fix: prevent buffer overflow, change make file

- make now accounts for path separator in windows
- cast size_t to int before comparison

Author: phukon

Makefile

@@ -8,8 +8,8 @@ BIN_DIR = bin
 
 # Source files
 SRCS =  $(wildcard $(SRC_DIR)/*.c) \
-				$(wildcard $(SRC_DIR)/commands/*.c) \
-				$(wildcard $(SRC_DIR)/utils/*.c)
+			$(wildcard $(SRC_DIR)/commands/*.c) \
+			$(wildcard $(SRC_DIR)/utils/*.c)
 
 # Object files
 OBJS = $(SRCS:%.c=$(BUILD_DIR)/%.o)
@@ -20,35 +20,47 @@ TARGET = $(BIN_DIR)/gitkeykit
 # Platform-specific settings
 ifeq ($(OS),Windows_NT)
     TARGET := $(TARGET).exe
-    RM = del /Q /F
-    MKDIR = mkdir
+    RM = cmd /C rmdir /S /Q
+    MKDIR = cmd /C mkdir
+    # Define Windows-specific directory creation
+directories:
+	@if not exist "$(BUILD_DIR)" $(MKDIR) "$(BUILD_DIR)"
+	@if not exist "$(BIN_DIR)" $(MKDIR) "$(BIN_DIR)"
+	@if not exist "$(BUILD_DIR)\$(SRC_DIR)" $(MKDIR) "$(BUILD_DIR)\$(SRC_DIR)"
+	@if not exist "$(BUILD_DIR)\$(SRC_DIR)\commands" $(MKDIR) "$(BUILD_DIR)\$(SRC_DIR)\commands"
+	@if not exist "$(BUILD_DIR)\$(SRC_DIR)\utils" $(MKDIR) "$(BUILD_DIR)\$(SRC_DIR)\utils"
 else
     RM = rm -rf
     MKDIR = mkdir -p
+    # Define Unix directory creation
+directories:
+	$(MKDIR) $(BUILD_DIR)
+	$(MKDIR) $(BIN_DIR)
+	$(MKDIR) $(BUILD_DIR)/$(SRC_DIR)
+	$(MKDIR) $(BUILD_DIR)/$(SRC_DIR)/commands
+	$(MKDIR) $(BUILD_DIR)/$(SRC_DIR)/utils
 endif
 
-# Default target
+# Add this near the top, after the variables but before the platform-specific settings
 all: directories $(TARGET)
 
-# Create necessary directories
-directories:
-	$(MKDIR) $(BUILD_DIR) $(BIN_DIR) \
-	$(BUILD_DIR)/$(SRC_DIR) \
-	$(BUILD_DIR)/$(SRC_DIR)/commands \
-	$(BUILD_DIR)/$(SRC_DIR)/utils
-
 # Link the final executable
 $(TARGET): $(OBJS)
 	$(CC) $(OBJS) -o $(TARGET)
 
 # Compile source files
 $(BUILD_DIR)/%.o: %.c
+ifeq ($(OS),Windows_NT)
+	@if not exist "$(dir $@)" $(MKDIR) "$(subst /,\,$(dir $@))"
+else
 	$(MKDIR) $(dir $@)
+endif
 	$(CC) $(CFLAGS) -c $< -o $@
 
 # Clean build files
 clean:
-	$(RM) $(BUILD_DIR) $(BIN_DIR)
+	$(RM) $(BUILD_DIR)
+	$(RM) $(BIN_DIR)
 
 # Install target (Unix-like systems only)
 install: all
@@ -58,4 +70,4 @@ install: all
 .PHONY: all clean directories install
 
 # Dependencies
--include $(OBJS:.o=.d)
+-include $(OBJS:.o=.d)

src/commands/reset.c

@@ -2,24 +2,31 @@
 
 
 int clear_gpg_config(void) {
-  char gnupg_dir[512];
-  char gpg_conf_path[512];
+  char gnupg_dir[1024];
+  char gpg_conf_path[1024];
   char *home_dir;
   struct stat st = {0};
 
   home_dir = getenv("HOME");
-  if(!home_dir) {
+  if (!home_dir) {
     fprintf(stderr, "Error: Could not get the home directory\n");
     return ERR_HOME_DIRECTORY_NOT_FOUND;
   }
 
