diff options
| author | Werner Koch <[email protected]> | 2016-06-02 13:14:49 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2016-06-02 13:57:59 +0000 |
| commit | d837f6b0eadb14ea08c1c6030b4d6adaaee8778e (patch) | |
| tree | 89536458c205d01a245a45787db035d504e93ec9 /g10/seskey.c | |
| parent | common: New function openpgp_is_curve_supported. (diff) | |
| download | gnupg-d837f6b0eadb14ea08c1c6030b4d6adaaee8778e.tar.gz gnupg-d837f6b0eadb14ea08c1c6030b4d6adaaee8778e.zip | |
gpg: Do not abort on certain invalid packets.
* g10/build-packet.c (write_fake_data): Check for non-opaque data.
* g10/seskey.c (do_encode_md): Return NULL instead of abort.
--
The first may happen if the usage flags of an algorithm do not match
the allowed usage. When writing a backsig this would lead to a
log_bug in libgcrypt due to the use of a regular MPI as opaque data.
The second may happen with all kind of invalid data. It is easy to
avoid an abort, though.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10/seskey.c')
| -rw-r--r-- | g10/seskey.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/g10/seskey.c b/g10/seskey.c index c41a1455b..e5385af98 100644 --- a/g10/seskey.c +++ b/g10/seskey.c @@ -211,9 +211,12 @@ do_encode_md( gcry_md_hd_t md, int algo, size_t len, unsigned nbits, int i,n; gcry_mpi_t a; - if( len + asnlen + 4 > nframe ) - log_bug ("can't encode a %d bit MD into a %d bits frame, algo=%d\n", - (int)(len*8), (int)nbits, algo); + if (len + asnlen + 4 > nframe) + { + log_error ("can't encode a %d bit MD into a %d bits frame, algo=%d\n", + (int)(len*8), (int)nbits, algo); + return NULL; + } /* We encode the MD in this way: * |