mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
gpg: Do not allow creation of user ids larger than our parser allows.
* g10/parse-packet.c: Move max packet lengths constants to ...
* g10/packet.h: ... here.
* g10/build-packet.c (do_user_id): Return an error if too data is too
large.
* g10/keygen.c (write_uid): Return an error for too large data.
--
This can lead to keyring corruption becuase we expect that our parser
is abale to parse packts created by us. Test case is
gpg --batch --passphrase 'abc' -v \
--quick-gen-key $(yes 'a'| head -4000|tr -d '\n')
GnuPG-bug-id: 4532
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
6e39541f4f
commit
d32963eeb3
4 changed files with 31 additions and 21 deletions
|
|
@ -33,6 +33,11 @@
|
|||
|
||||
#define DEBUG_PARSE_PACKET 1
|
||||
|
||||
/* Maximum length of packets to avoid excessive memory allocation. */
|
||||
#define MAX_KEY_PACKET_LENGTH (256 * 1024)
|
||||
#define MAX_UID_PACKET_LENGTH ( 2 * 1024)
|
||||
#define MAX_COMMENT_PACKET_LENGTH ( 64 * 1024)
|
||||
#define MAX_ATTR_PACKET_LENGTH ( 16 * 1024*1024)
|
||||
|
||||
/* Constants to allocate static MPI arrays. */
|
||||
#define PUBKEY_MAX_NPKEY OPENPGP_MAX_NPKEY
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue