From efffd9907b7501323bae89ae515bc26312aaab15 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 24 Jul 2019 19:26:10 -0400 Subject: [PATCH] agent: Do not place a trailing NUL byte on S-expressions * agent/pkdecrypt.c (agent_pkdecrypt): Avoid appending a trailing NUL byte at the end of the generated S-expression. -- In many cases, a canonical S-expression may have an embedded NUL anyway (especially if it contains raw cryptographic key material or other high-entropy bytestrings), so trying to treat a canonical S-expression as a C string is likely to be dangerous -- better to not leave any such expectations. With the previous commit addressing the otherwise brittle consumers of pkdecrypt, this should now be safe to do. GnuPG-bug-id: 4652 Signed-off-by: Daniel Kahn Gillmor --- agent/pkdecrypt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c index ec23daf83..23b9c1a0b 100644 --- a/agent/pkdecrypt.c +++ b/agent/pkdecrypt.c @@ -95,7 +95,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text, put_membuf_printf (outbuf, "(5:value%u:", (unsigned int)len); put_membuf (outbuf, buf, len); - put_membuf (outbuf, ")", 2); + put_membuf (outbuf, ")", 1); } else { /* No smartcard, but a private key */ @@ -130,7 +130,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text, part. Turn it into a complete S-expression. */ put_membuf (outbuf, "(5:value", 8); put_membuf (outbuf, buf, len); - put_membuf (outbuf, ")", 2); + put_membuf (outbuf, ")", 1); } }