[Pkg-gnupg-commit] [gnupg2] 27/30: import bugfix from upstream

Wed Sep 6 21:57:35 UTC 2017

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit 65013eaa5cfd0907f6a306b8faf12b2498a6381e
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Wed Sep 6 13:09:42 2017 -0400

    import bugfix from upstream
---
 .../patches/0013-scd-Fix-for-large-ECC-keys.patch  | 70 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 2 files changed, 71 insertions(+)

diff --git a/debian/patches/0013-scd-Fix-for-large-ECC-keys.patch b/debian/patches/0013-scd-Fix-for-large-ECC-keys.patch
new file mode 100644
index 0000000..33e819b
--- /dev/null
+++ b/debian/patches/0013-scd-Fix-for-large-ECC-keys.patch
@@ -0,0 +1,70 @@
+From: NIIBE Yutaka <gniibe at fsij.org>
+Date: Tue, 29 Aug 2017 14:35:47 +0900
+Subject: scd: Fix for large ECC keys.
+
+* scd/app-openpgp.c (do_decipher): Support larger length.
+
+--
+
+Reported-by: Achim Pietig <achim at pietig.com>
+Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
+---
+ scd/app-openpgp.c | 40 ++++++++++++++++++++++++++++++++--------
+ 1 file changed, 32 insertions(+), 8 deletions(-)
+
+diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
+index f9d07ac..6fcec3e 100644
+--- a/scd/app-openpgp.c
++++ b/scd/app-openpgp.c
+@@ -4575,19 +4575,43 @@ do_decipher (app_t app, const char *keyidstr,
+             }
+         }
+ 
+-      fixuplen = 7;
++      n = 0;
++      if (indatalen < 128)
++        fixuplen = 7;
++      else
++        fixuplen = 10;
++
+       fixbuf = xtrymalloc (fixuplen + indatalen);
+       if (!fixbuf)
+         return gpg_error_from_syserror ();
+ 
+       /* Build 'Cipher DO' */
+-      fixbuf[0] = '\xa6';
+-      fixbuf[1] = (char)(indatalen+5);
+-      fixbuf[2] = '\x7f';
+-      fixbuf[3] = '\x49';
+-      fixbuf[4] = (char)(indatalen+2);
+-      fixbuf[5] = '\x86';
+-      fixbuf[6] = (char)indatalen;
++      fixbuf[n++] = '\xa6';
++      if (indatalen < 128)
++        fixbuf[n++] = (char)(indatalen+5);
++      else
++        {
++          fixbuf[n++] = 0x81;
++          fixbuf[n++] = (char)(indatalen+7);
++        }
++      fixbuf[n++] = '\x7f';
++      fixbuf[n++] = '\x49';
++      if (indatalen < 128)
++        fixbuf[n++] = (char)(indatalen+2);
++      else
++        {
++          fixbuf[n++] = 0x81;
++          fixbuf[n++] = (char)(indatalen+3);
++        }
++      fixbuf[n++] = '\x86';
++      if (indatalen < 128)
++        fixbuf[n++] = (char)indatalen;
++      else
++        {
++          fixbuf[n++] = 0x81;
++          fixbuf[n++] = (char)indatalen;
++        }
++
+       if (old_format_len)
+         {
+           memset (fixbuf+fixuplen, 0, 32 - old_format_len);
diff --git a/debian/patches/series b/debian/patches/series
index ea6811b..c660008 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -10,3 +10,4 @@ gpg-agent-idling/0009-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
 gpg-agent-idling/0010-agent-Avoid-tight-timer-tick-when-possible.patch
 gpg-agent-idling/0011-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
 skip-missing-signing-keys/0013-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch
+0013-scd-Fix-for-large-ECC-keys.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

