security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: Use is_secured_filename before opening the file.

Browse source 
* g10/gpg.c (print_mds): Check by is_secured_filename, earlier.
* g10/tdbdump.c (import_ownertrust): Likewise.

--

GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2023-07-14 15:49:23 +09:00
parent cf270b0d30
commit 5d375bb168
No known key found for this signature in database
GPG key ID: 640114AF89DE6054
2 changed files with 8 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

6
g10/gpg.c
View file

@ -5622,13 +5622,13 @@ print_mds( const char *fname, int algo )
}
else
{
fp = es_fopen (fname, "rb" );
if (fp && is_secured_file (es_fileno (fp)))
if (is_secured_filename (fname))
{
es_fclose (fp);
fp = NULL;
gpg_err_set_errno (EPERM);
}
else
fp = es_fopen (fname, "rb" );
}
if (!fp)
{