mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
agent: Do not place a trailing NUL byte on S-expressions
* agent/pkdecrypt.c (agent_pkdecrypt): Avoid appending a trailing NUL byte at the end of the generated S-expression. -- In many cases, a canonical S-expression may have an embedded NUL anyway (especially if it contains raw cryptographic key material or other high-entropy bytestrings), so trying to treat a canonical S-expression as a C string is likely to be dangerous -- better to not leave any such expectations. With the previous commit addressing the otherwise brittle consumers of pkdecrypt, this should now be safe to do. GnuPG-bug-id: 4652 Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
parent
fdd1567743
commit
efffd9907b
@ -95,7 +95,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
|
|||||||
|
|
||||||
put_membuf_printf (outbuf, "(5:value%u:", (unsigned int)len);
|
put_membuf_printf (outbuf, "(5:value%u:", (unsigned int)len);
|
||||||
put_membuf (outbuf, buf, len);
|
put_membuf (outbuf, buf, len);
|
||||||
put_membuf (outbuf, ")", 2);
|
put_membuf (outbuf, ")", 1);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{ /* No smartcard, but a private key */
|
{ /* No smartcard, but a private key */
|
||||||
@ -130,7 +130,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
|
|||||||
part. Turn it into a complete S-expression. */
|
part. Turn it into a complete S-expression. */
|
||||||
put_membuf (outbuf, "(5:value", 8);
|
put_membuf (outbuf, "(5:value", 8);
|
||||||
put_membuf (outbuf, buf, len);
|
put_membuf (outbuf, buf, len);
|
||||||
put_membuf (outbuf, ")", 2);
|
put_membuf (outbuf, ")", 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user