diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c index cadc87180..b00f032e7 100644 --- a/agent/cvt-openpgp.c +++ b/agent/cvt-openpgp.c @@ -1107,14 +1107,33 @@ apply_protection (gcry_mpi_t *array, int npkey, int nskey, { if (gcry_mpi_get_flag (array[i], GCRYMPI_FLAG_OPAQUE)) { - const void *s; + const unsigned char *s; unsigned int n; s = gcry_mpi_get_opaque (array[i], &n); + if (!s) + { + s = ""; + n = 0; + } + /* Strip leading zero bits. */ + for (; n >= 8 && !*s; s++, n -= 8) + ; + if (n >= 8 && !(*s & 0x80)) + if (--n >= 7 && !(*s & 0x40)) + if (--n >= 6 && !(*s & 0x20)) + if (--n >= 5 && !(*s & 0x10)) + if (--n >= 4 && !(*s & 0x08)) + if (--n >= 3 && !(*s & 0x04)) + if (--n >= 2 && !(*s & 0x02)) + if (--n >= 1 && !(*s & 0x01)) + --n; + nbits[j] = n; n = (n+7)/8; narr[j] = n; - bufarr[j] = gcry_is_secure (s)? xtrymalloc_secure (n):xtrymalloc (n); + bufarr[j] = (gcry_is_secure (s)? xtrymalloc_secure (n?n:1) + /* */ : xtrymalloc (n?n:1)); if (!bufarr[j]) { err = gpg_error_from_syserror ();