[Pkg-gnupg-commit] [gnupg2] 22/159: gpg: Fix buffer overflow.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 27 13:23:50 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 1605e34fc365edd473aac15c9b4e5aadc1d95cf5
Author: Neal H. Walfield <neal at g10code.com>
Date: Fri Dec 11 14:40:23 2015 +0100
gpg: Fix buffer overflow.
* g10/keydb.c (keydb_search_desc_dump): Fix buffer overflow.
--
Signed-off-by: Neal H. Walfield <neal at walfield.org>
Regression-due-to: 11ec478
Note: this buffer overflow will only occur if --debug=lookup is passed
to gpg and a search by fingerprint is done.
---
g10/keydb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/g10/keydb.c b/g10/keydb.c
index 97dfb5f..d7c35de 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -470,7 +470,7 @@ char *
keydb_search_desc_dump (struct keydb_search_desc *desc)
{
char b[MAX_FORMATTED_FINGERPRINT_LEN + 1];
- char fpr[MAX_FINGERPRINT_LEN + 1];
+ char fpr[2 * MAX_FINGERPRINT_LEN + 1];
switch (desc->mode)
{
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list