1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Limit the nesting level of I/O filters.

* until/iobuf.c (MAX_NESTING_FILTER): New.
(iobuf_push_filter2): Limit the nesting level.
--

This is a more general fix for the nested compression packet bug.  In
particular this helps g10/import.c:read_block to stop pushing
compression filters onto an iobuf stream.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2013-10-04 08:20:49 +02:00
parent d90a1d2340
commit f10b184e48

View File

@ -55,6 +55,11 @@
#undef FILE_FILTER_USES_STDIO #undef FILE_FILTER_USES_STDIO
/* To avoid a potential DoS with compression packets we better limit
the number of filters in a chain. */
#define MAX_NESTING_FILTER 64
#ifdef HAVE_DOSISH_SYSTEM #ifdef HAVE_DOSISH_SYSTEM
#define USE_SETMODE 1 #define USE_SETMODE 1
#endif #endif
@ -1403,6 +1408,12 @@ iobuf_push_filter2( IOBUF a,
if( a->use == 2 && (rc=iobuf_flush(a)) ) if( a->use == 2 && (rc=iobuf_flush(a)) )
return rc; return rc;
if (a->subno >= MAX_NESTING_FILTER) {
log_error ("i/o filter too deeply nested - corrupted data?\n");
return G10ERR_UNEXPECTED;
}
/* make a copy of the current stream, so that /* make a copy of the current stream, so that
* A is the new stream and B the original one. * A is the new stream and B the original one.
* The contents of the buffers are transferred to the * The contents of the buffers are transferred to the