-  snprintf(gnupg_dir, sizeof(gnupg_dir), "%s/.gnupg", home_dir);
+  if (snprintf(gnupg_dir, sizeof(gnupg_dir), "%s/.gnupg", home_dir) >= (int)sizeof(gnupg_dir)) {
+    fprintf(stderr, "Error: gnupg_dir buffer overflow\n");
+    return ERR_BUFFER_OVERFLOW;
+  }
+
   if (stat(gnupg_dir, &st) == -1) {
     return SUCCESS; // No gnupg directory, so no config to clear
   }
-  
-  snprintf(gpg_conf_path, sizeof(gpg_conf_path), "%s/gpg.conf", gnupg_dir);
-  // Clearing gpg.conf by opening it in write mode and immediately closing it
+
+  if (snprintf(gpg_conf_path, sizeof(gpg_conf_path), "%s/gpg.conf", gnupg_dir) >= (int)sizeof(gpg_conf_path)) {
+    fprintf(stderr, "Error: gpg_conf_path buffer overflow\n");
+    return ERR_BUFFER_OVERFLOW;
+  }
+
   FILE *file = fopen(gpg_conf_path, "w");
   if (!file) {
     fprintf(stderr, "Error: Could not open gpg.conf for clearing\n");
@@ -29,9 +36,9 @@ int clear_gpg_config(void) {
 
   printf("GPG configuration cleared.\n");
   return SUCCESS;
-  
 }
 
+
 int reset(void) {
   const char *cmd = 
       "git config --global --unset user.name &&"

src/commands/start.c

@@ -4,7 +4,7 @@
 int start(void) {
   char gpg_path[128];
   check_required_dependencies(gpg_path, sizeof(gpg_path));
-  if (check_secret_keys(gpg_path) != SUCCESS) {
+  if (check_secret_keys() != SUCCESS) {
     create_pgp_key();
   }
 

src/gitkeykit.h

@@ -48,6 +48,7 @@
 #define ERR_GIT_CONFIG_RESET 9
 #define ERR_GPG_CONFIG_RESET 10
 #define ERR_HOME_DIRECTORY_NOT_FOUND 11
+#define ERR_BUFFER_OVERFLOW 12
 
 // ++++ ++++ ++++ ++++ ++++ ++++ ++++
 
@@ -59,7 +60,7 @@ int clear_gpg_config(void);
 int import_key(char * key_path);
 int check_git_installation(void);
 int set_git_config(char *gpg_path);
-int check_secret_keys(char *gpg_path);
+int check_secret_keys(void);
 int check_gpg_installation(char *gpg_path, size_t path_size);
 int check_required_dependencies(char *gpg_path, size_t path_size);
 

src/utils/check_secret_keys.c

@@ -1,6 +1,6 @@
 #include "../gitkeykit.h"
 
-int check_secret_keys(char *gpg_path) {
+int check_secret_keys(void) {
   char command[256];
   FILE *fp;
 

src/utils/linux_config.c

@@ -3,7 +3,11 @@
 static int create_directory(const char *path) {
     struct stat st = {0};
     if (stat(path, &st) == -1) {
-        return mkdir(path, 0700);
+        #ifdef _WIN32
+            return mkdir(path);
+        #else
+            return mkdir(path, 0700);
+        #endif
     }
     return 0;
 }
@@ -19,8 +23,8 @@ static int append_to_file(const char *filepath, const char *content) {
 }
 
 int add_extra_config(void) {
-    char gpg_conf_path[512];
-    char gnupg_dir[512];
+    char gpg_conf_path[1024];
+    char gnupg_dir[1024];
     char *home_dir;
 
     home_dir = getenv("HOME");
@@ -29,15 +33,21 @@ int add_extra_config(void) {
         return ERR_INVALID_INPUT;
     }
 
-    snprintf(gnupg_dir, sizeof(gnupg_dir), "%s/.gnupg", home_dir);
-    snprintf(gpg_conf_path, sizeof(gpg_conf_path), "%s/gpg.conf", gnupg_dir);
+    if (snprintf(gnupg_dir, sizeof(gnupg_dir), "%s/.gnupg", home_dir) >= (int)sizeof(gnupg_dir)) {
+        fprintf(stderr, "Error: gnupg_dir buffer overflow\n");
+        return ERR_BUFFER_OVERFLOW;
+    }
+
+    if (snprintf(gpg_conf_path, sizeof(gpg_conf_path), "%s/gpg.conf", gnupg_dir) >= (int)sizeof(gpg_conf_path)) {
+        fprintf(stderr, "Error: gpg_conf_path buffer overflow\n");
+        return ERR_BUFFER_OVERFLOW;
+    }
 
     if (create_directory(gnupg_dir) != 0) {
         fprintf(stderr, "Error: Could not create .gnupg directory\n");
         return ERR_INVALID_INPUT;
     }
 
-    // Clear or create gpg.conf
     FILE *file = fopen(gpg_conf_path, "w");
     if (!file) {
         fprintf(stderr, "Error: Could not open gpg.conf\n");
@@ -51,14 +61,12 @@ int add_extra_config(void) {
         return ERR_INVALID_INPUT;
     }
 
-    // Kill gpg-agent
     if (system("gpgconf --kill gpg-agent") != 0) {
         fprintf(stderr, "Warning: Could not kill gpg-agent\n");
     } else {
         printf("gpg-agent killed.\n");
     }
 
-    // Start gpg-agent
     if (system("gpg-agent --daemon") != 0) {
         fprintf(stderr, "Warning: Could not start gpg-agent\n");
     } else {
@@ -76,4 +84,4 @@ int add_extra_config(void) {
     printf("╰─────────────────────────────────────────────╯\n");
 
     return SUCCESS;
-}
+}