1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

5112 Commits

Author SHA1 Message Date
Werner Koch
9078b75a73
common: Add feature to ease using argparse's usage().
* common/argparse.c (show_help): Take care of flag value
(usage): Ditto.
--

It is common that the long usage note starts with the short usage
note.  The new flag feature allows to combine both.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-17 11:22:28 +01:00
Werner Koch
eb5f2c0af6
common: Allow standalone build of argparse.c
* common/argparse.h: Remove types.h - not required.
* common/argparse.c: Change to allow standalone use.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-17 09:19:55 +01:00
Werner Koch
e0398fb110
Typo fix.
--
2015-03-17 09:18:23 +01:00
Werner Koch
ab17f7b6c3
gpg: Create all MPIs with RFC-4880 correct length headers.
* g10/build-packet.c (gpg_mpi_write): Strip leading zeroes.
--

This used not to work with opaque MPI as returned by Libgcrypt from
ECC operations.  This patch fixes this.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-16 20:14:58 +01:00
Werner Koch
bcc8250bc5
gpg: Allow printing of MPI values in --list-mode.
* g10/parse-packet.c (set_packet_list_mode): Set mpi_print_mode.
* g10/misc.c (mpi_print): Do not print an extra leading zero.
--

This was in older versions possible using "--debug 4" but that was
disabled in 2.1 due to a conflict using this values also for
Libgcrypt.  Now the values are dumped either with --debug 4 or using
--list-packets along with --verbose.

Because OpenPGP only uses unsigned integers an extra leading zero will
not be printed anymore.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-16 20:12:44 +01:00
Werner Koch
8bc1debfef
gpg: Fix broken write of opaque MPI length header.
* g10/build-packet.c (gpg_mpi_write): Use a char array for the length.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-16 19:51:06 +01:00
Werner Koch
1a9f13bc66
gpg: Fix possible dead code elimination.
* g10/encrypt.c: Change condition for detecting a real file.
--

Detected by Stack 3.0:

  bug: anti-dce
  model: |
    %tobool155 = icmp ne i32 %call154, 0, !dbg !1298
    -->  true
    ************************************************************
    land.lhs.true156:
    %96 = icmp eq i8* %filename, null
    call void @opt.bugon(i1 %96), !dbg !1298, !bug !1250
    %97 = load i8* %filename, align 1, !dbg !1298
    %conv157 = sext i8 %97 to i32, !dbg !1298
    %tobool158 = icmp ne i32 %conv157, 0, !dbg !1298
    br i1 %tobool158, label %land.lhs.true159, label %if.else177,\
          !dbg !1298
  stack:
    - /home/wk/s/gnupg/g10/encrypt.c:639:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/g10/encrypt.c:639:0
      - null pointer dereference
2015-03-15 14:01:36 +01:00
Werner Koch
4bc3a2e954
g13: Fix pointer wrap check.
* g13/utils.c (find_tuple, next_tuple): Cast pointer to size_t before
doing an overflow check.
--

Detected by Stack 0.3:

    bug: anti-simplify
  model: |
    %cmp4 = icmp ult i8* %add.ptr3, %s.0, !dbg !568
    -->  false
  stack:
    - /home/wk/s/gnupg/g13/utils.c:127:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/g13/utils.c:127:0
      - pointer overflow
2015-03-15 13:33:26 +01:00
Werner Koch
3a35c9740a
agent: Remove useless conditions in command.c.
* agent/command.c (cmd_setkeydesc): Remove NULL check.
(cmd_get_passphrase): Ditto.
(cmd_clear_passphrase): Ditto.
(cmd_get_confirmation): Ditto.
(cmd_getval): Ditto.
(cmd_putval): Ditto.
--

Detected by Stack 0.3.
2015-03-15 13:11:44 +01:00
Werner Koch
3529dd8bb5
agent: Fix length test in sshcontrol parser.
* agent/command-ssh.c (ssh_search_control_file): Check S before
upcasing it.
--

In contradiction to the comment we did not check the length of HEXGRIP
and thus the GPG_ERR_INV_LENGTH was never triggered.

