security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: Fix expand GPG groups when resolving a key

Browse source 
* g10/expand-group.c (expand_group): Add arg prepend_input.
* g10/pkclist.c (build_pk_list): Adjust for it.
* g10/getkey.c (key_byname): Keep the expanded names in the CTX and
don't premature free them.
(get_pubkey_byname): Append the namelist to the extra_list.
--

The original patch didn't kept the expanded list in the context and
also would duplicate names which are not group names.  The latter does
not really harm but the former lead to a use after free.  Original
patch was applied just a few weeks ago.

Fixes-commit: e825aea2ba
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2019-09-30 14:08:13 +02:00
parent b966a7c142
commit ec81c437e7
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
4 changed files with 55 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

33
g10/expand-group.c
View file

@ -53,21 +53,36 @@ expand_id (const char *id, strlist_t *into, unsigned int flags)
}
/* For simplicity, and to avoid potential loops, we only expand once -
* you can't make an alias that points to an alias. */
* you can't make an alias that points to an alias. If PREPEND_INPUT
* is true each item from INPUT is prepended to the new list; if it is
* false the original item from INPUT is only added if no group
* existed for it. */
strlist_t
expand_group (strlist_t input)
expand_group (strlist_t input, int prepend_input)
{
strlist_t output = NULL;
strlist_t sl, rover;
for (rover = input; rover; rover = rover->next)
if (!(rover->flags & PK_LIST_FROM_FILE)
&& !expand_id (rover->d, &output, rover->flags))
{
/* Didn't find any groups, so use the existing string */
sl = add_to_strlist (&output, rover->d);
sl->flags = rover->flags;
}
{
if ((rover->flags & PK_LIST_FROM_FILE))
continue;
if (!expand_id (rover->d, &output, rover->flags))
{
/* Didn't find any groups, so use the existing string unless
* we will anyway add it due to the prepend flag. */
if (!prepend_input)
{
sl = add_to_strlist (&output, rover->d);
sl->flags = rover->flags;
}
}
if (prepend_input)
{
sl = add_to_strlist (&output, rover->d);
sl->flags = rover->flags;
}
}
return output;
}