From 25036ec6abbc0c9d0003dcfe227724038c35a304 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 14 May 2014 16:32:49 +0200
Subject: gpg: Fix uninitialized access to search descindex with gpg keyboxes.

* kbx/keybox-search.c (keybox_search): Add arg  R_DESCINDEX.  Chnage
both callers.
* g10/keydb.c (keydb_search): Always set DESCINDEX.
--

This only affects the new keybox for OpenPGP keys in 2.1.  The bug
exhibited itself by running GPA's backup command on Windows.
---
 kbx/keybox-search.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'kbx/keybox-search.c')

diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 798079488..ba284f9b5 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -720,7 +720,8 @@ keybox_search_reset (KEYBOX_HANDLE hd)
 /* Note: When in ephemeral mode the search function does visit all
    blobs but in standard mode, blobs flagged as ephemeral are ignored.  */
 int
-keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
+keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
+               size_t *r_descindex)
 {
   int rc;
   size_t n;
@@ -945,6 +946,10 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
 	}
       continue;
     found:
+      /* Record which DESC we matched on.  Note this value is only
+	 meaningful if this function returns with no errors. */
+      if(r_descindex)
+	*r_descindex = n;
       for (n=any_skip?0:ndesc; n < ndesc; n++)
         {
 /*            if (desc[n].skipfnc */
-- 
cgit v1.2.3