Detected by Stack 0.3:

  bug: anti-simplify
  model: |
    %cmp8 = icmp ne i32 %i.0, 40, !dbg !986
    -->  false
  stack:
    - /home/wk/s/gnupg/agent/command-ssh.c:1226:0
  ncore: 2
  core:
    - /home/wk/s/gnupg/agent/command-ssh.c:1225:0
      - buffer overflow
    - /home/wk/s/gnupg/agent/command-ssh.c:1225:0
      - buffer overflow
2015-03-15 13:04:48 +01:00
Werner Koch
95415bdec7
agent: Remove useless conditions.
* agent/genkey.c (agent_ask_new_passphrase): Remove useless condition.
* agent/command-ssh.c (ssh_identity_register): Ditto.
--

Detected by Stack 0.3:

  bug: anti-simplify
  model: |
    %tobool22 = icmp ne i8* %arraydecay21, null, !dbg !717
    -->  true
  stack:
    - /home/wk/s/gnupg/agent/genkey.c:385:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/agent/genkey.c:362:0
      - pointer overflow

  bug: anti-simplify
  model: |
    %tobool35 = icmp ne i8* %arraydecay34, null, !dbg !1053
    -->  true
  stack:
    - /home/wk/s/gnupg/agent/command-ssh.c:3120:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/agent/command-ssh.c:3103:0
      - pointer overflow
2015-03-15 12:59:17 +01:00
Werner Koch
c59b410cf1
gpg: Remove useless condition.
* g10/keylist.c (list_keyblock_colon): Remove useless condition (PK).
(list_keyblock_print):  Likewise.
--

PK is already derefed above and thus testing for PK is dead code.
Detected by Stack 0.3:

  bug: anti-simplify
  model: |
    %tobool200 = icmp ne %struct.PKT_public_key* %3, null, !dbg !1498
    -->  true
  stack:
    - /home/wk/s/gnupg/g10/keylist.c:1367:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/g10/keylist.c:1319:0
      - null pointer dereference

  bug: anti-simplify
  model: |
    %tobool102 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1462
    -->  true
  stack:
    - /home/wk/s/gnupg/g10/keylist.c:978:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/g10/keylist.c:955:0
      - null pointer dereference

  bug: anti-simplify
  model: |
    %tobool128 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1469
    -->  true
  stack:
    - /home/wk/s/gnupg/g10/keylist.c:990:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/g10/keylist.c:955:0
      - null pointer dereference
2015-03-15 12:39:56 +01:00
Werner Koch
ef0a3abf73
scd: Fix possible NULL deref in apdu.c
* scd/apdu.c (control_pcsc_direct): Take care of BUFLEN being NULL.
(control_pcsc_wrapped): Ditto.
--

pcsc_vendor_specific_init calls the above with BUFFER and BUFLEN as
NULL.

Reported by Stack 0.3:

  bug: anti-dce
  model: |
    control_pcsc.exit77:
    %retval.0.i.i76 = phi i32 [ %rc.0.i.i.i73, \
            %pcsc_error_to_sw.exit.i.i74 ], [ 0, %if.end.i.i75 ]
    %tobool198 = icmp ne i32 %retval.0.i.i76, 0, !dbg !728
    br i1 %tobool198, label %if.then199, label %if.end200, !dbg !728
  stack:
    - /home/wk/s/gnupg/scd/apdu.c:1882:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/scd/apdu.c:1309:0
      - buffer overflow
2015-03-15 12:15:55 +01:00
Werner Koch
35db798c2d
common: Make openpgp_oid_to_str more robust.
* common/openpgp-oid.c (openpgp_oid_to_str): Take care of
gcry_mpi_get_opaque returning NULL.  Remove useless condition !BUF.
--

It is possible that an opaque MPI stores just a NULL pointer.  Take
care of that before incrementing the pointer.  We return an error in
this case because at least a length byte is required.

