security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.

Browse source 
This prevents a memory allocation attack with a very large user ID.  A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number.  Noted by Evgeny Legerov on full-disclosure.
This commit is contained in:
David Shaw 2006-06-09 19:45:19 +00:00
parent 49c31957f0
commit 91dbfce3b7
2 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
g10/ChangeLog
View file

@ -1,3 +1,11 @@
2006-06-09 David Shaw <dshaw@jabberwocky.com>
* parse-packet.c (parse_user_id): Cap the user ID size at 2048
bytes. This prevents a memory allocation attack with a very large
user ID. A very large packet length could even cause the
allocation (a u32) to wrap around to a small number. Noted by
Evgeny Legerov on full-disclosure.
2006-05-25 David Shaw <dshaw@jabberwocky.com>
* keygen.c (gen_dsa): Allow generating DSA2 keys