From 960877b10f42ba664af4fb29130a3ba48141e64a Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 24 May 2023 10:36:04 +0900
Subject: gpg: Report BEGIN_* status before examining the input.

* common/miscellaneous.c (is_openpgp_compressed_packet)
(is_file_compressed): Moved to ...
* common/iobuf.c: ... in this file.
(is_file_compressed): Change the argument to INP, the iobuf.
* common/util.h (is_file_compressed): Remove.
* common/iobuf.h (is_file_compressed): Add.
* g10/cipher-aead.c (write_header): Don't call write_status_printf
here.
(cipher_filter_aead): Call write_status_printf when called with
IOBUFCTRL_INIT.
* g10/cipher-cfb.c (write_header): Don't call write_status_printf
here.
(cipher_filter_cfb): Call write_status_printf when called with
IOBUFCTRL_INIT.
* g10/encrypt.c (encrypt_simple): Use new is_file_compressed function,
after call of iobuf_push_filter.
(encrypt_crypt): Likewise.
* g10/sign.c (sign_file): Likewise.

--

Cherry-pick from master commit of:
	2f872fa68c6576724b9dabee9fb0844266f55d0d

GnuPG-bug-id: 6481
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 g10/encrypt.c | 103 ++++++++++++++++++++++------------------------------------
 1 file changed, 39 insertions(+), 64 deletions(-)

(limited to 'g10/encrypt.c')

diff --git a/g10/encrypt.c b/g10/encrypt.c
index 9aeafa292..b335b9797 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -410,8 +410,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
   text_filter_context_t tfx;
   progress_filter_context_t *pfx;
   int do_compress = !!default_compress_algo();
-  char peekbuf[32];
-  int  peekbuflen;
 
   if (!gnupg_rng_is_compliant (opt.compliance))
     {
@@ -448,14 +446,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
       return rc;
     }
 
-  peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf);
-  if (peekbuflen < 0)
-    {
-      peekbuflen = 0;
-      if (DBG_FILTER)
-        log_debug ("peeking at input failed\n");
-    }
-
   handle_progress (pfx, inp, filename);
 
   if (opt.textmode)
@@ -517,17 +507,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
                  /**/             : "CFB");
     }
 
-  if (do_compress
-      && cfx.dek
-      && (cfx.dek->use_mdc || cfx.dek->use_aead)
-      && !opt.explicit_compress_option
-      && is_file_compressed (peekbuf, peekbuflen))
-    {
-      if (opt.verbose)
-        log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
-      do_compress = 0;
-    }
-
   if ( rc || (rc = open_outfile (-1, filename, opt.armor? 1:0, 0, &out )))
     {
       iobuf_cancel (inp);
@@ -598,6 +577,24 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
   else
     filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
 
+  /* Register the cipher filter. */
+  if (mode)
+    iobuf_push_filter (out,
+                       cfx.dek->use_aead? cipher_filter_aead
+                       /**/             : cipher_filter_cfb,
+                       &cfx );
+
+  if (do_compress
+      && cfx.dek
+      && (cfx.dek->use_mdc || cfx.dek->use_aead)
+      && !opt.explicit_compress_option
+      && is_file_compressed (inp))
+    {
+      if (opt.verbose)
+        log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
+      do_compress = 0;
+    }
+
   if (!opt.no_literal)
     {
       /* Note that PT has been initialized above in !no_literal mode.  */
@@ -617,13 +614,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
       pkt.pkt.generic = NULL;
     }
 
-  /* Register the cipher filter. */
-  if (mode)
-    iobuf_push_filter (out,
-                       cfx.dek->use_aead? cipher_filter_aead
-                       /**/             : cipher_filter_cfb,
-                       &cfx );
-
   /* Register the compress filter. */
   if ( do_compress )
     {
@@ -783,7 +773,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
   PKT_plaintext *pt = NULL;
   DEK *symkey_dek = NULL;
   STRING2KEY *symkey_s2k = NULL;
-  int rc = 0, rc2 = 0;
+  int rc = 0;
   u32 filesize;
   cipher_filter_context_t cfx;
   armor_filter_context_t *afx = NULL;
@@ -792,8 +782,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
   progress_filter_context_t *pfx;
   PK_LIST pk_list;
   int do_compress;
-  char peekbuf[32];
-  int  peekbuflen;
 
   if (filefd != -1 && filename)
     return gpg_error (GPG_ERR_INV_ARG);  /* Both given.  */
@@ -866,14 +854,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
   if (opt.verbose)
     log_info (_("reading from '%s'\n"), iobuf_get_fname_nonnull (inp));
 
-  peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf);
-  if (peekbuflen < 0)
-    {
-      peekbuflen = 0;
-      if (DBG_FILTER)
-        log_debug ("peeking at input failed\n");
-    }
-
   handle_progress (pfx, inp, filename);
 
   if (opt.textmode)
@@ -900,25 +880,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
   if (!cfx.dek->use_aead)
     cfx.dek->use_mdc = !!use_mdc (pk_list, cfx.dek->algo);
 
-  /* Only do the is-file-already-compressed check if we are using a
-   * MDC or AEAD.  This forces compressed files to be re-compressed if
-   * we do not have a MDC to give some protection against chosen
-   * ciphertext attacks. */
-  if (do_compress
-      && (cfx.dek->use_mdc || cfx.dek->use_aead)
-      && !opt.explicit_compress_option
-      && is_file_compressed (peekbuf, peekbuflen))
-    {
-      if (opt.verbose)
-        log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
-      do_compress = 0;
-    }
-  if (rc2)
-    {
-      rc = rc2;
-      goto leave;
-    }
-
   make_session_key (cfx.dek);
   if (DBG_CRYPTO)
     log_printhex (cfx.dek->key, cfx.dek->keylen, "DEK is: ");
@@ -959,6 +920,26 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
   else
     filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
 
+  /* Register the cipher filter. */
+  iobuf_push_filter (out,
+                     cfx.dek->use_aead? cipher_filter_aead
+                     /**/             : cipher_filter_cfb,
+                     &cfx);
+
+  /* Only do the is-file-already-compressed check if we are using a
+   * MDC or AEAD.  This forces compressed files to be re-compressed if
+   * we do not have a MDC to give some protection against chosen
+   * ciphertext attacks. */
+  if (do_compress
+      && (cfx.dek->use_mdc || cfx.dek->use_aead)
+      && !opt.explicit_compress_option
+      && is_file_compressed (inp))
+    {
+      if (opt.verbose)
+        log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
+      do_compress = 0;
+    }
+
   if (!opt.no_literal)
     {
       pt->timestamp = make_timestamp();
@@ -973,12 +954,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
   else
     cfx.datalen = filesize && !do_compress ? filesize : 0;
 
-  /* Register the cipher filter. */
-  iobuf_push_filter (out,
-                     cfx.dek->use_aead? cipher_filter_aead
-                     /**/             : cipher_filter_cfb,
-                     &cfx);
-
   /* Register the compress filter. */
   if (do_compress)
     {
-- 
cgit v1.2.3