Found due to hint from stack 0.3:

  bug: anti-simplify
  model: |
    %tobool15 = icmp ne i8* %incdec.ptr, null, !dbg !567
    -->  true
  stack:
    - /home/wk/s/gnupg/common/openpgp-oid.c:220:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/common/openpgp-oid.c:212:0
      - pointer overflow

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-15 12:07:21 +01:00
Werner Koch
efde50f92a
agent: Improve error reporting from Pinentry.
* agent/call-pinentry.c (unlock_pinentry): Add error logging.  Map
error source of uncommon errors to Pinentry.
--

With this change it is possible to detect whether an error like
GPG_ERR_ASS_INV_RESPONSE has its origin in a call to Pinentry or comes
from another part of gpg-agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-11 16:28:32 +01:00
Werner Koch
7b5b52f326
gpg: Change --print-pka-records into an option.
* g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not
use it as a command.
* g10/keylist.c (list_keyblock): List PKA rceords also for secret
keys.
--

An option allows to use it more flexible.  For example to select only
secret keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:37:16 +01:00
Werner Koch
14af2be022
gpg: Add --list-gcrypt-config and "curve" item for --list-config.
* common/openpgp-oid.c (curve_supported_p): New.
(openpgp_enum_curves): New.
* common/t-openpgp-oid.c (test_openpgp_enum_curves): New.
(main): Add option --verbose.
* g10/gpg.c (opts): Add --list-gcrypt-config.
(list_config): Add items "curve" and "curveoid".  Remove unused code.
--

GnuPG-bug-id: 1917
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:35:30 +01:00
NIIBE Yutaka
bb5a1b7c73 scd: fix for 64-bit arch.
* agent/pksign.c (agent_pksign_do): Use int.
* scd/app-openpgp.c (get_public_key): Likewise.

--

On 64-bit architecture, int and size_t might be different.
For the first argument for '%b', int is expected.
2015-03-09 11:00:03 +09:00
Werner Koch
87a218c3bf
doc: Some typo fixes.
--
2015-03-06 10:46:40 +01:00
Werner Koch
007d9d57da
doc: Fix FAQ stub and remove faq build rules.
--

The FAQ is maintained in the gnupg-doc repo.
2015-03-04 15:10:52 +01:00
Daniel Kahn Gillmor
82146af85b
gpg: avoid chatter about trustdb when --quiet
* g10/trustdb.c (tdb_check_trustdb_stale): avoid log_info() when
  opt.quiet
--

gpg(1) says:

       -q, --quiet
              Try to be as quiet as possible.

While the mentions about the stale trustdb information are edifying,
they aren't necessary, and shouldn't be emitted when the user requests
--quiet.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2015-03-04 14:31:45 +01:00
Werner Koch
c071be698e
gpg: Lowercase mailbox for PKA lookups.
* common/stringhelp.c (ascii_strlwr): New.
* common/mbox-util.c (mailbox_from_userid): Downcase result.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-26 18:16:45 +01:00
Werner Koch
736710aede
Remove an unused variable.
--
2015-02-26 18:15:10 +01:00
Werner Koch
91baea2dcd
gpg: Fix memory leak due to PKA lookup.
* g10/keyserver.c (keyserver_import_pka): Move the xfree.
2015-02-26 18:01:13 +01:00
Werner Koch
165094a445
doc: Fix name of keep-ownertrust.
--

Reported-by: Guilhem Moulin <guilhem@fripost.org>
(cherry picked from commit 0d286a11c8)
2015-02-26 17:59:29 +01:00
Werner Koch
a9acf10a15
doc: Update the description of the S2K extension.
--
2015-02-26 11:57:06 +01:00
Werner Koch
2fc27c8696
gpg: Switch to a hash and CERT record based PKA system.
* common/dns-cert.c (get_dns_cert): Make r_key optional.
* common/pka.c: Rewrite for the new hash based lookup.
* common/t-pka.c: New.
* configure.ac: Remove option --disable-dns-pka.
(USE_DNS_PKA): Remove ac_define.
* g10/getkey.c (parse_auto_key_locate): Always include PKA.

--

Note that although PKA is now always build, it will only work if
support for looking up via DNS has not been disabled.

