[Pkg-gnupg-commit] [gnupg2] 43/102: gpg: Do not abort on certain invalid packets.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jun 17 00:14:53 UTC 2016 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit d837f6b0eadb14ea08c1c6030b4d6adaaee8778e
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Jun 2 15:14:49 2016 +0200

    gpg: Do not abort on certain invalid packets.
    
    * g10/build-packet.c (write_fake_data): Check for non-opaque data.
    * g10/seskey.c (do_encode_md): Return NULL instead of abort.
    --
    
    The first may happen if the usage flags of an algorithm do not match
    the allowed usage.  When writing a backsig this would lead to a
    log_bug in libgcrypt due to the use of a regular MPI as opaque data.
    
    The second may happen with all kind of invalid data.  It is easy to
    avoid an abort, though.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 g10/build-packet.c | 2 ++
 g10/seskey.c       | 9 ++++++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/g10/build-packet.c b/g10/build-packet.c
index 1353a86..2745734 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -301,6 +301,8 @@ write_fake_data (IOBUF out, gcry_mpi_t a)
 
   if (!a)
     return 0;
+  if (!gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
+    return 0; /* e.g. due to generating a key with wrong usage.  */
   p = gcry_mpi_get_opaque ( a, &n);
   if (!p)
     return 0; /* For example due to a read error in
diff --git a/g10/seskey.c b/g10/seskey.c
index c41a145..e5385af 100644
--- a/g10/seskey.c
+++ b/g10/seskey.c
@@ -211,9 +211,12 @@ do_encode_md( gcry_md_hd_t md, int algo, size_t len, unsigned nbits,
     int i,n;
     gcry_mpi_t a;
 
-    if( len + asnlen + 4  > nframe )
-      log_bug ("can't encode a %d bit MD into a %d bits frame, algo=%d\n",
-               (int)(len*8), (int)nbits, algo);
+    if (len + asnlen + 4  > nframe)
+      {
+        log_error ("can't encode a %d bit MD into a %d bits frame, algo=%d\n",
+                   (int)(len*8), (int)nbits, algo);
+        return NULL;
+      }
 
     /* We encode the MD in this way:
      *

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list