[git] GnuPG - branch, master, updated. gnupg-2.1.2-4-g76c8122
by Werner Koch
cvs at cvs.gnupg.org
Thu Feb 19 16:31:21 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 76c8122adfed0f0f443cce7bda702ba2b39661b3 (commit)
from 07a71da479daaac43b8c5b1034a1e66f96bdbc48 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 76c8122adfed0f0f443cce7bda702ba2b39661b3
Author: Werner Koch <wk at gnupg.org>
Date: Thu Feb 19 16:29:58 2015 +0100
gpg: Fix segv due to NULL value stored as opaque MPI.
* g10/build-packet.c (gpg_mpi_write): Check for NULL return from
gcry_mpi_get_opaque.
(gpg_mpi_write_nohdr, do_key): Ditto.
* g10/keyid.c (hash_public_key): Ditto.
--
This fix extends commmit 0835d2f44ef62eab51fce6a927908f544e01cf8f.
gpg2 --export --no-default-keyring --keyring TESTDATA
With TESTDATA being below after unpacking.
-----BEGIN PGP ARMORED FILE-----
mBMEhdkMmS8BcX8F//8F5voEhQAQmBMEnAAAZwAAo4D/f/8EhQAAAIAEnP8EhQAQ
iBMEnP8AAAAABf8jIID///8EhQYQmBMEnIUAEIgTBKT/AAAAAAUAACCA/f//BIUA
EJgTBJx/AP8ABPPzBJx/AP8ABPPz
=2yE0
-----END PGP ARMORED FILE-----
Reported-by: Jodie Cunningham
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/build-packet.c b/g10/build-packet.c
index e44350e..557dffe 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -171,7 +171,7 @@ gpg_mpi_write (iobuf_t out, gcry_mpi_t a)
lenhdr[0] = nbits >> 8;
lenhdr[1] = nbits;
rc = iobuf_write (out, lenhdr, 2);
- if (!rc)
+ if (!rc && p)
rc = iobuf_write (out, p, (nbits+7)/8);
}
else
@@ -209,7 +209,7 @@ gpg_mpi_write_nohdr (iobuf_t out, gcry_mpi_t a)
const void *p;
p = gcry_mpi_get_opaque (a, &nbits);
- rc = iobuf_write (out, p, (nbits+7)/8);
+ rc = p ? iobuf_write (out, p, (nbits+7)/8) : 0;
}
else
rc = gpg_error (GPG_ERR_BAD_MPI);
@@ -393,7 +393,8 @@ do_key (iobuf_t out, int ctb, PKT_public_key *pk)
assert (gcry_mpi_get_flag (pk->pkey[npkey], GCRYMPI_FLAG_OPAQUE));
p = gcry_mpi_get_opaque (pk->pkey[npkey], &ndatabits);
- iobuf_write (a, p, (ndatabits+7)/8 );
+ if (p)
+ iobuf_write (a, p, (ndatabits+7)/8 );
}
else
{
diff --git a/g10/keyid.c b/g10/keyid.c
index 9f7b70f..a0571b0 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -179,7 +179,10 @@ hash_public_key (gcry_md_hd_t md, PKT_public_key *pk)
p = gcry_mpi_get_opaque (pk->pkey[i], &nbits);
pp[i] = xmalloc ((nbits+7)/8);
- memcpy (pp[i], p, (nbits+7)/8);
+ if (p)
+ memcpy (pp[i], p, (nbits+7)/8);
+ else
+ pp[i] = NULL;
nn[i] = (nbits+7)/8;
n += nn[i];
}
@@ -214,14 +217,18 @@ hash_public_key (gcry_md_hd_t md, PKT_public_key *pk)
if(npkey==0 && pk->pkey[0]
&& gcry_mpi_get_flag (pk->pkey[0], GCRYMPI_FLAG_OPAQUE))
{
- gcry_md_write (md, pp[0], nn[0]);
+ if (pp[0])
+ gcry_md_write (md, pp[0], nn[0]);
}
else
- for(i=0; i < npkey; i++ )
- {
- gcry_md_write ( md, pp[i], nn[i] );
- xfree(pp[i]);
- }
+ {
+ for(i=0; i < npkey; i++ )
+ {
+ if (pp[i])
+ gcry_md_write ( md, pp[i], nn[i] );
+ xfree(pp[i]);
+ }
+ }
}
-----------------------------------------------------------------------
Summary of changes:
g10/build-packet.c | 7 ++++---
g10/keyid.c | 21 ++++++++++++++-------
2 files changed, 18 insertions(+), 10 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list