ; i < len && cc < size ; i++) {
+	for (i = 0 ; i < len ; i++) {
-		cc += snprintf(&s[cc], size - cc, "%02x", bin[i]);
+		if (!obuf_printf(obuf, "%02hhx", bin[i])) {
 			return false;
+		}
+	}
-	return cc;
+	return true;
+}
 /* format an mpi into memory */
 static unsigned
 fmt_binary_mpi(pgpv_bignum_t *mpi, uint8_t *p, size_t size)
+{
 	unsigned	 bytes;
 	PGPV_BIGNUM		*bn;
 	bytes = BITS_TO_BYTES(mpi->bits);
 	if ((size_t)bytes + 2 + 1 > size) {
 		fprintf(stderr, "truncated mpi");
 		return 0;
 @@ -542,39 +609,41 @@ pgpv_calc_fingerprint(pgpv_fingerprint_t
 	if (pubkey->bn[RSA_N].bn) {
 		if ((cc = fmt_binary_mpi(&pubkey->bn[RSA_N], buf, sizeof(buf))) >= PGPV_KEYID_LEN) {
 			memcpy(fingerprint->v, &buf[cc - PGPV_KEYID_LEN], PGPV_KEYID_LEN);
 			fingerprint->len = PGPV_KEYID_LEN;
 			return 1;
+		}
+	}
 	/* exhausted all avenues, really */
 	memset(fingerprint->v, 0xff, fingerprint->len = PGPV_KEYID_LEN);
 	return 1;
+}
 /* format a fingerprint into memory */
-static size_t
+static bool
-fmt_fingerprint(char *s, size_t size, pgpv_fingerprint_t *fingerprint, const char *name)
+fmt_fingerprint(obuf_t *obuf, pgpv_fingerprint_t *fingerprint, const char *name)
+{
 	unsigned	i;
 	size_t		cc;
-	cc = snprintf(s, size, "%s ", name);
+	if (!obuf_printf(obuf, "%s ", name)) {
 		return false;
+	}
 	for (i = 0 ; i < fingerprint->len ; i++) {
-		cc += snprintf(&s[cc], size - cc, "%02hhx%s",
+		if (!obuf_printf(obuf, "%02hhx%s",
-			fingerprint->v[i], (i % 2 == 1) ? " " : "");
+			fingerprint->v[i], (i % 2 == 1) ? " " : "")) {
 				return false;
+		}
+	}
-	cc += snprintf(&s[cc], size - cc, "\n");
+	return obuf_printf(obuf, "\n");
 	return cc;
+}
 /* calculate keyid from a pubkey */
 static int
 calc_keyid(pgpv_pubkey_t *key, const char *hashtype)
+{
 	pgpv_calc_fingerprint(&key->fingerprint, key, hashtype);
 	memcpy(key->keyid, &key->fingerprint.v[key->fingerprint.len - PGPV_KEYID_LEN], PGPV_KEYID_LEN);
 	return 1;
+}
 /* convert a hex string to a 64bit key id (in big endian byte order */
 static void
 @@ -649,50 +718,52 @@ get_32(uint8_t *p)
 	uint32_t	u32;
 	memcpy(&u32, p, sizeof(u32));
 	return pgp_ntoh32(u32);
+}
 #define HOURSECS	(int64_t)(60 * 60)
 #define DAYSECS		(int64_t)(24 * 60 * 60)
 #define MONSECS		(int64_t)(30 * DAYSECS)
 #define YEARSECS	(int64_t)(365 * DAYSECS)
 /* format (human readable) time into memory */
 static size_t
-fmt_time(char *s, size_t size, const char *header, int64_t n, const char *trailer, int relative)
+fmt_time(obuf_t *obuf, const char *header, int64_t n, const char *trailer, int relative)
+{
 	struct tm	tm;
 	time_t		elapsed;
 	time_t		now;
 	time_t		t;
 	size_t		cc;
 	t = (time_t)n;
 	now = time(NULL);
 	elapsed = now - t;
 	gmtime_r(&t, &tm);
-	cc = snprintf(s, size, "%s%04d-%02d-%02d", header,
+	if (!obuf_printf(obuf, "%s%04d-%02d-%02d", header,
-		tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday);
+		tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday)) {
 			return false;
+	}
 	if (relative) {
-		cc += snprintf(&s[cc], size - cc, " (%lldy %lldm %lldd %lldh %s)",
+		if (!obuf_printf(obuf, " (%lldy %lldm %lldd %lldh %s)",
 			llabs((long long)elapsed / YEARSECS),
 			llabs(((long long)elapsed % YEARSECS) / MONSECS),
 			llabs(((long long)elapsed % MONSECS) / DAYSECS),
