[Pkg-gnupg-commit] [gnupg2] 12/124: gpg: Fix possible segv when attribute packets are filtered.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Apr 5 15:55:27 UTC 2017 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit 5f6f3f5cae8a95ed469129f9677782c17951dab3
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Mar 3 09:50:40 2017 +0100

    gpg: Fix possible segv when attribute packets are filtered.
    
    * g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as
    PKT_USER_ID
    (apply_drop_sig_filter): Ditto.
    --
    
    The old code was plainly wrong in that it considered PKT_ATTRIBUTE to
    use a PKT_signature object.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 g10/import.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/g10/import.c b/g10/import.c
index 9fd16c8..6383d70 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1173,7 +1173,8 @@ impex_filter_getval (void *cookie, const char *propname)
   static char numbuf[20];
   const char *result;
 
-  if (node->pkt->pkttype == PKT_USER_ID)
+  if (node->pkt->pkttype == PKT_USER_ID
+      || node->pkt->pkttype == PKT_ATTRIBUTE)
     {
       PKT_user_id *uid = node->pkt->pkt.user_id;
 
@@ -1202,8 +1203,7 @@ impex_filter_getval (void *cookie, const char *propname)
       else
         result = NULL;
     }
-  else if (node->pkt->pkttype == PKT_SIGNATURE
-           || node->pkt->pkttype == PKT_ATTRIBUTE)
+  else if (node->pkt->pkttype == PKT_SIGNATURE)
     {
       PKT_signature *sig = node->pkt->pkt.signature;
 
@@ -1340,12 +1340,12 @@ apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
       if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
           || node->pkt->pkttype == PKT_SECRET_SUBKEY)
         break; /* ready.  */
-      if (node->pkt->pkttype == PKT_USER_ID)
+      if (node->pkt->pkttype == PKT_USER_ID
+          || node->pkt->pkttype == PKT_ATTRIBUTE)
         active = 1;
       if (!active)
         continue;
-      if (node->pkt->pkttype != PKT_SIGNATURE
-          && node->pkt->pkttype != PKT_ATTRIBUTE)
+      if (node->pkt->pkttype != PKT_SIGNATURE)
         continue;
 
       sig = node->pkt->pkt.signature;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list