From 4054d86abcb7ad953ed9e988b1765cb9266faefd Mon Sep 17 00:00:00 2001
From: Kyle Butt <kylebutt@gmail.com>
Date: Tue, 26 Aug 2014 14:11:47 -0700
Subject: gpg: Fix export of ecc secret keys by adjusting check ordering.

* g10/export.c (transfer_format_to_openpgp): Move the check against
PUBKEY_MAX_NSKEY to after the ECC code adjusts the number of
parameters.
---
 g10/export.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'g10')

diff --git a/g10/export.c b/g10/export.c
index 6a921c192..b4f1a2e4d 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -462,7 +462,7 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk)
   xfree (string); string = NULL;
   if (gcry_pk_algo_info (pk_algo, GCRYCTL_GET_ALGO_NPKEY, NULL, &npkey)
       || gcry_pk_algo_info (pk_algo, GCRYCTL_GET_ALGO_NSKEY, NULL, &nskey)
-      || !npkey || npkey >= nskey || nskey > PUBKEY_MAX_NSKEY)
+      || !npkey || npkey >= nskey)
     goto bad_seckey;
 
   /* Check that the pubkey algo matches the one from the public key.  */
@@ -503,6 +503,10 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk)
       goto leave;
     }
 
+  /* This check has to go after the ecc adjustments. */
+  if (nskey > PUBKEY_MAX_NSKEY)
+    goto bad_seckey;
+
   /* Parse the key parameters.  */
   gcry_sexp_release (list);
   list = gcry_sexp_find_token (top_list, "skey", 0);
-- 
cgit v1.2.3