 			llabs(((long long)elapsed % DAYSECS) / HOURSECS),
-			(now > t) ? "ago" : "ahead");
+			(now > t) ? "ago" : "ahead")) {
 				return false;
+		}
+	}
-	cc += snprintf(&s[cc], size - cc, "%s", trailer);
+	return obuf_printf(obuf, "%s", trailer);
 	return cc;
+}
 /* dump key mpis to stdout */
 static void
 print_key_mpis(pgpv_bignum_t *v, uint8_t keyalg)
+{
 	char	s[8192];
 	switch(keyalg) {
 	case PUBKEY_RSA_ENCRYPT_OR_SIGN:
 	case PUBKEY_RSA_ENCRYPT:
 	case PUBKEY_RSA_SIGN:
 		fmt_mpi(s, sizeof(s), &v[RSA_N], "rsa.n", 1);
 @@ -1421,102 +1492,120 @@ numkeybits(const pgpv_pubkey_t *pubkey)
 	case PUBKEY_DSA:
 	case PUBKEY_ECDSA:
 		return pubkey->bn[DSA_P].bits;
 		//return BITS_TO_BYTES(pubkey->bn[DSA_Q].bits) * 64;
 	case PUBKEY_ELGAMAL_ENCRYPT:
 	case PUBKEY_ELGAMAL_ENCRYPT_OR_SIGN:
 		return pubkey->bn[ELGAMAL_P].bits;
 	default:
 		return 0;
+	}
+}
 /* print a public key */
-static size_t
+static bool
-fmt_pubkey(char *s, size_t size, pgpv_pubkey_t *pubkey, const char *leader)
+fmt_pubkey(obuf_t *obuf, pgpv_pubkey_t *pubkey, const char *leader)
+{
-	size_t	cc;
+	if (!obuf_printf(obuf, "%s %u/%s ", leader, numkeybits(pubkey), fmtkeyalg(pubkey->keyalg))) {
 		return false;
 	cc = snprintf(s, size, "%s %u/%s ", leader, numkeybits(pubkey), fmtkeyalg(pubkey->keyalg));
-	cc += fmt_binary(&s[cc], size - cc, pubkey->keyid, PGPV_KEYID_LEN);
+	if (!fmt_binary(obuf, pubkey->keyid, PGPV_KEYID_LEN)) {
-	cc += fmt_time(&s[cc], size - cc, " ", pubkey->birth, "", 0);
+		return false;
+	}
 	if (!fmt_time(obuf, " ", pubkey->birth, "", 0)) {
 		return false;
+	}
 	if (pubkey->expiry) {
-		cc += fmt_time(&s[cc], size - cc, " [Expiry ", pubkey->birth + pubkey->expiry, "]", 0);
+		if (!fmt_time(obuf, " [Expiry ", pubkey->birth + pubkey->expiry, "]", 0)) {
 			return false;
+		}
+	}
-	cc += snprintf(&s[cc], size - cc, "\n");
+	if (!obuf_printf(obuf, "\n")) {
-	cc += fmt_fingerprint(&s[cc], size - cc, &pubkey->fingerprint, "fingerprint  ");
+		return false;
 	return cc;
 	return fmt_fingerprint(obuf, &pubkey->fingerprint, "fingerprint  ");
+}
 /* we add 1 to revocation value to denote compromised */
 #define COMPROMISED	(0x02 + 1)
 /* format a userid - used to order the userids when formatting */
-static size_t
+static bool
-fmt_userid(char *s, size_t size, pgpv_primarykey_t *primary, uint8_t u)
+fmt_userid(obuf_t *obuf, pgpv_primarykey_t *primary, uint8_t u)
+{
 	pgpv_signed_userid_t	*userid;
 	userid = &ARRAY_ELEMENT(primary->signed_userids, u);
-	return snprintf(s, size, "uid           %.*s%s\n",
+	return obuf_printf(obuf, "uid           %.*s%s\n",
 			(int)userid->userid.size, userid->userid.data,
 			(userid->revoked == COMPROMISED) ? " [COMPROMISED AND REVOKED]" :
 			(userid->revoked) ? " [REVOKED]" : "");
+}
 /* format a trust sig - used to order the userids when formatting */
-static size_t
+static bool
-fmt_trust(char *s, size_t size, pgpv_signed_userid_t *userid, uint32_t u)
+fmt_trust(obuf_t *obuf, pgpv_signed_userid_t *userid, uint32_t u)
+{
 	pgpv_signature_t	*sig;
 	size_t			 cc;
 	sig = &ARRAY_ELEMENT(userid->sigs, u);
-	cc = snprintf(s, size, "trust          ");
+	if (!obuf_printf(obuf, "trust          ")) {
-	cc += fmt_binary(&s[cc], size - cc, sig->signer, 8);
