diff options
| author | Neal H. Walfield <[email protected]> | 2015-08-18 08:33:06 +0000 |
|---|---|---|
| committer | Neal H. Walfield <[email protected]> | 2015-08-20 12:16:28 +0000 |
| commit | c271feb53664dbf2b4ccbae90a31b8e726481e2d (patch) | |
| tree | 39e4942634ed19181adf1ebaf3393312cf5b5b4a /g10/parse-packet.c | |
| parent | common/iobuf.c: Make control flow more obvious. (diff) | |
| download | gnupg-c271feb53664dbf2b4ccbae90a31b8e726481e2d.tar.gz gnupg-c271feb53664dbf2b4ccbae90a31b8e726481e2d.zip | |
g10/parse-packet.c:mpi_read: Detect EOF and correct boundary conditions.
* g10/parse-packet.c (mpi_read): Improve documentation. Correctly
handle an EOF. On overflow, correctly return the number of bytes read
from the pipeline.
--
Signed-off-by: Neal H. Walfield <[email protected]>.
Diffstat (limited to 'g10/parse-packet.c')
| -rw-r--r-- | g10/parse-packet.c | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 478612a49..1391be4cf 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -2,6 +2,7 @@ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, * 2007, 2009, 2010 Free Software Foundation, Inc. * Copyright (C) 2014 Werner Koch + * Copyright (C) 2015 g10 Code GmbH * * This file is part of GnuPG. * @@ -109,11 +110,18 @@ read_32 (IOBUF inp) } -/* Read an external representation of an mpi and return the MPI. The - * external format is a 16 bit unsigned value stored in network byte - * order, giving the number of bits for the following integer. The - * integer is stored with MSB first (left padded with zero bits to align - * on a byte boundary). */ +/* Read an external representation of an MPI and return the MPI. The + external format is a 16-bit unsigned value stored in network byte + order giving the number of bits for the following integer. The + integer is stored MSB first and is left padded with zero bits to + align on a byte boundary. + + The caller must set *RET_NREAD to the maximum number of bytes to + read from the pipeline INP. This function sets *RET_NREAD to be + the number of bytes actually read from the pipeline. + + If SECURE is true, the integer is stored in secure memory + (allocated using gcry_xmalloc_secure). */ static gcry_mpi_t mpi_read (iobuf_t inp, unsigned int *ret_nread, int secure) { @@ -150,10 +158,15 @@ mpi_read (iobuf_t inp, unsigned int *ret_nread, int secure) p[1] = c2; for (i = 0; i < nbytes; i++) { - p[i + 2] = iobuf_get (inp) & 0xff; if (nread == nmax) - goto overflow; - nread++; + goto overflow; + + c = iobuf_get (inp); + if (c == -1) + goto leave; + + p[i + 2] = c; + nread ++; } if (gcry_mpi_scan (&a, GCRYMPI_FMT_PGP, buf, nread, &nread)) |