1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00

* parse-packet.c (parse): Disallow old style partial length for

all key material packets to avoid possible corruption of keyrings.
This commit is contained in:
Werner Koch 2003-06-10 08:34:53 +00:00
parent 16d1456ac3
commit 0848d55ff3
2 changed files with 27 additions and 2 deletions

View File

@ -1,3 +1,8 @@
2003-06-10 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse): Disallow old style partial length for
all key material packets to avoid possible corruption of keyrings.
2003-06-08 Werner Koch <wk@gnupg.org> 2003-06-08 Werner Koch <wk@gnupg.org>
* import.c (import_keys): Invalidate the cache so that the file * import.c (import_keys): Invalidate the cache so that the file

View File

@ -367,8 +367,28 @@ parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3)); lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
if( !lenbytes ) { if( !lenbytes ) {
pktlen = 0; /* don't know the value */ pktlen = 0; /* don't know the value */
if( pkttype != PKT_COMPRESSED ) switch (pkttype) {
case PKT_ENCRYPTED:
case PKT_PLAINTEXT:
/* These partial length encodings are from an very
early GnuPG release and deprecated. However we
still support them read-wise. Note, that we should
not allow them for any key related packets, because
this might render a keyring unusable if an errenous
packet indicated this mode but not complying to it
gets imported. */
iobuf_set_block_mode(inp, 1); iobuf_set_block_mode(inp, 1);
break;
case PKT_COMPRESSED:
break; /* the orginal pgp 2 way. */
default:
log_error ("%s: old style partial length "
"for invalid packet type\n", iobuf_where(inp) );
rc = G10ERR_INVALID_PACKET;
goto leave;
}
} }
else { else {
for( ; lenbytes; lenbytes-- ) { for( ; lenbytes; lenbytes-- ) {