+		return false;
 	return cc + snprintf(&s[cc], size - cc, "\n");
 	if (!fmt_binary(obuf, sig->signer, 8)) {
 		return false;
+	}
 	return obuf_printf(obuf, "\n");
+}
 /* print a primary key, per RFC 4880 */
-static size_t
+static bool
-fmt_primary(char *s, size_t size, pgpv_primarykey_t *primary, unsigned subkey, const char *modifiers)
+fmt_primary(obuf_t *obuf, pgpv_primarykey_t *primary, unsigned subkey, const char *modifiers)
+{
 	pgpv_signed_userid_t	*userid;
 	pgpv_pubkey_t		*pubkey;
 	unsigned		 i;
 	unsigned		 j;
 	size_t			 cc;
 	pubkey = (subkey == 0) ? &primary->primary : &ARRAY_ELEMENT(primary->signed_subkeys, subkey - 1).subkey;
-	cc = fmt_pubkey(s, size, pubkey, "signature    ");
+	if (!fmt_pubkey(obuf, pubkey, "signature    ")) {
-	cc += fmt_userid(&s[cc], size - cc, primary, primary->primary_userid);
+		return false;
+	}
 	if (!fmt_userid(obuf, primary, primary->primary_userid)) {
 		return false;
+	}
 	for (i = 0 ; i < ARRAY_COUNT(primary->signed_userids) ; i++) {
 		if (i != primary->primary_userid) {
-			cc += fmt_userid(&s[cc], size - cc, primary, i);
+			if (!fmt_userid(obuf, primary, i)) {
 				return false;
+			}
 			if (strcasecmp(modifiers, "trust") == 0) {
 				userid = &ARRAY_ELEMENT(primary->signed_userids, i);
 				for (j = 0 ; j < ARRAY_COUNT(userid->sigs) ; j++) {
-					cc += fmt_trust(&s[cc], size - cc, userid, j);
+					if (!fmt_trust(obuf, userid, j)) {
 						return false;
+					}
+				}
+			}
+		}
+	}
 	if (strcasecmp(modifiers, "subkeys") == 0) {
 		for (i = 0 ; i < ARRAY_COUNT(primary->signed_subkeys) ; i++) {
-			cc += fmt_pubkey(&s[cc], size - cc, &ARRAY_ELEMENT(primary->signed_subkeys, i).subkey, "encryption");
+			if (!fmt_pubkey(obuf, &ARRAY_ELEMENT(primary->signed_subkeys, i).subkey, "encryption")) {
 				return false;
+			}
+		}
+	}
-	cc += snprintf(&s[cc], size - cc, "\n");
+	return obuf_printf(obuf, "\n");
 	return cc;
+}
 /* check the padding on the signature */
 static int
 rsa_padding_check_none(uint8_t *to, int tlen, const uint8_t *from, int flen, int num)
+{
 	USE_ARG(num);
 	if (flen > tlen) {
 		printf("from length larger than to length\n");
 		return -1;
+	}
 	(void) memset(to, 0x0, (size_t)(tlen - flen));
 @@ -2521,45 +2610,43 @@ pgpv_close(pgpv_t *pgp)
+		}
+	}
 	return 1;
+}
 #define NO_SUBKEYS	0
 /* return the formatted entry for the primary key desired */
 size_t
 pgpv_get_entry(pgpv_t *pgp, unsigned ent, char **s, const char *modifiers)
+{
 	unsigned	subkey;
 	unsigned	prim;
-	size_t		cc;
+	obuf_t		obuf;
 	prim = ((ent >> 8) & 0xffffff);
 	subkey = (ent & 0xff);
 	if (s == NULL || pgp == NULL || prim >= ARRAY_COUNT(pgp->primaries)) {
 		return 0;
+	}
 	*s = NULL;
 	cc = ARRAY_ELEMENT(pgp->primaries, prim).fmtsize;
 	if (modifiers == NULL || (strcasecmp(modifiers, "trust") != 0 && strcasecmp(modifiers, "subkeys") != 0)) {
 		modifiers = "no-subkeys";
+	}
-	if (strcasecmp(modifiers, "trust") == 0) {
+	memset(&obuf, 0x0, sizeof(obuf));
-		cc *= 2048;
+	if (!fmt_primary(&obuf, &ARRAY_ELEMENT(pgp->primaries, prim), subkey, modifiers)) {
 	if ((*s = calloc(1, cc)) == NULL) {
 		return 0;
+	}
-	return fmt_primary(*s, cc, &ARRAY_ELEMENT(pgp->primaries, prim), subkey, modifiers);
+	*s = (char *)obuf.v;
 	return obuf.c;
+}
