[Pkg-gnupg-commit] [gnupg2] 111/160: g10: Fix out-of-bounds read.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch upstream
in repository gnupg2.

commit a6b87981f7ddef42b25703723162c647e312b125
Author: Justus Winter <justus at g10code.com>
Date:   Tue Jul 5 12:38:15 2016 +0200

    g10: Fix out-of-bounds read.
    
    * g10/armor.c (use_armor_filter): We need two bytes for 'is_armored'.
    
    Signed-off-by: Justus Winter <justus at g10code.com>
---
 g10/armor.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/g10/armor.c b/g10/armor.c
index fb74655..e4503b8 100644
--- a/g10/armor.c
+++ b/g10/armor.c
@@ -274,15 +274,17 @@ is_armored( const byte *buf )
 int
 use_armor_filter( IOBUF a )
 {
-    byte buf[1];
+    byte buf[2];
     int n;
 
     /* fixme: there might be a problem with iobuf_peek */
-    n = iobuf_peek(a, buf, 1 );
+    n = iobuf_peek (a, buf, 2);
     if( n == -1 )
 	return 0; /* EOF, doesn't matter whether armored or not */
     if( !n )
 	return 1; /* can't check it: try armored */
+    if (n != 2)
+	return 0; /* short buffer */
     return is_armored(buf);
 }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git