From 7a0a88452644f6c3b5f7731de9299e273e35ae74 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 25 Nov 2025 06:09:32 +0000 Subject: [PATCH] fix(deps): update module github.com/proglottis/gpgme to v0.1.6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Miloslav Trmač --- common/go.mod | 2 +- common/go.sum | 4 +- image/go.mod | 2 +- image/go.sum | 4 +- vendor/github.com/proglottis/gpgme/data.go | 49 ++++++++++++--------- vendor/github.com/proglottis/gpgme/gpgme.go | 18 +++++--- vendor/modules.txt | 2 +- 7 files changed, 48 insertions(+), 33 deletions(-) diff --git a/common/go.mod b/common/go.mod index d0e4f9f68e..f3f16ce65e 100644 --- a/common/go.mod +++ b/common/go.mod @@ -105,7 +105,7 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/proglottis/gpgme v0.1.5 // indirect + github.com/proglottis/gpgme v0.1.6 // indirect github.com/secure-systems-lab/go-securesystemslib v0.9.1 // indirect github.com/sigstore/fulcio v1.7.1 // indirect github.com/sigstore/protobuf-specs v0.4.1 // indirect diff --git a/common/go.sum b/common/go.sum index c21121d2d9..0b7a2e1282 100644 --- a/common/go.sum +++ b/common/go.sum @@ -221,8 +221,8 @@ github.com/pkg/sftp v1.13.10/go.mod h1:bJ1a7uDhrX/4OII+agvy28lzRvQrmIQuaHrcI1Hbe github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/proglottis/gpgme v0.1.5 h1:KCGyOw8sQ+SI96j6G8D8YkOGn+1TwbQTT9/zQXoVlz0= -github.com/proglottis/gpgme v0.1.5/go.mod h1:5LoXMgpE4bttgwwdv9bLs/vwqv3qV7F4glEEZ7mRKrM= +github.com/proglottis/gpgme v0.1.6 h1:8WpQ8VWggLdxkuTnW+sZ1r1t92XBNd8GZNDhQ4Rz+98= +github.com/proglottis/gpgme v0.1.6/go.mod h1:5LoXMgpE4bttgwwdv9bLs/vwqv3qV7F4glEEZ7mRKrM= github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q= github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= diff --git a/image/go.mod b/image/go.mod index 9cc8be8eed..1da8a57585 100644 --- a/image/go.mod +++ b/image/go.mod @@ -25,7 +25,7 @@ require ( github.com/moby/moby/client v0.1.0 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.1 - github.com/proglottis/gpgme v0.1.5 + github.com/proglottis/gpgme v0.1.6 github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 github.com/secure-systems-lab/go-securesystemslib v0.9.1 github.com/sigstore/fulcio v1.7.1 diff --git a/image/go.sum b/image/go.sum index 192a515c53..ad391a0319 100644 --- a/image/go.sum +++ b/image/go.sum @@ -158,8 +158,8 @@ github.com/opencontainers/selinux v1.13.1/go.mod h1:S10WXZ/osk2kWOYKy1x2f/eXF5ZH github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/proglottis/gpgme v0.1.5 h1:KCGyOw8sQ+SI96j6G8D8YkOGn+1TwbQTT9/zQXoVlz0= -github.com/proglottis/gpgme v0.1.5/go.mod h1:5LoXMgpE4bttgwwdv9bLs/vwqv3qV7F4glEEZ7mRKrM= +github.com/proglottis/gpgme v0.1.6 h1:8WpQ8VWggLdxkuTnW+sZ1r1t92XBNd8GZNDhQ4Rz+98= +github.com/proglottis/gpgme v0.1.6/go.mod h1:5LoXMgpE4bttgwwdv9bLs/vwqv3qV7F4glEEZ7mRKrM= github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q= github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= diff --git a/vendor/github.com/proglottis/gpgme/data.go b/vendor/github.com/proglottis/gpgme/data.go index 0e81c36d66..bbbe86a5a9 100644 --- a/vendor/github.com/proglottis/gpgme/data.go +++ b/vendor/github.com/proglottis/gpgme/data.go @@ -156,31 +156,38 @@ func (d *Data) Close() error { if d.cbc > 0 { d.cbc.Delete() } - _, err := C.gpgme_data_release(d.dh) + C.gpgme_data_release(d.dh) runtime.KeepAlive(d) d.dh = nil - return err + return nil } func (d *Data) Write(p []byte) (int, error) { - var buffer *byte - if len(p) > 