diff options
Diffstat (limited to 'mpi')
| -rw-r--r-- | mpi/ChangeLog | 6 | ||||
| -rw-r--r-- | mpi/mpicoder.c | 21 |
2 files changed, 21 insertions, 6 deletions
diff --git a/mpi/ChangeLog b/mpi/ChangeLog index ab9002722..20175f961 100644 --- a/mpi/ChangeLog +++ b/mpi/ChangeLog @@ -1,3 +1,9 @@ +2004-12-20 Werner Koch <[email protected]> + + * mpicoder.c (mpi_read_from_buffer): Don't abort in case of an + invalid MPI but print a message and return NULL. Use log_info and + not log_error. + 2004-10-26 Werner Koch <[email protected]> * config.links: Use HOST instead of TARGET. diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c index 0005f21a8..4d4e45553 100644 --- a/mpi/mpicoder.c +++ b/mpi/mpicoder.c @@ -125,7 +125,7 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure) MPI -mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure) +mpi_read_from_buffer(byte *buffer, unsigned int *ret_nread, int secure) { int i, j; unsigned nbits, nbytes, nlimbs, nread=0; @@ -136,7 +136,7 @@ mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure) goto leave; nbits = buffer[0] << 8 | buffer[1]; if( nbits > MAX_EXTERN_MPI_BITS ) { - log_error("mpi too large (%u bits)\n", nbits); + log_info ("mpi too large (%u bits)\n", nbits); goto leave; } buffer += 2; @@ -154,10 +154,19 @@ mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure) for( ; j > 0; j-- ) { a = 0; for(; i < BYTES_PER_MPI_LIMB; i++ ) { - if( ++nread > *ret_nread ) - log_bug("mpi larger than buffer\n"); - a <<= 8; - a |= *buffer++; + if( ++nread > *ret_nread ) { + /* This (as well as the above error condition) may + happen if we use this function to parse a decrypted + MPI which didn't turn out to be a real MPI - possible + because the supplied key was wrong but the OpenPGP + checksum didn't caught it. */ + log_info ("mpi larger than buffer\n"); + mpi_free (val); + val = MPI_NULL; + goto leave; + } + a <<= 8; + a |= *buffer++; } i = 0; val->d[j-1] = a; |