[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.7-13-g054a187

by Werner Koch cvs at cvs.gnupg.org
Wed Jun 6 15:58:31 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-2-2 has been updated
       via  054a187f24b19313cec59414fa924640e1b8c79c (commit)
      from  dc87a3341f28ddac1113e90a3861d062be2610e2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 054a187f24b19313cec59414fa924640e1b8c79c
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Jun 6 15:46:24 2018 +0200

    gpg: Also detect a plaintext packet before an encrypted packet.
    
    * g10/mainproc.c (proc_encrypted): Print warning and later force an
    error.
    --
    
    Note that when this error is triggered the plaintext from the literal
    data packet has already been outputted before the BEGIN_DECRYPTION
    status line.  We fail only later to get more information.  Callers
    need to check and act upon the decryption error code anyway.
    
    Thanks to Marcus for pointing out this case.
    
    GnuPG-bug-id: 4000
    Signed-off-by: Werner Koch <wk at gnupg.org>
    (cherry picked from commit 344b548dc71657d0285d93f78f17a2663b5e586f)

diff --git a/g10/mainproc.c b/g10/mainproc.c
index e3be894..116b72a 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -532,6 +532,14 @@ static void
 proc_encrypted (CTX c, PACKET *pkt)
 {
   int result = 0;
+  int early_plaintext = literals_seen;
+
+  if (early_plaintext)
+    {
+      log_info (_("WARNING: multiple plaintexts seen\n"));
+      write_status_errcode ("decryption.early_plaintext", GPG_ERR_BAD_DATA);
+      /* We fail only later so that we can print some more info first.  */
+    }
 
   if (!opt.quiet)
     {
@@ -651,6 +659,10 @@ proc_encrypted (CTX c, PACKET *pkt)
   if (!result)
     result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek );
 
+  /* Trigger the deferred error.  */
+  if (!result && early_plaintext)
+    result = gpg_error (GPG_ERR_BAD_DATA);
+
   if (result == -1)
     ;
   else if (!result

-----------------------------------------------------------------------

Summary of changes:
 g10/mainproc.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list