 /* fixup key id, with birth, keyalg and hashalg value from signature */
 static int
 fixup_ssh_keyid(pgpv_t *pgp, pgpv_signature_t *signature, const char *hashtype)
+{
 	pgpv_pubkey_t	*pubkey;
 	unsigned	 i;
 	for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) {
 		pubkey = &ARRAY_ELEMENT(pgp->primaries, i).primary;
 		pubkey->keyalg = signature->keyalg;
 		calc_keyid(pubkey, hashtype);
 @@ -2668,83 +2755,100 @@ pgpv_get_cursor_element(pgpv_cursor_t *c
+	}
 	return -1;
+}
 /* verify the signed packets we have */
 size_t
 pgpv_verify(pgpv_cursor_t *cursor, pgpv_t *pgp, const void *p, ssize_t size)
+{
 	pgpv_signature_t	*signature;
 	pgpv_onepass_t		*onepass;
 	pgpv_litdata_t		*litdata;
 	unsigned		 sub;
 	size_t			 pkt;
-	char			 strkeyid[PGPV_STR_KEYID_LEN];
+	obuf_t			 obuf;
 	int			 j;
 	if (cursor == NULL || pgp == NULL || p == NULL) {
 		return 0;
+	}
 	if (!setup_data(cursor, pgp, p, size)) {
 		snprintf(cursor->why, sizeof(cursor->why), "No input data");
 		return 0;
+	}
 	if (ARRAY_COUNT(cursor->pgp->pkts) == ARRAY_LAST(cursor->pgp->datastarts) + 1) {
 		/* got detached signature here */
 		if (!fixup_detached(cursor, p)) {
 			snprintf(cursor->why, sizeof(cursor->why), "Can't read signed file '%s'", (const char *)p);
 			return 0;
+		}
+	}
 	if ((pkt = find_onepass(cursor, ARRAY_LAST(cursor->pgp->datastarts))) == 0) {
 		snprintf(cursor->why, sizeof(cursor->why), "No signature found");
 		return 0;
+	}
 	pkt -= 1;
 	onepass = &ARRAY_ELEMENT(cursor->pgp->pkts, pkt).u.onepass;
 	litdata = &ARRAY_ELEMENT(cursor->pgp->pkts, pkt + 1).u.litdata;
 	signature = &ARRAY_ELEMENT(cursor->pgp->pkts, pkt + 2).u.sigpkt.sig;
 	/* sanity check values in signature and onepass agree */
 	if (signature->birth == 0) {
-		fmt_time(cursor->why, sizeof(cursor->why), "Signature creation time [",
+		if (!fmt_time(&obuf, "Signature creation time [",
-			signature->birth, "] out of range", 0);
+				signature->birth, "] out of range", 0)) {
+		}
 		snprintf(cursor->why, sizeof(cursor->why), "%.*s", (int)obuf.c, (char *)obuf.v);
 		return 0;
+	}
 	memset(&obuf, 0x0, sizeof(obuf));
 	if (memcmp(onepass->keyid, signature->signer, PGPV_KEYID_LEN) != 0) {
-		fmt_binary(strkeyid, sizeof(strkeyid), onepass->keyid, (unsigned)sizeof(onepass->keyid));
+		if (!fmt_binary(&obuf, onepass->keyid, (unsigned)sizeof(onepass->keyid))) {
-		snprintf(cursor->why, sizeof(cursor->why), "Signature key id %s does not match onepass keyid",
+			snprintf(cursor->why, sizeof(cursor->why), "Memory allocation failure");
-			strkeyid);
+			return 0;
+		}
 		snprintf(cursor->why, sizeof(cursor->why),
 			"Signature key id %.*s does not match onepass keyid",
 			(int)obuf.c, (char *)obuf.v);
 		return 0;
+	}
 	if (onepass->hashalg != signature->hashalg) {
-		snprintf(cursor->why, sizeof(cursor->why), "Signature hashalg %u does not match onepass hashalg %u",
+		snprintf(cursor->why, sizeof(cursor->why),
 			"Signature hashalg %u does not match onepass hashalg %u",
 			signature->hashalg, onepass->hashalg);
 		return 0;
+	}
 	if (onepass->keyalg != signature->keyalg) {
-		snprintf(cursor->why, sizeof(cursor->why), "Signature keyalg %u does not match onepass keyalg %u",
+		snprintf(cursor->why, sizeof(cursor->why),
