diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 12 | ||||
| -rw-r--r-- | g10/import.c | 8 | ||||
| -rw-r--r-- | g10/keygen.c | 2 | ||||
| -rw-r--r-- | g10/parse-packet.c | 20 | ||||
| -rw-r--r-- | g10/pkclist.c | 2 |
5 files changed, 35 insertions, 9 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 2765ec94a..3ab05117f 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,15 @@ +2006-07-26 Werner Koch <[email protected]> + + * keygen.c (gen_card_key_with_backup): Initialize sk_{un}protected. + + * import.c (import): Init KEYBLOCK. + + * pkclist.c (edit_ownertrust): Intialize trust to avoid ggc + warning. + + * parse-packet.c (parse_comment): Cap comments at 65k. + (parse_gpg_control): Skip too large control packets. + 2006-06-28 David Shaw <[email protected]> * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): diff --git a/g10/import.c b/g10/import.c index 6e581cfab..e2ad0e314 100644 --- a/g10/import.c +++ b/g10/import.c @@ -243,7 +243,7 @@ import( IOBUF inp, const char* fname,struct stats_s *stats, unsigned char **fpr,size_t *fpr_len,unsigned int options ) { PACKET *pending_pkt = NULL; - KBNODE keyblock; + KBNODE keyblock = NULL; int rc = 0; getkey_disable_caches(); @@ -566,10 +566,8 @@ check_prefs_warning(PKT_public_key *pk) log_info(_("WARNING: key %s contains preferences for unavailable\n"), keystr_from_pk(pk)); /* TRANSLATORS: This string is belongs to the previous one. They are - only split up to allow printing of a common prefix. The - check_prefs_warning tag is a hack to make this string unique. */ - log_info(_(" algorithms on these user IDs:\n" - "\0" "check_prefs_warning")); + only split up to allow printing of a common prefix. */ + log_info(_(" algorithms on these user IDs:\n")); } static void diff --git a/g10/keygen.c b/g10/keygen.c index fdc5ea2b2..620274aef 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -3495,6 +3495,8 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary, size_t n; int i; + sk_unprotected = NULL; + sk_protected = NULL; rc = generate_raw_key (algo, 1024, make_timestamp (), &sk_unprotected, &sk_protected); if (rc) diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 29565df07..363ade99f 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -2088,6 +2088,16 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet ) { byte *p; + /* Cap comment packet at a reasonable value to avoid an integer + overflow in the malloc below. Comment packets are actually not + anymore define my OpenPGP and we even stopped to use our + private comment packet. */ + if (pktlen>65536) + { + log_error ("packet(%d) too large\n", pkttype); + iobuf_skip_rest (inp, pktlen, 0); + return G10ERR_INVALID_PACKET; + } packet->pkt.comment = xmalloc(sizeof *packet->pkt.comment + pktlen - 1); packet->pkt.comment->len = pktlen; p = packet->pkt.comment->data; @@ -2097,7 +2107,7 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet ) if( list_mode ) { int n = packet->pkt.comment->len; fprintf (listfp, ":%scomment packet: \"", pkttype == PKT_OLD_COMMENT? - "OpenPGP draft " : "" ); + "OpenPGP draft " : "GnuPG " ); for(p=packet->pkt.comment->data; n; p++, n-- ) { if( *p >= ' ' && *p <= 'z' ) putc (*p, listfp); @@ -2161,6 +2171,7 @@ parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen, } mode = iobuf_get_noeof(inp); if( pktlen ) pktlen--; namelen = iobuf_get_noeof(inp); if( pktlen ) pktlen--; + /* Note that namelen will never exceeds 255 byte. */ pt = pkt->pkt.plaintext = xmalloc(sizeof *pkt->pkt.plaintext + namelen -1); pt->new_ctb = new_ctb; pt->mode = mode; @@ -2311,10 +2322,10 @@ parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen, /* - * This packet is internally generated by PGG (by armor.c) to + * This packet is internally generated by GPG (by armor.c) to * transfer some information to the lower layer. To make sure that * this packet is really a GPG faked one and not one comming from outside, - * we first check that tehre is a unique tag in it. + * we first check that there is a unique tag in it. * The format of such a control packet is: * n byte session marker * 1 byte control type CTRLPKT_xxxxx @@ -2340,6 +2351,9 @@ parse_gpg_control( IOBUF inp, int pkttype, if ( sesmark[i] != iobuf_get_noeof(inp) ) goto skipit; } + if (pktlen > 4096) + goto skipit; /* Definitely too large. We skip it to avoid an + overflow in the malloc. */ if ( list_mode ) puts ("- gpg control packet"); diff --git a/g10/pkclist.c b/g10/pkclist.c index cae60b209..4c0ffd779 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -363,7 +363,7 @@ do_edit_ownertrust (PKT_public_key *pk, int mode, int edit_ownertrust (PKT_public_key *pk, int mode ) { - unsigned int trust; + unsigned int trust = 0; /* Needs to be initialized to avoid gcc warning. */ int no_help = 0; for(;;) |