security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-05-31 22:18:03 +02:00
Code Activity
f0f71a721c
gnupg/g10
History
Werner Koch f0f71a721c gpg: Prevent an invalid memory read using a garbled keyring. 
* g10/keyring.c (keyring_get_keyblock): Whitelist allowed packet
types.
* g10/keydb.c (parse_keyblock_image): Ditto.
--

The keyring DB code did not reject packets which don't belong into a
keyring.  If for example the keyblock contains a literal data packet
it is expected that the processing code stops at the data packet and
reads from the input stream which is referenced from the data packets.
Obviously the keyring processing code does not and cannot do that.
However, when exporting this messes up the IOBUF and leads to an
invalid read of sizeof (int).

We now skip all packets which are not allowed in a keyring.

Reported-by: Hanno Böck <hanno@hboeck.de>

Test data:

  gpg2 --no-default-keyring --keyring FILE --export >/dev/null

With this unpacked data for FILE:

-----BEGIN PGP ARMORED FILE-----

mI0EVNP2zQEEALvETPVDCJDBXkegF4esiV1fqlne40yJnCmJeDEJYocwFPXfFA86
sSGjInzgDbpbC9gQPwq91Qe9x3Vy81CkyVonPOejhINlzfpzqAAa3A6viJccZTwt
DJ8E/I9jg53sbYW8q+VgfLn1hlggH/XQRT0HkXMP5y9ClURYnTsNwJhXABEBAAGs
CXRlc3QgdGVzdIi5BBMBCgAjBQJU0/bNAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwEC
HgECF4AACgkQlsmuCapsqYLvtQP/byY0tM0Lc3moftbHQZ2eHj9ykLjsCjeMDfPx
kZUUtUS3HQaqgZLZOeqPjM7XgGh5hJsd9pfhmRWJ0x+iGB47XQNpRTtdLBV/WMCS
l5z3uW7e9Md7QVUVuSlJnBgQHTS6EgP8JQadPkAiF+jgpJZXP+gFs2j3gobS0qUF
eyTtxs+wAgAD
=uIt9
-----END PGP ARMORED FILE-----

