gpg: Avoid using an uninitialized SALT on premature EOF.

* g10/parse-packet.c (parse_key): Check for premature end of salt. -- This has no security implications because an arbitrary salt could have also been inset by an attacker. Signed-off-by: Werner Koch <[email protected]>
author: Werner Koch <[email protected]> 2016-01-06 07:48:44 +0000
committer: Werner Koch <[email protected]> 2016-01-06 07:48:44 +0000
commit: 85cc7449fb00ac85b0c2eecd22bd38b23f33edf5 (patch)
tree: 469e086128ff9e4a660be5636b9f75b30d71774a /g10/parse-packet.c
parent: gpg: Silence warnings found by static analyzer. (diff)
download: gnupg-85cc7449fb00ac85b0c2eecd22bd38b23f33edf5.tar.gz
gnupg-85cc7449fb00ac85b0c2eecd22bd38b23f33edf5.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index b0c6ee513..38cd8c9c8 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2313,6 +2313,11 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
 		case 3:
 		  for (i = 0; i < 8 && pktlen; i++, pktlen--)
 		    temp[i] = iobuf_get_noeof (inp);
+                  if (i < 8)
+                    {
+		      err = gpg_error (GPG_ERR_INV_PACKET);
+		      goto leave;
+                    }
 		  memcpy (ski->s2k.salt, temp, 8);
 		  break;
 		}
author	Werner Koch <[email protected]>	2016-01-06 07:48:44 +0000
committer	Werner Koch <[email protected]>	2016-01-06 07:48:44 +0000
commit	85cc7449fb00ac85b0c2eecd22bd38b23f33edf5 (patch)
tree	469e086128ff9e4a660be5636b9f75b30d71774a /g10/parse-packet.c
parent	gpg: Silence warnings found by static analyzer. (diff)
download	gnupg-85cc7449fb00ac85b0c2eecd22bd38b23f33edf5.tar.gz gnupg-85cc7449fb00ac85b0c2eecd22bd38b23f33edf5.zip