 			"Signature keyalg %u does not match onepass keyalg %u",
 			signature->keyalg, onepass->keyalg);
 		return 0;
+	}
 	if (cursor->pgp->ssh) {
 		fixup_ssh_keyid(cursor->pgp, signature, "sha1");
+	}
 	sub = 0;
 	if ((j = find_keyid(cursor->pgp, NULL, onepass->keyid, &sub)) < 0) {
-		fmt_binary(strkeyid, sizeof(strkeyid), onepass->keyid, (unsigned)sizeof(onepass->keyid));
+		if (!fmt_binary(&obuf, onepass->keyid, (unsigned)sizeof(onepass->keyid))) {
-		snprintf(cursor->why, sizeof(cursor->why), "Signature key id %s not found ", strkeyid);
+			snprintf(cursor->why, sizeof(cursor->why), "Memory allocation failure");
 			return 0;
+		}
 		snprintf(cursor->why, sizeof(cursor->why),
 			"Signature key id %.*s not found ",
 			(int)obuf.c, (char *)obuf.v);
 		return 0;
+	}
 	if (!match_sig_id(cursor, signature, litdata, (unsigned)j, sub)) {
 		snprintf(cursor->why, sizeof(cursor->why),
 			"Signature does not match %.*s",
 			(int)obuf.c, (char *)obuf.v);
 		return 0;
+	}
 	ARRAY_APPEND(cursor->datacookies, pkt);
 	j = ((j & 0xffffff) << 8) | (sub & 0xff);
 	ARRAY_APPEND(cursor->found, j);
 	return pkt + 1;
+}
 /* set up the pubkey keyring */
 int
 pgpv_read_pubring(pgpv_t *pgp, const void *keyring, ssize_t size)
+{
 	if (pgp == NULL) {

 @@ -1,21 +1,25 @@
-# $NetBSD: Makefile,v 1.19 2015/11/03 16:50:32 agc Exp $
+# $NetBSD: Makefile,v 1.20 2016/02/19 22:41:50 agc Exp $
-DISTNAME=		netpgpverify-20151103
+DISTNAME=		netpgpverify-${VERSION}
 CATEGORIES=		security
 MASTER_SITES=		# empty
 DISTFILES=		# empty
 MAINTAINER=		agc@NetBSD.org
 HOMEPAGE=		http://www.NetBSD.org/
 COMMENT=		Standalone PGP and ssh signature verification utility
 LICENSE=		modified-bsd
 AUTO_MKDIRS=		yes
 GNU_CONFIGURE=		yes
 TEST_TARGET=		tst
 .include "../../mk/bsd.prefs.mk"
 VERSION!=	${AWK} '/\#define.*NETPGP_VERIFY_H_/ {print $$3}' ${FILESDIR}/verify.h
 do-extract:
 	@${CP} -R ${FILESDIR} ${WRKSRC}
 .include "../../mk/bsd.pkg.mk"

 @@ -35,26 +35,30 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
 #include <unistd.h>
 #include "md5.h"
 #include "rmd160.h"
 #include "sha1.h"
 #include "sha2.h"
 #include "digest.h"
 #ifndef USE_ARG
 #define	USE_ARG(x)	/*LINTED*/(void)&(x)
 #endif
 static uint8_t prefix_md5[] = {
 x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86,
 xF7, 0x0D, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10
 };
 static uint8_t prefix_sha1[] = {
 x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0E, 0x03, 0x02,
 x1A, 0x05, 0x00, 0x04, 0x14
 };
 static uint8_t prefix_sha256[] = {
 x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
 x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20

 @@ -13,29 +13,29 @@
+ *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef NETPGP_VERIFY_H_
-#define NETPGP_VERIFY_H_	20151103
+#define NETPGP_VERIFY_H_	20160214
-#define NETPGPVERIFY_VERSION	"netpgpverify portable 20151103"
+#define NETPGPVERIFY_VERSION	"netpgpverify portable 20160214"
 #include <sys/types.h>
 #include <inttypes.h>
 #ifndef PGPV_ARRAY
 /* creates 2 unsigned vars called "name"c and "name"size in current scope */
 /* also creates an array called "name"s in current scope */
 #define PGPV_ARRAY(type, name)						\
 	unsigned name##c; unsigned name##vsize; type *name##s
 #endif
 /* 64bit key ids */