0 { - buffer = &p[0] + total := 0 + for total < len(p) { + remaining := p[total:] + + var buffer *byte + if len(remaining) > 0 { + buffer = &remaining[0] + } + + n, err := C.gpgme_data_write(d.dh, unsafe.Pointer(buffer), C.size_t(len(remaining))) + runtime.KeepAlive(d) + switch { + case d.err != nil: + defer func() { d.err = nil }() + return total, d.err + case n < 0: + return total, err + case n == 0: // This should never happen, but ensure we don’t loop forever + // If we got here, we know len(p) > 0, so ErrShortWrite is appropriate. + return total, io.ErrShortWrite + } + + total += int(n) } - - n, err := C.gpgme_data_write(d.dh, unsafe.Pointer(buffer), C.size_t(len(p))) - runtime.KeepAlive(d) - switch { - case d.err != nil: - defer func() { d.err = nil }() - - return 0, d.err - case err != nil: - return 0, err - case len(p) > 0 && n == 0: - return 0, io.EOF - } - return int(n), nil + return total, nil } func (d *Data) Read(p []byte) (int, error) { @@ -196,7 +203,7 @@ func (d *Data) Read(p []byte) (int, error) { defer func() { d.err = nil }() return 0, d.err - case err != nil: + case n < 0: return 0, err case len(p) > 0 && n == 0: return 0, io.EOF @@ -212,7 +219,7 @@ func (d *Data) Seek(offset int64, whence int) (int64, error) { defer func() { d.err = nil }() return 0, d.err - case err != nil: + case n < 0: return 0, err } return int64(n), nil diff --git a/vendor/github.com/proglottis/gpgme/gpgme.go b/vendor/github.com/proglottis/gpgme/gpgme.go index 62a095c128..6e8d04c62a 100644 --- a/vendor/github.com/proglottis/gpgme/gpgme.go +++ b/vendor/github.com/proglottis/gpgme/gpgme.go @@ -144,7 +144,16 @@ func (e Error) Code() ErrorCode { } func (e Error) Error() string { - return C.GoString(C.gpgme_strerror(e.err)) + // gpgme_error_t, aka gpg_error_t, is a single 32-bit integer, so it does not include + // strings of arbitrary length + // (compare https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=blob;f=src/err-codes.h.in;hb=HEAD ). + // + // So, a medium-size hard-coded buffer is sufficient. + var buf [1024]C.char + _ = C.gpgme_strerror_r(e.err, &buf[0], C.size_t(len(buf))) + buf[len(buf)-1] = 0 // If gpgme_strerror_r returns ERANGE, the buffer is not guaranteed to be null-terminated + + return C.GoString(&buf[0]) } func handleError(err C.gpgme_error_t) error { @@ -377,20 +386,19 @@ func (c *Context) PinEntryMode() PinEntryMode { } func (c *Context) SetCallback(callback Callback) error { - var err error c.callback = callback if c.cbc > 0 { c.cbc.Delete() } if callback != nil { c.cbc = cgo.NewHandle(c) - _, err = C.gpgme_set_passphrase_cb(c.ctx, C.gpgme_passphrase_cb_t(C.gogpgme_passfunc), unsafe.Pointer(&c.cbc)) + C.gpgme_set_passphrase_cb(c.ctx, C.gpgme_passphrase_cb_t(C.gogpgme_passfunc), unsafe.Pointer(&c.cbc)) } else { c.cbc = 0 - _, err = C.gpgme_set_passphrase_cb(c.ctx, nil, nil) + C.gpgme_set_passphrase_cb(c.ctx, nil, nil) } runtime.KeepAlive(c) - return err + return nil } func (c *Context) EngineInfo() *EngineInfo { diff --git a/vendor/modules.txt b/vendor/modules.txt index 889fbf3cb4..d9dd882801 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -402,7 +402,7 @@ github.com/pkg/sftp/internal/encoding/ssh/filexfer/openssh # github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 ## explicit github.com/pmezard/go-difflib/difflib -# github.com/proglottis/gpgme v0.1.5 +# github.com/proglottis/gpgme v0.1.6 ## explicit; go 1.17 github.com/proglottis/gpgme # github.com/rogpeppe/go-internal v1.14.1