security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpgsm: Fix import of some CR,LF ternminated certificates 

* common/ksba-io-support.c (base64_reader_cb): Detect the END tag and
don't just rely on the padding chars.  This could happen only with
CR+LF termnmated PEM files.  Also move the detection into the invalid
character detection branch for a minor parser speedup.
--

GnuPG-bug-id: 4847
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 6248739799)
This commit is contained in:
Werner Koch 2020-02-15 19:20:21 +01:00
parent 146dacd3b1
commit 38f819bd6d
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
common/ksba-io-support.c
View File

@ -326,15 +326,25 @@ base64_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
c = parm->line[parm->readpos++];
if (c == '\n' || c == ' ' || c == '\r' || c == '\t')
continue;
if (c == '=')
{ /* pad character: stop */
if (idx == 1)
buffer[n++] = val;
parm->stop_seen = 1;
break;
}
if( (c = asctobin[(c2=c)]) == 255 )
if ((c = asctobin[(c2=c)]) == 255)
{
if (c2 == '=')
{ /* pad character: stop */
if (idx == 1)
buffer[n++] = val;
parm->stop_seen = 1;
break;
}
else if (c2 == '-'
&& parm->readpos == 1
&& parm->readpos-1+9 < parm->linelen
&& !strncmp ((char*)parm->line + parm->readpos-1,
"-----END ", 9))
{ /* END line seen (padding was not needed). */
log_debug ("END seen\n");
parm->stop_seen = 1;
break;
}
log_error (_("invalid radix64 character %02x skipped\n"),
c2);
continue;