[git] GnuPG - branch, master, updated. gnupg-2.2.7-187-g1b309d9
by NIIBE Yutaka
cvs at cvs.gnupg.org
Fri Aug 10 08:40:45 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 1b309d9f6199a91caa0ca0b97b92d599e00b736e (commit)
from e88f56f1937ac92f6a3b94e50b6db2649ec0be41 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1b309d9f6199a91caa0ca0b97b92d599e00b736e
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Aug 10 15:29:06 2018 +0900
g10: Fix undefined behavior when EOF in parsing packet for S2K.
* g10/parse-packet.c (parse_symkeyenc): Use iobuf_get_noeof.
(parse_key): Likewise.
--
When EOF comes at parsing s2k.count, it is possible the value will
be (unsigned long)-1. Then, the result of S2K_DECODE_COUNT will be
undefined. This patch fixes undefined behavior.
Reported-by: Philippe Antoine
GnuPG-bug-id: 4093
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index e933abf..0fa8be6 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -1186,7 +1186,7 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
}
if (s2kmode == 3)
{
- k->s2k.count = iobuf_get (inp);
+ k->s2k.count = iobuf_get_noeof (inp);
pktlen--;
}
k->seskeylen = seskeylen;
@@ -2528,7 +2528,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
err = gpg_error (GPG_ERR_INV_PACKET);
goto leave;
}
- ski->s2k.count = iobuf_get (inp);
+ ski->s2k.count = iobuf_get_noeof (inp);
pktlen--;
if (list_mode)
es_fprintf (listfp, "\tprotect count: %lu (%lu)\n",
-----------------------------------------------------------------------
Summary of changes:
g10/parse-packet.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list