1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Werner Koch d901efceba
gpg: Fix DoS while parsing mangled secret key packets.
* g10/parse-packet.c (parse_key): Check PKTLEN before calling mpi_read
et al.
--

Due to the missing length checks PKTLEN may turn negative.  Because
PKTLEN is an unsigned int the malloc in read_rest would try to malloc
a too large number and terminate the process with "error reading rest
of packet: Cannot allocate memory".

Reported-by: Hanno Böck.
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-05 12:49:26 +02:00
..
2015-04-03 17:39:59 +09:00
2015-04-03 17:39:59 +09:00
2015-04-03 17:39:59 +09:00
2014-07-23 14:35:22 +02:00
2014-10-31 14:21:34 +01:00
2007-07-04 19:49:40 +00:00
2014-11-13 12:01:42 +01:00
2015-02-04 09:15:34 +01:00
2015-02-04 09:15:34 +01:00
2015-04-03 17:39:59 +09:00
2015-04-03 17:39:59 +09:00
2015-03-15 12:39:56 +01:00
2014-11-19 10:47:57 +01:00
2008-12-12 08:54:50 +00:00
2014-01-29 17:45:05 +01:00