From 6c50834c0905b55ee2da18728194dd4c93c377bf Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 9 Mar 2022 10:48:20 +0900
Subject: [PATCH] sm: Fix parsing encrypted data.

* sm/minip12.c (cram_octet_string): Finish when N==0.
(parse_bag_encrypted_data): Support constructed data with multiple
octet strings.

--

GnuPG-bug-id: 5793
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 sm/minip12.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/sm/minip12.c b/sm/minip12.c
index 820e0d6b0..18d6fa0d2 100644
--- a/sm/minip12.c
+++ b/sm/minip12.c
@@ -362,7 +362,7 @@ cram_octet_string (const unsigned char *input, size_t *length,
   if (!output)
     goto bailout;
 
-  for (;;)
+  while (n)
     {
       if (parse_tag (&s, &n, &ti))
         goto bailout;
@@ -933,6 +933,19 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
       r_consumed = NULL; /* Ugly hack to not update that value any further. */
       ti.length = n;
     }
+  else if (ti.class == CLASS_CONTEXT && ti.tag == 0 && ti.is_constructed)
+    {
+      where = "octets-rc2or3des-ciphertext";
+      n = ti.length;
+      cram_buffer = cram_octet_string ( p, &n, &consumed);
+      if (!cram_buffer)
+        goto bailout;
+      p = p_start = cram_buffer;
+      if (r_consumed)
+        *r_consumed = consumed;
+      r_consumed = NULL; /* Ugly hack to not update that value any further. */
+      ti.length = n;
+    }
   else if (ti.class == CLASS_CONTEXT && ti.tag == 0 && ti.length )
     ;
   else