The new PKA only works with the IPGP DNS certtype and shall be used
only to retrieve the fingerprint and optional the key for the first
time.  Due to the security problems with DNSSEC the former assumption
to validate the key using DNSSEC is not anymore justified.  Instead an
additional layer (e.g. Trust-On-First-Use) needs to be implemented to
track change to the key.  Having a solid way of getting a key matching
a mail address is however a must have.

More work needs to go into a redefinition of the --verify-options
pka-lookups and pka-trust-increase.  The auto-key-locate mechanism
should also be able to continue key fetching with another methods once
the fingerprint has been retrieved with PKA.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-25 16:34:19 +01:00
Werner Koch
af60152a46
common: Allow requesting a specific certtype with get_dns_cert()
* common/dns-cert.c (get_dns_cert): Add arg want_certtype.  Change all
callers.
(CERTTYPE_): Move constants to ...
* common/dns-cert.h: here as DNS_CERTTYPE_.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-25 12:03:21 +01:00
Werner Koch
9913253610
Move new mailbox.c source file to common/.
* g10/mailbox.c: Move to ...
* common/mbox-util.c: new file.
* common/mbox-util.h: New. Include where needed.
* g10/t-mailbox.c: Move to ...
* common/t-mbox-util.c: new file.
--

This will make it easier to use the code by other modules in common/.
2015-02-25 11:43:50 +01:00
Werner Koch
e2d9340280
gpg: Add command --print-pka-records.
* g10/gpg.c (main): Add command --print-pka-records.
* g10/options.h (struct opt): Add field "print_pka_records".
* g10/keylist.c (list_keyblock_pka): New.
(list_keyblock): Call it if new option is set.
(print_fingerprint): Add mode 10.
--

This is a fist step towards a slightly updated PKA implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-24 19:31:59 +01:00
Werner Koch
93fa3d5c17
gpg: Add function to extract the mailbox.
* g10/misc.c (has_invalid_email_chars, is_valid_mailbox)
(is_valid_user_id): Move to ...
* g10/mailbox.c: new file.
(string_has_ctrl_or_space, has_dotdot_after_at): New.
(has_invalid_email_chars): New.

* g10/t-mailbox.c: New.
* g10/Makefile.am (module_tests): Add t-mailbox.
(t_mailbox_SOURCES, t_mailbox_LDADD): New.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-24 17:46:22 +01:00
Werner Koch
d790111801
common: Add another test case to zb32.c
--

Fingerprints may eventually be used with zb32 and thus thre should be
a test case.
2015-02-24 17:02:00 +01:00
Werner Koch
ae09515b9d
gpg: Add option to print fingerprints in ICAO spelling.
* g10/gpg.c: Add option --with-icao-spelling.
* g10/options.h (struct opt): Add with_icao_spelling.
* g10/keylist.c (print_icao_hexdigit): New.
(print_fingerprint): Print ICAO spelling.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 17:54:05 +01:00
Werner Koch
a8116aacd9
gpg: Skip legacy keys while searching keyrings.
* g10/getkey.c (search_modes_are_fingerprint): New.
(lookup): Skip over legacy keys.
--

GnuPG-bug-id: 1847
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 16:37:57 +01:00
Werner Koch
d9f6eea611
common: Fix regression due to commit 2183683b.
* common/dns-cert.c (get_dns_cert): Remove cruft.
--

GnuPG-bug-id: 1850
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 15:25:37 +01:00
Werner Koch
d2a70fd834
gpg: Replace remaining uses of stdio by estream.
* g10/sign.c (sign_file):  Use log_printf instead of stderr.
* g10/tdbdump.c (export_ownertrust): Use estream fucntions.
(import_ownertrust): Ditto.
* g10/tdbio.c (tdbio_dump_record): Ditto.  Change arg to estream_t.
--

Reported-by: Guilhem Moulin <guilhem@fripost.org>

  Needed for unattended key edits with --status-fd, because since 2.1
  status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd)
  not fflush(3), so the standard output may not be flushed before each
  prompt. (Which breaks scripts using select(2) to multiplex between
  the standard and status outputs.)

