From 36a5509e11c81305c4ded93982fa594bd52555a6 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 5 May 2022 14:02:02 +0200 Subject: [PATCH] gpg: Minor robustness fix. * g10/parse-packet.c (mpi_read_detect_0_removal): Protect agains failed gcry_mpi_scan. -- Fixes-commit: 3fcef7371480cce392d690897d42955f1b19c12a --- g10/parse-packet.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/g10/parse-packet.c b/g10/parse-packet.c index aee6e0798..5fea1ac43 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -252,13 +252,16 @@ mpi_read_detect_0_removal (iobuf_t inp, unsigned int *ret_nread, int secure, a = NULL; /* Possibly, it has leading zeros. */ - nbits1 = gcry_mpi_get_nbits (a); - if (nbits > nbits1) + if (a) { - *r_csum_tweak -= (nbits >> 8); - *r_csum_tweak -= (nbits & 0xff); - *r_csum_tweak += (nbits1 >> 8); - *r_csum_tweak += (nbits1 & 0xff); + nbits1 = gcry_mpi_get_nbits (a); + if (nbits > nbits1) + { + *r_csum_tweak -= (nbits >> 8); + *r_csum_tweak -= (nbits & 0xff); + *r_csum_tweak += (nbits1 >> 8); + *r_csum_tweak += (nbits1 & 0xff); + } } *ret_nread = nread;