security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

gpg: Find keys using mail addresses with garbage after the '>'

Browse Source 
* kbx/keybox-search.c (blob_cmp_mail): Stop comparing at the '>'.
--

This change allows to find mail addresses like

  Joe Doe <joe@example.org> bar
  Joe Doe <joe@example.org> (comment)

using the command

   gpg  -k '<joe@example.org'

or (with syntactic sugar)

   gpg  -k '<joe@example.org>'

These UIDs are ill-formed according to gpg checks but nevertheless are
seen in the wild.

Note, that it does only work with the new keybox format.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2015-03-20 13:29:20 +01:00
parent 5136e39c64
commit 783a4a9837
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 32 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
kbx/keybox-search.c
View File

@ -385,8 +385,8 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
/* Compare all email addresses of the subject. With SUBSTR given as /* Compare all email addresses of the subject. With SUBSTR given as
True a substring search is done in the mail address. If X509 True a substring search is done in the mail address. The X509 flag
states whether thr search is done on an X.509 blob. */ indicated whether the search is done on an X.509 blob. */
static int static int
blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr, blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
int x509) int x509)
@ -440,27 +440,44 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
off = get32 (buffer+mypos); off = get32 (buffer+mypos);
len = get32 (buffer+mypos+4); len = get32 (buffer+mypos+4);
if (off+len > length) if (off+len > length)
return 0; /* error: better stop here out of bounds */ return 0; /* error: better stop here - out of bounds */
if (!x509) if (x509)
{ {
/* For OpenPGP we need to forward to the mailbox part. */ if (len < 2 || buffer[off] != '<')
for ( ;len && buffer[off] != '<'; len--, off++) continue; /* empty name or trailing 0 not stored */
; len--; /* one back */
if ( len < 3 || buffer[off+len] != '>')
continue; /* not a proper email address */
off++;
len--;
} }
if (len < 2 || buffer[off] != '<') else /* OpenPGP. */
continue; /* empty name or trailing 0 not stored */ {
len--; /* one back */ /* We need to forward to the mailbox part. */
if ( len < 3 || buffer[off+len] != '>') for ( ; len && buffer[off] != '<'; len--, off++)
continue; /* not a proper email address */ ;
len--; if (len < 2 || buffer[off] != '<')
continue; /* empty name or trailing 0 not stored */
off++; /* Point to first char of the mail address. */
len--;
/* Search closing '>'. */
for (mypos=off; len && buffer[mypos] != '>'; len--, mypos++)
;
if (!len || buffer[mypos] != '>' || off == mypos)
continue; /* Not a proper mail address. */
len = mypos - off;
}
if (substr) if (substr)
{ {
if (ascii_memcasemem (buffer+off+1, len, name, namelen)) if (ascii_memcasemem (buffer+off, len, name, namelen))
return idx+1; /* found */ return idx+1; /* found */
} }
else else
{ {
if (len == namelen && !ascii_memcasecmp (buffer+off+1, name, len)) if (len == namelen && !ascii_memcasecmp (buffer+off, name, len))
return idx+1; /* found */ return idx+1; /* found */
} }
} }