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-09 15:46:00 +01:00
..
armor.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
build-packet.c gpg: Fix a NULL-deref in export due to invalid packet lengths. 2015-02-09 10:54:06 +01:00
call-agent.c gpg: Re-enable the "Passphrase" parameter for batch key generation. 2015-01-21 11:31:20 +01:00
call-agent.h gpg: Re-enable the "Passphrase" parameter for batch key generation. 2015-01-21 11:31:20 +01:00
call-dirmngr.c Add option --no-autostart. 2014-11-28 09:44:19 +01:00
call-dirmngr.h gpg: Print the actual used keyserver address. 2014-03-14 16:12:54 +01:00
card-util.c gpg: Remove unused args from a function. 2015-01-05 15:15:36 +01:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
cipher.c gpg: Remove options --pgp2 and --rfc1991. 2014-08-14 11:03:55 +02:00
comment.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
compress-bz2.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
compress.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
cpr.c common: Add cpr_get_answer_is_yes_def() 2014-07-23 14:35:22 +02:00
dearmor.c gpg: Create exported secret files and revocs with mode 700. 2014-06-30 09:12:48 +02:00
decrypt-data.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
decrypt.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
dek.h gpg: Remove cipher.h and put algo ids into a common file. 2014-01-29 20:35:05 +01:00
delkey.c gpg: --delete-secret-key - check that a secret key exists. 2014-09-20 16:27:16 +02:00
distsigkey.gpg Add more signing keys. 2014-10-31 14:21:34 +01:00
ecdh.c gpg: Clear a possible rest of the KDF secret buffer. 2015-01-05 15:15:28 +01:00
encrypt.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
exec.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
exec.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
export.c gpg: Fix export bug using exact search with only one key in the keybox. 2014-12-01 11:54:51 +01:00
filter.h gpg: Remove PGP-2 related cruft. 2014-11-13 12:01:42 +01:00
free-packet.c gpg: Remove cipher.h and put algo ids into a common file. 2014-01-29 20:35:05 +01:00
getkey.c gpg: Add dedicated error code for PGP-2 keys. 2015-01-22 14:39:31 +01:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: Fix buffering problem in --list-config. 2015-01-28 20:12:21 +01:00
gpg.h gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgv.c Add a hook to be called right after main. 2015-01-28 19:57:22 +01:00
helptext.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
import.c gpg: Add dedicated error code for PGP-2 keys. 2015-01-22 14:39:31 +01:00
kbnode.c gpg: Fix a missing LF in debug output. 2014-11-13 17:01:17 +01:00
keydb.c gpg: Prevent an invalid memory read using a garbled keyring. 2015-02-09 15:46:00 +01:00
keydb.h gpg: Fix informative printing of user ids. 2014-10-13 14:54:26 +02:00
keyedit.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
keygen.c gpg: Allow predefined names as answer to the keygen.algo prompt. 2015-01-28 09:12:36 +01:00
keyid.c gpg: Remove all support for v3 keys and always create v4-signatures. 2014-10-17 13:32:16 +02:00
keylist.c gpg: Improve skipping of PGP-2 keys. 2015-01-22 16:36:28 +01:00
keyring.c gpg: Prevent an invalid memory read using a garbled keyring. 2015-02-09 15:46:00 +01:00
keyring.h Decryption and signi via agent is now implemented. 2010-04-23 11:36:59 +00:00
keyserver-internal.h gpg: Remove unused args from a function. 2015-01-05 15:15:36 +01:00
keyserver.c gpg: Improve skipping of PGP-2 keys. 2015-01-22 16:36:28 +01:00
main.h gpg: Make the use of "--verify FILE" for detached sigs harder. 2014-11-13 17:39:31 +01:00
mainproc.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
Makefile.am w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
mdfilter.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
migrate.c gpg: Change wording of a migration error message. 2014-10-09 10:56:25 +02:00
misc.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
openfile.c gpg: Make the use of "--verify FILE" for detached sigs harder. 2014-11-13 17:39:31 +01:00
OPTIONS See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch 2000-07-31 08:04:16 +00:00
options.h gpg: Obsolete some keyserver helper options. 2014-12-08 15:14:35 +01:00
options.skel Change a couple of files to use abbreviated copyright notes. 2014-11-04 16:28:03 +01:00
packet.h gpg: Remove all support for v3 keys and always create v4-signatures. 2014-10-17 13:32:16 +02:00
parse-packet.c gpg: Fix a NULL-deref due to empty ring trust packets. 2015-02-09 10:31:31 +01:00
passphrase.c Comment typo fixes. 2014-11-19 10:47:57 +01:00
photoid.c gpg: New %U expando for the photo viewer. 2014-04-17 21:44:09 +02:00
photoid.h Decryption and signi via agent is now implemented. 2010-04-23 11:36:59 +00:00
pkclist.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
pkglue.c gpg: Fix memory leak in ECC encryption. 2014-09-08 18:25:06 +02:00
pkglue.h gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id. 2014-01-30 18:48:37 +01:00
plaintext.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
progress.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
pubkey-enc.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
pubring.asc See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch 2000-07-31 08:04:16 +00:00
revoke.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
rmd160.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
rmd160.h Add missing header file. 2008-12-12 08:54:50 +00:00
seckey-cert.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
server.c Remove support for the GPG_AGENT_INFO envvar. 2014-10-03 11:58:58 +02:00
seskey.c gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id. 2014-01-30 18:48:37 +01:00
sig-check.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
sign.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
signal.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
skclist.c gpg: Remove cipher.h and put algo ids into a common file. 2014-01-29 20:35:05 +01:00
t-rmd160.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
tdbdump.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
tdbio.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
tdbio.h gpg: Do not require a trustdb with --always-trust. 2014-03-07 10:44:27 +01:00
textfilter.c gpg: Remove all support for v3 keys and always create v4-signatures. 2014-10-17 13:32:16 +02:00
trust.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
trustdb.c gpg: Improve skipping of PGP-2 keys. 2015-01-22 16:36:28 +01:00
trustdb.h gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
verify.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
zlib-riscos.h include: Remove this directory. 2014-01-29 17:45:05 +01:00