His patch only affected print_and_check_one_sig_colon() but there are
many more places where stdio and estream are mixed.  This patch now
replaces most of them in g10/.  At some places stdio is still used,
but that is local to a function and should not have side effects.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 17:22:27 +01:00
Werner Koch
76c8122adf
gpg: Fix segv due to NULL value stored as opaque MPI.
* g10/build-packet.c (gpg_mpi_write): Check for NULL return from
gcry_mpi_get_opaque.
(gpg_mpi_write_nohdr, do_key): Ditto.
* g10/keyid.c (hash_public_key): Ditto.
--

This fix extends commmit 0835d2f44e.

  gpg2 --export --no-default-keyring --keyring TESTDATA

With TESTDATA being below after unpacking.

-----BEGIN PGP ARMORED FILE-----

mBMEhdkMmS8BcX8F//8F5voEhQAQmBMEnAAAZwAAo4D/f/8EhQAAAIAEnP8EhQAQ
iBMEnP8AAAAABf8jIID///8EhQYQmBMEnIUAEIgTBKT/AAAAAAUAACCA/f//BIUA
EJgTBJx/AP8ABPPzBJx/AP8ABPPz
=2yE0
-----END PGP ARMORED FILE-----

Reported-by: Jodie Cunningham
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-19 16:29:58 +01:00
Werner Koch
07a71da479 scd: Fix regression in 2.1.2 (due to commit 2183683)
* scd/apdu.c (pcsc_vendor_specific_init): Replace use of
bufNN_to_uint by direct code.
--

Hey, that was little endian.
2015-02-12 20:40:39 +01:00
Andre Heinecke
070d7bf940 dirmngr: Initialize cache from sysconfig dir
* dirmngr/certcache.c (cert_cache_init): Load certificates
from sysconfig dir instead of the homeidr.
* dirmngr/dirmngr.c (main): Removed parsing of obsolete
homedir_data option.
* dirmngr/dirmngr.h (opt): Removed homedir_data.
* doc/dirmngr.texi: Update and clarify certs directory doc.

--

Using the homedir for extra-certs and trusted-certs makes
little sense when dirmngr is used with a caller that
manages it's own store of certificates and can
provide those through the SENDCERT command.
You can use trusted-certs and extra-certs to provide
users with a base of locally available certificates that are
not already in store of the applications.
2015-02-12 13:02:53 +01:00
Werner Koch
b4c798b86e Post release updates.
--
2015-02-11 19:48:21 +01:00
Werner Koch
fc17562cc4 Release 2.1.2 2015-02-11 19:22:25 +01:00
Werner Koch
bc0d610704 po: Auto update.
--
2015-02-11 19:20:46 +01:00
Werner Koch
8219c87c30 dirmngr: Avoid warning about unused function.
* dirmngr/dirmngr.c (my_gnutls_log): Build only if gnutls is used.
2015-02-11 19:01:11 +01:00
Werner Koch
81e93e251e build: Update standard build-aux files. 2015-02-11 18:51:00 +01:00
Werner Koch
1209ea4e07 doc: Add another use case for --show-session-key.
--
GnuPG-bug-id: 1835
2015-02-11 12:21:30 +01:00
Werner Koch
15fad6b1b9 doc: Change remaining http links to gnupg.org to https
--
GnuPG-bug-id: 1830
2015-02-11 12:10:39 +01:00
Werner Koch
2183683bd6 Use inline functions to convert buffer data to scalars.
* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--

Commit 91b826a388 was not enough to
avoid all sign extension on shift problems.  Hanno Böck found a case
with an invalid read due to this problem.  To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-11 10:28:25 +01:00
Werner Koch
f0f71a721c gpg: Prevent an invalid memory read using a garbled keyring.
* g10/keyring.c (keyring_get_keyblock): Whitelist allowed packet
types.
* g10/keydb.c (parse_keyblock_image): Ditto.
--

The keyring DB code did not reject packets which don't belong into a
keyring.  If for example the keyblock contains a literal data packet
it is expected that the processing code stops at the data packet and
reads from the input stream which is referenced from the data packets.
Obviously the keyring processing code does not and cannot do that.
However, when exporting this messes up the IOBUF and leads to an
invalid read of sizeof (int).

We now skip all packets which are not allowed in a keyring.

