diff options
| author | Werner Koch <[email protected]> | 2019-05-28 10:13:27 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-05-28 10:27:52 +0000 |
| commit | a2a90717466a88756bbdc6b11577cfee061fc1a8 (patch) | |
| tree | e692b229883e8841f1887fc0b72818fa0c6ec437 | |
| parent | agent: Remove unused agent_show_message. (diff) | |
| download | gnupg-a2a90717466a88756bbdc6b11577cfee061fc1a8.tar.gz gnupg-a2a90717466a88756bbdc6b11577cfee061fc1a8.zip | |
agent: Make an MD encoding function more robust.
* agent/pksign.c (do_encode_md): Use ascii_tolower and avoid
uninitalized TMP in the error case.
--
This is just in case libgcrypt ever returns an algorithm name longer
than 15 bytes.
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | agent/pksign.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/agent/pksign.c b/agent/pksign.c index d9519d1bd..4a43b09de 100644 --- a/agent/pksign.c +++ b/agent/pksign.c @@ -44,16 +44,21 @@ do_encode_md (const byte * md, size_t mdlen, int algo, gcry_sexp_t * r_hash, int i; s = gcry_md_algo_name (algo); - if (s && strlen (s) < 16) + if (!s || strlen (s) >= 16) + { + hash = NULL; + rc = gpg_error (GPG_ERR_DIGEST_ALGO); + } + else { - for (i=0; i < strlen (s); i++) - tmp[i] = tolower (s[i]); + for (i=0; s[i]; i++) + tmp[i] = ascii_tolower (s[i]); tmp[i] = '\0'; - } - rc = gcry_sexp_build (&hash, NULL, - "(data (flags pkcs1) (hash %s %b))", - tmp, (int)mdlen, md); + rc = gcry_sexp_build (&hash, NULL, + "(data (flags pkcs1) (hash %s %b))", + tmp, (int)mdlen, md); + } } else { |