security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Fix export porting of zero length user ID packets. 

* g10/build-packet.c (do_user_id): Avoid indeterminate length header.
--

We are able to import such user ids but when exporting them the
exported data could not be imported again because the parser bails out
on invalid keyrings.  This is now fixed and should be backported.

Note that in 2.0 this is only an issue for attribute packets.  In 2.1
user IDs were also affected.a

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-03-30 10:35:20 +02:00
parent 5c599e4f6e
commit 2975eee420
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
g10/build-packet.c
View File

@ -233,12 +233,17 @@ do_user_id( IOBUF out, int ctb, PKT_user_id *uid )
if( uid->attrib_data )
{
write_header(out, ctb, uid->attrib_len);
/* We need to take special care of a user ID with a length of 0:
* Without forcing HDRLEN to 2 in this case an indeterminate length
* packet would be written which is not allowed. Note that we are
* always called with a CTB indicating an old packet header format,
* so that forcing a 2 octet header works. */
write_header2 (out, ctb, uid->attrib_len, (uid->attrib_len? 0 : 2));
rc = iobuf_write( out, uid->attrib_data, uid->attrib_len );
}
else
{
write_header2( out, ctb, uid->len, 2 );
write_header2 (out, ctb, uid->len, 2);
rc = iobuf_write( out, uid->name, uid->len );
}
return rc;