From 5512133de4e9bca2defb744e2b42e55b5487d72c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= Date: Wed, 2 Jun 2021 10:20:26 +0200 Subject: [PATCH] core: Fix a few checks for number of fields in keylist result parser. * src/keylist.c (keylist_colon_handler): Check for correct number of fields. -- This prevents NULL pointer dereferencing with older versions of gpg that may output less fields. --- src/keylist.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/keylist.c b/src/keylist.c index 42743f07..f2c90d20 100644 --- a/src/keylist.c +++ b/src/keylist.c @@ -734,7 +734,7 @@ keylist_colon_handler (void *priv, char *line) } /* Field 18 has the compliance flags. */ - if (fields >= 17 && *field[17]) + if (fields >= 18 && *field[17]) PARSE_COMPLIANCE_FLAGS (field[17], subkey); if (fields >= 20) @@ -817,7 +817,7 @@ keylist_colon_handler (void *priv, char *line) } /* Field 18 has the compliance flags. */ - if (fields >= 17 && *field[17]) + if (fields >= 18 && *field[17]) PARSE_COMPLIANCE_FLAGS (field[17], subkey); break; @@ -1015,7 +1015,7 @@ keylist_colon_handler (void *priv, char *line) return 0; assert (opd->tmp_keysig == key->_last_uid->_last_keysig); - if (fields >= 4) + if (fields >= 5) { /* Field 2 has the subpacket type. */ int type = atoi (field[1]);