[Pkg-gnupg-commit] [gnupg2] 221/241: scd: Another fix for Curve25519 prefix handling.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Dec 9 20:32:20 UTC 2015 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit e28f2e7a2f265af8bbdb4979e9679b4396dccdd5
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Dec 3 13:46:03 2015 +0100

    scd: Another fix for Curve25519 prefix handling.
    
    * scd/app-openpgp.c (do_decipher): Check 0x02 also for 16+1 byte long
    INDATA.
    (do_decipher): Fix integer arithmetic in void pointer.
    (do_decipher): Add missing memcpy.
    --
    
    I have not tested this fix but it is obvious.
    
    Fixes-commit: 11b2691eddc42e91651e4f95dd2731255a3e9211
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 scd/app-openpgp.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index ed1bce6..f8e1460 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -4114,10 +4114,12 @@ do_decipher (app_t app, const char *keyidstr,
   if (rc)
     return rc;
 
-  if (indatalen == 16 + 1 || indatalen == 32 + 1
+  if ((indatalen == 16 + 1 || indatalen == 32 + 1)
       && ((char *)indata)[0] == 0x02)
-    /* PSO:DECIPHER with symmetric key.  */
-    padind = -1;
+    {
+      /* PSO:DECIPHER with symmetric key.  */
+      padind = -1;
+    }
   else if (app->app_local->keyattr[1].key_type == KEY_TYPE_RSA)
     {
       /* We might encounter a couple of leading zeroes in the
@@ -4179,7 +4181,7 @@ do_decipher (app_t app, const char *keyidstr,
            * Skip the prefix.  It may be 0x40 (in new format), or MPI
            * head of 0x00 (in old format).
            */
-          indata++;
+          indata = (const char *)indata + 1;
           indatalen--;
         }
 
@@ -4231,9 +4233,10 @@ do_decipher (app_t app, const char *keyidstr,
           xfree (outdata);
           return gpg_error_from_syserror ();
         }
+      fixbuf[0] = 0x40;
+      memcpy (fixbuf+1, *outdata, *outdatalen);
       xfree (outdata);
-      outdata = fixbuf;
-      outdata[0] = 0x40;
+      *outdata = fixbuf;
       *outdatalen = *outdatalen + 1;
     }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list