mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
gpg: Do not abort on certain invalid packets.
* g10/build-packet.c (write_fake_data): Check for non-opaque data. * g10/seskey.c (do_encode_md): Return NULL instead of abort. -- The first may happen if the usage flags of an algorithm do not match the allowed usage. When writing a backsig this would lead to a log_bug in libgcrypt due to the use of a regular MPI as opaque data. The second may happen with all kind of invalid data. It is easy to avoid an abort, though. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
072acb69be
commit
d837f6b0ea
@ -301,6 +301,8 @@ write_fake_data (IOBUF out, gcry_mpi_t a)
|
|||||||
|
|
||||||
if (!a)
|
if (!a)
|
||||||
return 0;
|
return 0;
|
||||||
|
if (!gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
|
||||||
|
return 0; /* e.g. due to generating a key with wrong usage. */
|
||||||
p = gcry_mpi_get_opaque ( a, &n);
|
p = gcry_mpi_get_opaque ( a, &n);
|
||||||
if (!p)
|
if (!p)
|
||||||
return 0; /* For example due to a read error in
|
return 0; /* For example due to a read error in
|
||||||
|
@ -211,9 +211,12 @@ do_encode_md( gcry_md_hd_t md, int algo, size_t len, unsigned nbits,
|
|||||||
int i,n;
|
int i,n;
|
||||||
gcry_mpi_t a;
|
gcry_mpi_t a;
|
||||||
|
|
||||||
if( len + asnlen + 4 > nframe )
|
if (len + asnlen + 4 > nframe)
|
||||||
log_bug ("can't encode a %d bit MD into a %d bits frame, algo=%d\n",
|
{
|
||||||
(int)(len*8), (int)nbits, algo);
|
log_error ("can't encode a %d bit MD into a %d bits frame, algo=%d\n",
|
||||||
|
(int)(len*8), (int)nbits, algo);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
/* We encode the MD in this way:
|
/* We encode the MD in this way:
|
||||||
*
|
*
|
||||||
|
Loading…
x
Reference in New Issue
Block a user