[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-120-gf0b33b6

by Werner Koch cvs at cvs.gnupg.org
Thu Dec 20 14:56:24 CET 2012 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  f0b33b6fb8e0586e9584a7a409dcc31263776a67 (commit)
      from  d61f7402f2b0f6dd288e403ed9408fd65e617f85 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit f0b33b6fb8e0586e9584a7a409dcc31263776a67
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Dec 20 09:43:41 2012 +0100

    gpg: Import only packets which are allowed in a keyblock.
    
    * g10/import.c (valid_keyblock_packet): New.
    (read_block): Store only valid packets.
    --
    
    A corrupted key, which for example included a mangled public key
    encrypted packet, used to corrupt the keyring.  This change skips all
    packets which are not allowed in a keyblock.
    
    GnuPG-bug-id: 1455
    
    (cherry-picked from commit f795a0d59e197455f8723c300eebf59e09853efa)

diff --git a/g10/import.c b/g10/import.c
index bfe02eb..a57b32e 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -384,6 +384,27 @@ import_print_stats (void *hd)
 }
 
 
+/* Return true if PKTTYPE is valid in a keyblock.  */
+static int
+valid_keyblock_packet (int pkttype)
+{
+  switch (pkttype)
+    {
+    case PKT_PUBLIC_KEY:
+    case PKT_PUBLIC_SUBKEY:
+    case PKT_SECRET_KEY:
+    case PKT_SECRET_SUBKEY:
+    case PKT_SIGNATURE:
+    case PKT_USER_ID:
+    case PKT_ATTRIBUTE:
+    case PKT_RING_TRUST:
+      return 1;
+    default:
+      return 0;
+    }
+}
+
+
 /****************
  * Read the next keyblock from stream A.
  * PENDING_PKT should be initialzed to NULL
@@ -461,7 +482,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
 	    }
 	    in_cert = 1;
 	  default:
-	    if( in_cert ) {
+	    if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
 		if( !root )
 		    root = new_kbnode( pkt );
 		else

-----------------------------------------------------------------------

Summary of changes:
 g10/import.c |   23 ++++++++++++++++++++++-
 1 files changed, 22 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list