security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-20 14:37:08 +01:00
Code Activity

gpg: More robustly detect valid non-armored OpenPGP messages.

Browse Source 
* g10/armor.c (is_armored): More robustly detect valid non-armored
OpenPGP messages.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
This commit is contained in:
Neal H. Walfield 2016-03-02 15:47:01 +01:00
parent 24e0f1d56e
commit 605276ef8c
1 changed files with 55 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
g10/armor.c
View File

@ -193,38 +193,79 @@ initialize(void)
/**************** /****************
* Check whether this is an armored file or not See also * Check whether this is an armored file or not See also
* parse-packet.c for details on this code For unknown historic * parse-packet.c for details on this code.
* reasons we use a string here but only the first byte will be used.
* Returns: True if it seems to be armored * Returns: True if it seems to be armored
*/ */
static int static int
is_armored( const byte *buf ) is_armored( const byte *buf )
{ {
int ctb, pkttype; int ctb, pkttype;
int indeterminate_length_allowed;
ctb = *buf; ctb = *buf;
if( !(ctb & 0x80) ) if( !(ctb & 0x80) )
return 1; /* invalid packet: assume it is armored */ /* The most significant bit of the CTB must be set. Since it is
cleared, this is not a binary OpenPGP message. Assume it is
armored. */
return 1;
pkttype = ctb & 0x40 ? (ctb & 0x3f) : ((ctb>>2)&0xf); pkttype = ctb & 0x40 ? (ctb & 0x3f) : ((ctb>>2)&0xf);
switch( pkttype ) { switch( pkttype ) {
case PKT_MARKER:
case PKT_SYMKEY_ENC:
case PKT_ONEPASS_SIG:
case PKT_PUBLIC_KEY:
case PKT_SECRET_KEY:
case PKT_PUBKEY_ENC: case PKT_PUBKEY_ENC:
case PKT_SIGNATURE: case PKT_SIGNATURE:
case PKT_COMMENT: case PKT_SYMKEY_ENC:
case PKT_OLD_COMMENT: case PKT_ONEPASS_SIG:
case PKT_PLAINTEXT: case PKT_SECRET_KEY:
case PKT_PUBLIC_KEY:
case PKT_SECRET_SUBKEY:
case PKT_MARKER:
case PKT_RING_TRUST:
case PKT_USER_ID:
case PKT_PUBLIC_SUBKEY:
case PKT_ATTRIBUTE:
case PKT_MDC:
indeterminate_length_allowed = 0;
break;
case PKT_COMPRESSED: case PKT_COMPRESSED:
case PKT_ENCRYPTED: case PKT_ENCRYPTED:
return 0; /* seems to be a regular packet: not armored */ case PKT_ENCRYPTED_MDC:
case PKT_PLAINTEXT:
case PKT_OLD_COMMENT:
case PKT_COMMENT:
case PKT_GPG_CONTROL:
indeterminate_length_allowed = 1;
break;
default:
/* Invalid packet type. */
return 1;
} }
if (! indeterminate_length_allowed)
/* It is only legal to use an indeterminate length with a few
packet types. If a packet uses an indeterminate length, but
that is not allowed, then the data is not valid binary
OpenPGP data. */
{
int new_format;
int indeterminate_length;
new_format = !! (ctb & (1 << 6));
if (new_format)
indeterminate_length = (buf[1] >= 224 && buf[1] < 255);
else
indeterminate_length = (ctb & 3) == 3;
if (indeterminate_length)
return 1; return 1;
} }
/* The first CTB seems legit. It is probably not armored
data. */
return 0;
}
/**************** /****************
* Try to check whether the iobuf is armored * Try to check whether the iobuf is armored