[Pkg-gnupg-commit] [gpgme] 83/103: Fix uid parsing for ldap keyserver

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gpgme.

commit 651b3d8207cc7d85699f89fc4c21cb1243453aa8
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Fri Dec 1 09:44:47 2017 +0100

    Fix uid parsing for ldap keyserver
    
    * src/engine-gpg.c (gpg_keylist_preprocess): Check field count
    for uid and add fallback.
    
    --
    This fixes accessing unintialized memory and resulting
    crashes in gpgrt_asprintf.
    
    GnuPG-Bug-Id: T3550
---
 src/engine-gpg.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 5ce04f0..bfe7d13 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -2594,6 +2594,9 @@ gpg_keylist_preprocess (char *line, char **r_line)
 	 as defined in 5.2. Machine Readable Indexes of the OpenPGP
 	 HTTP Keyserver Protocol (draft).
 
+         For an ldap keyserver the format is:
+         uid:<escaped uid string>
+
 	 We want:
 	 uid:o<flags>::::<creatdate>:<expdate>:::<c-coded uid>:
       */
@@ -2635,9 +2638,17 @@ gpg_keylist_preprocess (char *line, char **r_line)
 	  }
 	*dst = '\0';
 
-	if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
-		      field[4], field[2], field[3], uid) < 0)
-	  return gpg_error_from_syserror ();
+        if (fields < 4)
+          {
+            if (gpgrt_asprintf (r_line, "uid:o::::::::%s:", uid) < 0)
+              return gpg_error_from_syserror ();
+          }
+        else
+          {
+            if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
+                                field[4], field[2], field[3], uid) < 0)
+              return gpg_error_from_syserror ();
+          }
       }
       return 0;
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gpgme.git