aboutsummaryrefslogtreecommitdiffstats
path: root/mpi/mpicoder.c
diff options
context:
space:
mode:
Diffstat (limited to 'mpi/mpicoder.c')
-rw-r--r--mpi/mpicoder.c21
1 files changed, 15 insertions, 6 deletions
diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c
index 0005f21a8..4d4e45553 100644
--- a/mpi/mpicoder.c
+++ b/mpi/mpicoder.c
@@ -125,7 +125,7 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
MPI
-mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
+mpi_read_from_buffer(byte *buffer, unsigned int *ret_nread, int secure)
{
int i, j;
unsigned nbits, nbytes, nlimbs, nread=0;
@@ -136,7 +136,7 @@ mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
goto leave;
nbits = buffer[0] << 8 | buffer[1];
if( nbits > MAX_EXTERN_MPI_BITS ) {
- log_error("mpi too large (%u bits)\n", nbits);
+ log_info ("mpi too large (%u bits)\n", nbits);
goto leave;
}
buffer += 2;
@@ -154,10 +154,19 @@ mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
for( ; j > 0; j-- ) {
a = 0;
for(; i < BYTES_PER_MPI_LIMB; i++ ) {
- if( ++nread > *ret_nread )
- log_bug("mpi larger than buffer\n");
- a <<= 8;
- a |= *buffer++;
+ if( ++nread > *ret_nread ) {
+ /* This (as well as the above error condition) may
+ happen if we use this function to parse a decrypted
+ MPI which didn't turn out to be a real MPI - possible
+ because the supplied key was wrong but the OpenPGP
+ checksum didn't caught it. */
+ log_info ("mpi larger than buffer\n");
+ mpi_free (val);
+ val = MPI_NULL;
+ goto leave;
+ }
+ a <<= 8;
+ a |= *buffer++;
}
i = 0;
val->d[j-1] = a;
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-08 23:12:52 +0000