Reported-by: Hanno Böck <hanno@hboeck.de>

Test data:

  gpg2 --no-default-keyring --keyring FILE --export >/dev/null

With this unpacked data for FILE:

-----BEGIN PGP ARMORED FILE-----

mI0EVNP2zQEEALvETPVDCJDBXkegF4esiV1fqlne40yJnCmJeDEJYocwFPXfFA86
sSGjInzgDbpbC9gQPwq91Qe9x3Vy81CkyVonPOejhINlzfpzqAAa3A6viJccZTwt
DJ8E/I9jg53sbYW8q+VgfLn1hlggH/XQRT0HkXMP5y9ClURYnTsNwJhXABEBAAGs
CXRlc3QgdGVzdIi5BBMBCgAjBQJU0/bNAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwEC
HgECF4AACgkQlsmuCapsqYLvtQP/byY0tM0Lc3moftbHQZ2eHj9ykLjsCjeMDfPx
kZUUtUS3HQaqgZLZOeqPjM7XgGh5hJsd9pfhmRWJ0x+iGB47XQNpRTtdLBV/WMCS
l5z3uW7e9Md7QVUVuSlJnBgQHTS6EgP8JQadPkAiF+jgpJZXP+gFs2j3gobS0qUF
eyTtxs+wAgAD
=uIt9
-----END PGP ARMORED FILE-----

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-09 15:46:00 +01:00
Werner Koch
0835d2f44e gpg: Fix a NULL-deref in export due to invalid packet lengths.
* g10/build-packet.c (write_fake_data): Take care of a NULL stored as
opaque MPI.
--

Reported-by: Hanno Böck <hanno@hboeck.de>

Test data:

     gpg2 --no-default-keyring --keyring FILE --export

With this unpacked data for FILE:

-----BEGIN PGP ARMORED FILE-----
Version: GnuPG v2
Comment: Use "gpg --dearmor" for unpacking

mI0EGRkZGRkZGRkZGRkZGRkBGRkZGRkZGRkZGRkZGQAZGRkZGRkZGRkZGRkZGRkZ
GRkZInzgDbpa/9gQ4wq9////f3Vy81CkyVq3HQaqgZLZOeqPjM7XgGh5hJvAkpec
9wAAAgDHe0FVFbkppJZXP+gFs6z3gobS0qUFeyTtxs+wAgAD
=JDFT
-----END PGP ARMORED FILE-----

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-09 10:54:06 +01:00
Werner Koch
3997848786 gpg: Fix a NULL-deref due to empty ring trust packets.
* g10/parse-packet.c (parse_trust): Always allocate a packet.
--

Reported-by: Hanno Böck <hanno@hboeck.de>
Signed-off-by: Werner Koch <wk@gnupg.org>

Test data:

 gpg2 --no-default-keyring --keyring FILE --export

With this unpacked data for FILE:

-----BEGIN PGP ARMORED FILE-----
Version: GnuPG v2
Comment: Use "gpg --dearmor" for unpacking

mI0EVNP2zQEEALvETPVDCJDBXkegF4esiV1fqlne40yJnCmJeDEJYocwFPXfFA86
sSGjInzgDbpbC9gQPwq91Qe9x3Vy81CkyVonPOejhINlzfpzqAAa3A6viJccZTwt
DJ8E/I9jg53sbYW8q+VgfLn1hlggH/XQRT0HkXMP5y9ClURYnTsNwJhXABEBAAG0
CXRlc3QgdGVzdIi5BBMBCgAjBQJU0/bNAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwEC
HgECF4AACgkQlsmuCapsqYLvtQP/byY0tM0Lc3moftbHQZ2eHj9ykLjsCjeMDfPx
kZUUtUS3HQaqgZLZOeqPjM7XgGh5hJsd9pfhmRWJ0x+iGB47XQNpRTtdLBV/WMCS
l5z3uW7e9Md7QVUVuSlJnBgQHTS6EgP8JQadPkAiF+jgpJZXP+gFs2j3gobS0qUF
eyTtxs+wAAAD
=puSt
-----END PGP ARMORED FILE-----
2015-02-09 10:31:31 +01:00