security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: Do not abort on certain invalid packets.

Browse source 
* g10/build-packet.c (write_fake_data): Check for non-opaque data.
* g10/seskey.c (do_encode_md): Return NULL instead of abort.
--

The first may happen if the usage flags of an algorithm do not match
the allowed usage.  When writing a backsig this would lead to a
log_bug in libgcrypt due to the use of a regular MPI as opaque data.

The second may happen with all kind of invalid data.  It is easy to
avoid an abort, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2016-06-02 15:14:49 +02:00
parent 072acb69be
commit d837f6b0ea
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
2 changed files with 8 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
g10/build-packet.c
View file

@ -301,6 +301,8 @@ write_fake_data (IOBUF out, gcry_mpi_t a)
if (!a)
return 0;
if (!gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
return 0; /* e.g. due to generating a key with wrong usage. */
p = gcry_mpi_get_opaque ( a, &n);
if (!p)
return 0; /* For example due to a read error in