[git] GnuPG - branch, master, updated. gnupg-2.1.10-22-g1605e34

[by Neal H. Walfield]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  1605e34fc365edd473aac15c9b4e5aadc1d95cf5 (commit)
      from  25f0f053cd306200a6211b5cf397838a59835ee7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 1605e34fc365edd473aac15c9b4e5aadc1d95cf5
Author: Neal H. Walfield <neal at g10code.com>
Date:   Fri Dec 11 14:40:23 2015 +0100

    gpg: Fix buffer overflow.
    
    * g10/keydb.c (keydb_search_desc_dump): Fix buffer overflow.
    
    --
    Signed-off-by: Neal H. Walfield <neal at walfield.org>
    Regression-due-to: 11ec478
    
    Note: this buffer overflow will only occur if --debug=lookup is passed
    to gpg and a search by fingerprint is done.

diff --git a/g10/keydb.c b/g10/keydb.c
index 97dfb5f..d7c35de 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -470,7 +470,7 @@ char *
 keydb_search_desc_dump (struct keydb_search_desc *desc)
 {
   char b[MAX_FORMATTED_FINGERPRINT_LEN + 1];
-  char fpr[MAX_FINGERPRINT_LEN + 1];
+  char fpr[2 * MAX_FINGERPRINT_LEN + 1];
 
   switch (desc->mode)
     {

-----------------------------------------------------------------------

Summary of changes:
 g10/keydb.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org