[Pkg-gnupg-commit] [gnupg2] 06/42: gpg: Do not read from uninitialized memory with --list-packets.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch upstream
in repository gnupg2.

commit 4cf3cc6e3d48c8400466ca29c3f1c22ed2da6c2c
Author: Werner Koch <wk at gnupg.org>
Date:   Sun Nov 26 18:33:49 2017 +0100

    gpg: Do not read from uninitialized memory with --list-packets.
    
    * g10/parse-packet.c (parse_plaintext): Fill up the allocated NAME.
    --
    
    This actually does not harm because we merely display a buffer
    allocated by ourselves.  However, we better tell Valgrind about it so
    that we don't need to track this thing down ever again.
    
    Test using a corrupted literal data packet:
    
      echo cb 0a 75 ff 59 ae 90 d5  74 65 73 74 | \
        undump |\
        valgrind gpg --list-packets >/dev/null
    
    Reported-by: Sebastian Schinzel
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 g10/parse-packet.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 0b6ee8b..eee14f6 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -3087,6 +3087,12 @@ parse_plaintext (IOBUF inp, int pkttype, unsigned long pktlen,
 	else
 	  pt->name[i] = c;
     }
+  /* Fill up NAME so that a check with valgrind won't complain about
+   * reading from uninitalized memory.  This case may be triggred by
+   * corrupted packets.  */
+  for (; i < namelen; i++)
+    pt->name[i] = 0;
+
   pt->timestamp = read_32 (inp);
   if (pktlen)
     pktlen -= 4;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git