security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

gpg: Make sure a user ID packet has always a terminating Nul in memory.

Browse Source 
* g10/keygen.c (write_uid): Avoid overflow.
--

Also the actual length if the user ID is given by LEN, using NAME
diretcly is often more convenient.
This commit is contained in:
Werner Koch 2016-07-01 15:18:59 +02:00
parent 681c6ef757
commit d8bce478be
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
g10/keygen.c
View File

@ -202,7 +202,7 @@ write_uid( KBNODE root, const char *s )
size_t n = strlen(s); size_t n = strlen(s);
pkt->pkttype = PKT_USER_ID; pkt->pkttype = PKT_USER_ID;
pkt->pkt.user_id = xmalloc_clear( sizeof *pkt->pkt.user_id + n - 1 ); pkt->pkt.user_id = xmalloc_clear (sizeof *pkt->pkt.user_id + n);
pkt->pkt.user_id->len = n; pkt->pkt.user_id->len = n;
pkt->pkt.user_id->ref = 1; pkt->pkt.user_id->ref = 1;
strcpy(pkt->pkt.user_id->name, s); strcpy(pkt->pkt.user_id->name, s);

2
g10/packet.h
View File

@ -293,7 +293,7 @@ typedef struct
} flags; } flags;
/* The text contained in the user id packet, which is normally the /* The text contained in the user id packet, which is normally the
name and email address of the key holder (See RFC 4880 5.11). name and email address of the key holder (See RFC 4880 5.11).
(Serialized.) */ (Serialized.). For convenience an extra Nul is always appended. */
char name[1]; char name[1];
} PKT_user_id; } PKT_user_id;