* trustdb.c (mark_usable_uid_certs): Fix segfault from bad

initialization and fix reversed key signature expiration check.
2024-07-01 02:42:44 +02:00 · 2001-11-27 10:28:39 +00:00 · 2001-11-27 10:28:39 +00:00 · eb485f83ef
commit eb485f83ef
parent 2687db38df
2 changed files with 8 additions and 2 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,8 @@
+2001-11-26  David Shaw  <dshaw@jabberwocky.com>
+
+	* trustdb.c (mark_usable_uid_certs): Fix segfault from bad
+	initialization and fix reversed key signature expiration check.
+
 2001-11-09  Werner Koch  <wk@gnupg.org>

 	* export.c (do_export_stream): Put all given names into a search
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -995,7 +995,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
                       u32 curtime, u32 *next_expire)
 {
  KBNODE node;
-  PKT_signature *sig = node->pkt->pkt.signature;
+  PKT_signature *sig;
  
  /* first check all signatures */
  for (node=uidnode->next; node; node = node->next)
@ -1076,7 +1076,8 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
                    
          p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
          expire = p? sig->timestamp + buffer_to_u32(p) : 0;
-          if ( expire < curtime )
+
+          if (expire==0 || expire > curtime )
            {
              signode->flag |= (1<<8); /* yeah, found a good cert */
              if (expire && expire < *next_expire)