1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

gpg: Fix use of uninit.value in listing sig subpkts.

* g10/parse-packet.c (dump_sig_subpkt): Print regex subpacket
sanitized.
--

We may not use "%s" to print an arbitrary buffer.  At least "%.*s"
should have been used.  However, it is in general preferable to escape
control characters while printf user data.

Reported-by: Hanno Böck
Signed-off-by: Werner Koch <wk@gnupg.org>

(backported from commit 596ae9f5433ca3b0e01f7acbe06fd2e424c42ae8)
This commit is contained in:
Werner Koch 2014-11-24 19:24:47 +01:00
parent 7a068ac50b
commit 1f9dfe1fed

View File

@ -972,7 +972,11 @@ dump_sig_subpkt( int hashed, int type, int critical,
if(!length) if(!length)
p="[invalid regexp subpacket]"; p="[invalid regexp subpacket]";
else else
fprintf (listfp, "regular expression: \"%s\"",buffer); {
fprintf (listfp, "regular expression: \"");
print_string (listfp, buffer, length, '\"');
p = "\"";
}
break; break;
case SIGSUBPKT_REVOCABLE: case SIGSUBPKT_REVOCABLE:
if( length ) if( length )