gpg: Do not abort on certain invalid packets.

* g10/build-packet.c (write_fake_data): Check for non-opaque data. * g10/seskey.c (do_encode_md): Return NULL instead of abort. -- The first may happen if the usage flags of an algorithm do not match the allowed usage. When writing a backsig this would lead to a log_bug in libgcrypt due to the use of a regular MPI as opaque data. The second may happen with all kind of invalid data. It is easy to avoid an abort, though. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2016-06-02 15:14:49 +02:00 · 2016-06-02 15:14:49 +02:00 · d837f6b0ea
commit d837f6b0ea
parent 072acb69be
2 changed files with 8 additions and 3 deletions
--- a/g10/seskey.c
+++ b/g10/seskey.c
@ -211,9 +211,12 @@ do_encode_md( gcry_md_hd_t md, int algo, size_t len, unsigned nbits,
    int i,n;
    gcry_mpi_t a;

-    if( len + asnlen + 4  > nframe )
-      log_bug ("can't encode a %d bit MD into a %d bits frame, algo=%d\n",
-               (int)(len*8), (int)nbits, algo);
+    if (len + asnlen + 4  > nframe)
+      {
+        log_error ("can't encode a %d bit MD into a %d bits frame, algo=%d\n",
+                   (int)(len*8), (int)nbits, algo);
+        return NULL;
+      }

    /* We encode the MD in this way:
     *