[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.8-20-gcb6b925
by Werner Koch
cvs at cvs.gnupg.org
Wed Jul 4 10:18:59 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via cb6b925f94b42c91fe8a7ed8bb22d98984538efc (commit)
via 5b47b4613221b1fd38af3281a8cf71d78adf4de8 (commit)
from ef50fdf82a459894ed3da7b9be83f89658f1eaba (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cb6b925f94b42c91fe8a7ed8bb22d98984538efc
Author: Werner Koch <wk at gnupg.org>
Date: Wed Jul 4 09:53:10 2018 +0200
gpg: Ignore too large user ids during import.
* g10/import.c (read_block): Add special treatment for bad user ids
and comment packets.
--
See
GnuPG-bug-id: 4022
for an example of a bogus user id.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 01cd66f9faf1623833e6afac84164de5a136ecff)
diff --git a/g10/import.c b/g10/import.c
index 6fadf44..b43060d 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -780,7 +780,7 @@ read_block( IOBUF a, int with_meta,
struct parse_packet_ctx_s parsectx;
PACKET *pkt;
kbnode_t root = NULL;
- int in_cert, in_v3key;
+ int in_cert, in_v3key, skip_sigs;
*r_v3keys = 0;
@@ -799,6 +799,7 @@ read_block( IOBUF a, int with_meta,
if (!with_meta)
parsectx.skip_meta = 1;
in_v3key = 0;
+ skip_sigs = 0;
while ((rc=parse_packet (&parsectx, pkt)) != -1)
{
if (rc && (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY
@@ -813,8 +814,25 @@ read_block( IOBUF a, int with_meta,
}
else if (rc ) /* (ignore errors) */
{
+ skip_sigs = 0;
if (gpg_err_code (rc) == GPG_ERR_UNKNOWN_PACKET)
; /* Do not show a diagnostic. */
+ else if (gpg_err_code (rc) == GPG_ERR_INV_PACKET
+ && (pkt->pkttype == PKT_USER_ID
+ || pkt->pkttype == PKT_ATTRIBUTE))
+ {
+ /* This indicates a too large user id or attribute
+ * packet. We skip this packet and all following
+ * signatures. Sure, this won't allow to repair a
+ * garbled keyring in case one of the signatures belong
+ * to another user id. However, this better mitigates
+ * DoS using inserted user ids. */
+ skip_sigs = 1;
+ }
+ else if (gpg_err_code (rc) == GPG_ERR_INV_PACKET
+ && (pkt->pkttype == PKT_OLD_COMMENT
+ || pkt->pkttype == PKT_COMMENT))
+ ; /* Ignore too large comment packets. */
else
{
log_error("read_block: read error: %s\n", gpg_strerror (rc) );
@@ -826,6 +844,17 @@ read_block( IOBUF a, int with_meta,
continue;
}
+ if (skip_sigs)
+ {
+ if (pkt->pkttype == PKT_SIGNATURE)
+ {
+ free_packet (pkt, &parsectx);
+ init_packet (pkt);
+ continue;
+ }
+ skip_sigs = 0;
+ }
+
if (in_v3key && !(pkt->pkttype == PKT_PUBLIC_KEY
|| pkt->pkttype == PKT_SECRET_KEY))
{
commit 5b47b4613221b1fd38af3281a8cf71d78adf4de8
Author: Werner Koch <wk at gnupg.org>
Date: Wed Jul 4 09:45:52 2018 +0200
indent: Fix indentation of read_block in g10/import.c
--
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 60e7e102a153a246d7e887a64e30dbb4c4f7b6dd)
diff --git a/g10/import.c b/g10/import.c
index 49381d4..6fadf44 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -826,76 +826,77 @@ read_block( IOBUF a, int with_meta,
continue;
}
- if (in_v3key && !(pkt->pkttype == PKT_PUBLIC_KEY
- || pkt->pkttype == PKT_SECRET_KEY))
- {
- free_packet (pkt, &parsectx);
- init_packet(pkt);
- continue;
- }
- in_v3key = 0;
