[Sks-devel] Re: zero-length MPIs (was: Re: mpi error with
check-trustdb in 1.4.2 - resolved)
Jason Harris
jharris at widomaker.com
Fri Aug 12 02:22:43 CEST 2005
On Thu, Aug 11, 2005 at 09:54:59PM +0200, Peter Palfrader wrote:
> On Thu, 11 Aug 2005, Jason Harris wrote:
> > Fetching them from keyserver.kjsl.com is now possible with gnupg-1.4.2.
> > To patch pks, add this to the middle of decode_mpi() (in pgputil.c):
> >
> > /* skip packets with 0-length MPIs for GPG's benefit (gnupg-1.4.2) */
> > if (mpi->nbits == 0) {
> > return (0);
> > }
>
> can we do that in SKS too? please!
Try the patch below. 0x1A9537E7 is another offending key, and all eight
work now:
%gpg --recv 0xA0B3E88B 0xFC05DA69 0x0FCF6738 0xCC78C893 0x98FDE37C 0x74C9DE33 0x57023F00 0x1A9537E7
...
gpg: Total number processed: 8
gpg: unchanged: 8
===================================================================
RCS file: parsePGP.ml,v
retrieving revision 1.1
diff -u -r1.1 parsePGP.ml
--- parsePGP.ml 2005/08/12 00:03:16 1.1
+++ parsePGP.ml 2005/08/12 00:03:54
@@ -23,6 +23,7 @@
open Printf
exception Overlong_mpi
+exception Zerolen_mpi
exception Partial_body_length of int
(********************************************************)
@@ -109,6 +110,7 @@
try
let byte2 = cin#read_byte in
let length = (byte1 lsl 8) + byte2 in
+ if length <= 0 then raise Zerolen_mpi;
let data = cin#read_string
((length + 7)/8)
in
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 313 bytes
Desc: not available
Url : /pipermail/attachments/20050811/22dc97df/attachment.pgp
More information about the Gnupg-devel
mailing list