1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00
Werner Koch 014b2103fc gpg: Avoid infinite loop in uncompressing garbled packets.
* g10/compress.c (do_uncompress): Limit the number of extra FF bytes.
--

A packet like (a3 01 5b ff) leads to an infinite loop.  Using
--max-output won't help if it is a partial packet.  This patch
actually fixes a regression introduced on 1999-05-31 (c34c6769).
Actually it would be sufficient to stuff just one extra 0xff byte.
Given that this problem popped up only after 15 years, I feel safer to
allow for a very few FF bytes.

Thanks to Olivier Levillain and Florian Maury for their detailed
report.
2014-06-20 20:24:52 +02:00
..
2009-12-21 16:19:09 +00:00
2009-09-03 11:29:25 +00:00
2007-07-04 19:49:40 +00:00
2007-07-04 19:49:40 +00:00
2007-07-04 19:49:40 +00:00
2014-06-03 08:44:08 +02:00
2007-07-04 19:49:40 +00:00
2009-12-21 16:19:09 +00:00
2011-07-01 10:33:43 +02:00
2009-07-20 11:02:20 +00:00
2007-07-04 19:49:40 +00:00
2014-06-02 17:33:18 +02:00
2007-07-04 19:49:40 +00:00
2009-09-03 20:51:55 +00:00
2007-07-04 19:49:40 +00:00
2010-05-12 10:53:02 +00:00
2007-07-04 19:49:40 +00:00
2009-06-05 14:11:03 +00:00
2008-12-12 12:01:20 +00:00
2008-12-12 08:54:50 +00:00
2009-06-05 14:11:03 +00:00
2009-05-26 09:29:02 +00:00