+ if (in_v3key && !(pkt->pkttype == PKT_PUBLIC_KEY
+ || pkt->pkttype == PKT_SECRET_KEY))
+ {
+ free_packet (pkt, &parsectx);
+ init_packet(pkt);
+ continue;
+ }
+ in_v3key = 0;
- if (!root && pkt->pkttype == PKT_SIGNATURE
- && IS_KEY_REV (pkt->pkt.signature) )
- {
- /* This is a revocation certificate which is handled in a
- * special way. */
- root = new_kbnode( pkt );
- pkt = NULL;
- goto ready;
- }
+ if (!root && pkt->pkttype == PKT_SIGNATURE
+ && IS_KEY_REV (pkt->pkt.signature) )
+ {
+ /* This is a revocation certificate which is handled in a
+ * special way. */
+ root = new_kbnode( pkt );
+ pkt = NULL;
+ goto ready;
+ }
- /* Make a linked list of all packets. */
- switch (pkt->pkttype)
- {
- case PKT_COMPRESSED:
- if (check_compress_algo (pkt->pkt.compressed->algorithm))
- {
- rc = GPG_ERR_COMPR_ALGO;
- goto ready;
- }
- else
- {
- compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
- pkt->pkt.compressed->buf = NULL;
- if (push_compress_filter2 (a, cfx,
- pkt->pkt.compressed->algorithm, 1))
- xfree (cfx); /* e.g. in case of compression_algo NONE. */
- }
- free_packet (pkt, &parsectx);
- init_packet(pkt);
- break;
+ /* Make a linked list of all packets. */
+ switch (pkt->pkttype)
+ {
+ case PKT_COMPRESSED:
+ if (check_compress_algo (pkt->pkt.compressed->algorithm))
+ {
+ rc = GPG_ERR_COMPR_ALGO;
+ goto ready;
+ }
+ else
+ {
+ compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
+ pkt->pkt.compressed->buf = NULL;
+ if (push_compress_filter2 (a, cfx,
+ pkt->pkt.compressed->algorithm, 1))
+ xfree (cfx); /* e.g. in case of compression_algo NONE. */
+ }
+ free_packet (pkt, &parsectx);
+ init_packet(pkt);
+ break;
- case PKT_RING_TRUST:
- /* Skip those packets unless we are in restore mode. */
- if ((opt.import_options & IMPORT_RESTORE))
- goto x_default;
- free_packet (pkt, &parsectx);
- init_packet(pkt);
- break;
+ case PKT_RING_TRUST:
+ /* Skip those packets unless we are in restore mode. */
+ if ((opt.import_options & IMPORT_RESTORE))
+ goto x_default;
+ free_packet (pkt, &parsectx);
+ init_packet(pkt);
+ break;
- case PKT_PUBLIC_KEY:
- case PKT_SECRET_KEY:
- if (in_cert ) /* Store this packet. */
- {
- *pending_pkt = pkt;
- pkt = NULL;
- goto ready;
- }
- in_cert = 1; /* fall through */
- default:
- x_default:
- if (in_cert && valid_keyblock_packet (pkt->pkttype))
- {
- if (!root )
- root = new_kbnode (pkt);
- else
- add_kbnode (root, new_kbnode (pkt));
- pkt = xmalloc (sizeof *pkt);
- }
- init_packet(pkt);
- break;
- }
+ case PKT_PUBLIC_KEY:
+ case PKT_SECRET_KEY:
+ if (in_cert ) /* Store this packet. */
+ {
+ *pending_pkt = pkt;
+ pkt = NULL;
+ goto ready;
+ }
+ in_cert = 1;
+ /* fall through */
+ default:
+ x_default:
+ if (in_cert && valid_keyblock_packet (pkt->pkttype))
+ {
+ if (!root )
+ root = new_kbnode (pkt);
+ else
+ add_kbnode (root, new_kbnode (pkt));
+ pkt = xmalloc (sizeof *pkt);
+ }
+ init_packet(pkt);
+ break;
+ }
}
ready:
-----------------------------------------------------------------------
Summary of changes:
g10/import.c | 164 +++++++++++++++++++++++++++++++++++------------------------
1 file changed, 97 insertions(+), 67 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list