don't duplicate sha1 hashes with strdup() (not \0 terminated)

update the release documentation, only supported signatures are v3 signatures (gpg 2.x generates v3 sigs by default, but not gpg 1.x)

doc/release-howto.txt

@@ -25,6 +25,7 @@
   - copy the tar.gz and tar.bz2 file on ftp.videolan.org in
     /opt/ftp/pub/videolan/testing/vlc-X.X.X/
   - generate md5 hashes and gpg signature of these files
+    (use gpg --sign --detach --armor --force-v3-sigs)
 
  * Contribs
   - Put a copy of the libraries or svn snapshot in vlc-X.X.X/contrib
@@ -37,6 +38,7 @@
     Build in the "buildbeos" chroot on altair.
     # add the .zip files to /opt/ftp/pub/videolan/testing/vlc-X.X.X/beos/
    generate md5 hashes and gpg signature of these files
+   (use gpg --sign --detach --armor --force-v3-sigs)
 
  * Win32 Packages
     make the packages using the nightly builds configure/options/... , don't forget --enable-update-check
@@ -44,10 +46,12 @@
     kind of suxxs)
     add the .zip and .exe files to /opt/ftp/pub/videolan/testing/vlc-X.X.X/win32/
    generate md5 hashes and gpg signature of these files
+   (use gpg --sign --detach --armor --force-v3-sigs)
 
  * OS X packages
    configure with --enable-update-check
    generate md5 hashes and gpg signature of these files
+   (use gpg --sign --detach --armor --force-v3-sigs)
 
  * Commit changes ... it never works the first time
 

src/misc/update.c

@@ -22,7 +22,9 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111, USA.
  *****************************************************************************/
-
+/*
+ * XXX: should use v4 signatures for binary files (already used for public key)
+ */
 /**
  *   \file
  *   This file contains functions related to VLC update management
@@ -414,7 +416,12 @@ static int download_signature(  vlc_object_t *p_this,
     int i_bytes = pgp_unarmor( p_buf, i_size, (uint8_t*)p_sig, 65 );
     free( p_buf );
 
-    if( i_bytes > 65 )
+    if( i_bytes == 0 )
+    {
+        msg_Dbg( p_this, "Unarmoring failed" );
+        return VLC_EGENERIC;
+    }
+    else if( i_bytes > 65 )
     {
         msg_Dbg( p_this, "Signature is too big: %d bytes", i_bytes );
         return VLC_EGENERIC;
@@ -424,7 +431,8 @@ static int download_signature(  vlc_object_t *p_this,
         int i_r_len = mpi_len( p_sig->r );
         if( i_r_len > 20 )
         {
-            msg_Dbg( p_this, "Signature invalid" );
+            msg_Dbg( p_this, "Invalid signature, r number too big: %d bytes",
+                                i_r_len );
             return VLC_EGENERIC;
         }
         else if( i_r_len < 20 )
@@ -667,8 +675,10 @@ static uint8_t *hash_sha1_from_file( const char *psz_file,
     fclose( f );
     gcry_md_final( hd );
 
-    uint8_t *p_hash = (uint8_t*) gcry_md_read( hd, GCRY_MD_SHA1);
-    p_hash = strdup( p_hash );
+    uint8_t *p_tmp = (uint8_t*) gcry_md_read( hd, GCRY_MD_SHA1);
+    uint8_t *p_hash = malloc( 20 );
+    if( p_hash )
+        memcpy( p_hash, p_tmp, 20 );
     gcry_md_close( hd );
     return p_hash;
 }
@@ -801,16 +811,19 @@ static uint8_t *key_sign_hash( public_key_t *p_pkey )
 
     gcry_md_final( hd );
 
-    uint8_t *p_hash = gcry_md_read( hd, GCRY_MD_SHA1);
+    uint8_t *p_tmp = gcry_md_read( hd, GCRY_MD_SHA1);
 
-    if( p_hash[0] != p_pkey->sig.hash_verification[0] ||
-        p_hash[1] != p_pkey->sig.hash_verification[1] )
+    if( !p_tmp ||
+        p_tmp[0] != p_pkey->sig.hash_verification[0] ||
+        p_tmp[1] != p_pkey->sig.hash_verification[1] )
     {
         gcry_md_close( hd );
         return NULL;
     }
 
-    p_hash = strdup( p_hash );
+    uint8_t *p_hash = malloc( 20 );
+    if( p_hash )
+        memcpy( p_hash, p_tmp, 20 );
     gcry_md_close( hd );
     return p_hash;
 }