[Pkg-gnupg-commit] [gpgme] 83/103: Fix uid parsing for ldap keyserver
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Dec 14 18:53:07 UTC 2017
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gpgme.
commit 651b3d8207cc7d85699f89fc4c21cb1243453aa8
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Fri Dec 1 09:44:47 2017 +0100
Fix uid parsing for ldap keyserver
* src/engine-gpg.c (gpg_keylist_preprocess): Check field count
for uid and add fallback.
--
This fixes accessing unintialized memory and resulting
crashes in gpgrt_asprintf.
GnuPG-Bug-Id: T3550
---
src/engine-gpg.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 5ce04f0..bfe7d13 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -2594,6 +2594,9 @@ gpg_keylist_preprocess (char *line, char **r_line)
as defined in 5.2. Machine Readable Indexes of the OpenPGP
HTTP Keyserver Protocol (draft).
+ For an ldap keyserver the format is:
+ uid:<escaped uid string>
+
We want:
uid:o<flags>::::<creatdate>:<expdate>:::<c-coded uid>:
*/
@@ -2635,9 +2638,17 @@ gpg_keylist_preprocess (char *line, char **r_line)
}
*dst = '\0';
- if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
- field[4], field[2], field[3], uid) < 0)
- return gpg_error_from_syserror ();
+ if (fields < 4)
+ {
+ if (gpgrt_asprintf (r_line, "uid:o::::::::%s:", uid) < 0)
+ return gpg_error_from_syserror ();
+ }
+ else
+ {
+ if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
+ field[4], field[2], field[3], uid) < 0)
+ return gpg_error_from_syserror ();
+ }
}
return 0;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gpgme.git
More information about the Pkg-gnupg-commit
mailing list