gpg: Fix a NULL-deref for invalid input data.

* g10/mainproc.c (proc_encrypted): Take care of canceled passpharse entry. -- GnuPG-bug-id: 1761 Signed-off-by: Werner Koch <wk@gnupg.org> (backported from commit 32e85668b8)
2024-06-09 23:39:51 +02:00 · 2014-11-24 19:32:47 +01:00 · 2014-11-24 19:32:47 +01:00 · 69767ccf42
commit 69767ccf42
parent fbb50867f8
1 changed files with 8 additions and 2 deletions
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -540,7 +540,9 @@ proc_encrypted( CTX c, PACKET *pkt )
 	result = -1;
    else if( !c->dek && !c->last_was_session_key ) {
        int algo;
-        STRING2KEY s2kbuf, *s2k = NULL;
+        STRING2KEY s2kbuf;
+        STRING2KEY *s2k = NULL;
+        int canceled;

 	if(opt.override_session_key)
 	  {
@ -580,9 +582,13 @@ proc_encrypted( CTX c, PACKET *pkt )
 		log_info (_("assuming %s encrypted data\n"), "IDEA");
 	      }

-	    c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL, NULL );
+	    c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL,&canceled);
 	    if (c->dek)
 	      c->dek->algo_info_printed = 1;
+            else if (canceled)
+              result = G10ERR_CANCELED;
+            else
+              result = G10ERR_PASSPHRASE;
 	  }
    }
    else if( !c->dek )