security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Code Activity

gpg: Fix segv due to NULL value stored as opaque MPI (BRANCH 2.0)

Browse Source 
* g10/build-packet.c (do_secret_key): Check for NULL return from
gcry_mpi_get_opaque.
* g10/keyid.c (hash_public_key): Ditto.
--

This is a backport of 76c8122adf from
master to the STABLE-BRANCH-2-0

On the STABLE-BRANCH-2-0, we may also want to patch g10/seckey-cert.c,
but that has not been done in this patch.

This fix extends commmit 0835d2f44e.

  gpg2 --export --no-default-keyring --keyring TESTDATA

With TESTDATA being below after unpacking.

-----BEGIN PGP ARMORED FILE-----

mBMEhdkMmS8BcX8F//8F5voEhQAQmBMEnAAAZwAAo4D/f/8EhQAAAIAEnP8EhQAQ
iBMEnP8AAAAABf8jIID///8EhQYQmBMEnIUAEIgTBKT/AAAAAAUAACCA/f//BIUA
EJgTBJx/AP8ABPPzBJx/AP8ABPPz
=2yE0
-----END PGP ARMORED FILE-----

Reported-by: Jodie Cunningham
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor 2015-02-21 18:23:44 -05:00 committed by Werner Koch
parent 9dcf345a84
commit b2d9d105f7
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
g10/build-packet.c
View File

@ -398,7 +398,8 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
assert (gcry_mpi_get_flag (sk->skey[npkey], GCRYMPI_FLAG_OPAQUE)); assert (gcry_mpi_get_flag (sk->skey[npkey], GCRYMPI_FLAG_OPAQUE));
p = gcry_mpi_get_opaque (sk->skey[npkey], &ndatabits ); p = gcry_mpi_get_opaque (sk->skey[npkey], &ndatabits );
iobuf_write (a, p, (ndatabits+7)/8 ); if (p)
iobuf_write (a, p, (ndatabits+7)/8 );
} }
else if ( sk->is_protected ) else if ( sk->is_protected )
{ {
@ -410,7 +411,8 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
assert (gcry_mpi_get_flag (sk->skey[i], GCRYMPI_FLAG_OPAQUE)); assert (gcry_mpi_get_flag (sk->skey[i], GCRYMPI_FLAG_OPAQUE));
p = gcry_mpi_get_opaque (sk->skey[i], &ndatabits); p = gcry_mpi_get_opaque (sk->skey[i], &ndatabits);
iobuf_write (a, p, (ndatabits+7)/8); if (p)
iobuf_write (a, p, (ndatabits+7)/8);
} }
write_16(a, sk->csum ); write_16(a, sk->csum );
} }

16
g10/keyid.c
View File

@ -115,14 +115,18 @@ hash_public_key( gcry_md_hd_t md, PKT_public_key *pk )
if(npkey==0 && pk->pkey[0] if(npkey==0 && pk->pkey[0]
&& gcry_mpi_get_flag (pk->pkey[0], GCRYMPI_FLAG_OPAQUE)) && gcry_mpi_get_flag (pk->pkey[0], GCRYMPI_FLAG_OPAQUE))
{ {
gcry_md_write (md, pp[0], nn[0]); if (pp[0])
gcry_md_write (md, pp[0], nn[0]);
} }
else else
for(i=0; i < npkey; i++ ) {
{ for(i=0; i < npkey; i++ )
gcry_md_write ( md, pp[i], nn[i] ); {
xfree(pp[i]); if (pp[i])
} gcry_md_write ( md, pp[i], nn[i] );
xfree(pp[i]);
}
}
} }
static gcry_md_hd_t static gcry_md_hd_t