diff options
| author | Werner Koch <[email protected]> | 2019-07-12 11:57:00 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-07-12 11:57:00 +0000 |
| commit | a5118b19c182b558635a6a11ef55b6b8a18c04e9 (patch) | |
| tree | 16f59401d004b086e1a00c7dad8e4a7523af2fae /g10/build-packet.c | |
| parent | Merge branch 'master' into switch-to-gpgk (diff) | |
| parent | scd: Remove useless GNUPG_SCD_MAIN_HEADER macro. (diff) | |
| download | gnupg-a5118b19c182b558635a6a11ef55b6b8a18c04e9.tar.gz gnupg-a5118b19c182b558635a6a11ef55b6b8a18c04e9.zip | |
Merge branch 'master' into switch-to-gpgk
Diffstat (limited to 'g10/build-packet.c')
| -rw-r--r-- | g10/build-packet.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/g10/build-packet.c b/g10/build-packet.c index 07fccb099..2a95df694 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -447,15 +447,21 @@ do_user_id( IOBUF out, int ctb, PKT_user_id *uid ) * Without forcing HDRLEN to 2 in this case an indeterminate length * packet would be written which is not allowed. Note that we are * always called with a CTB indicating an old packet header format, - * so that forcing a 2 octet header works. */ + * so that forcing a 2 octet header works. We also check for the + * maximum allowed packet size by the parser using an arbitrary + * extra 10 bytes for header data. */ if (uid->attrib_data) { + if (uid->attrib_len > MAX_ATTR_PACKET_LENGTH - 10) + return gpg_error (GPG_ERR_TOO_LARGE); hdrlen = uid->attrib_len? 0 : 2; write_header2 (out, ctb, uid->attrib_len, hdrlen); rc = iobuf_write( out, uid->attrib_data, uid->attrib_len ); } else { + if (uid->len > MAX_UID_PACKET_LENGTH - 10) + return gpg_error (GPG_ERR_TOO_LARGE); hdrlen = uid->len? 0 : 2; write_header2 (out, ctb, uid->len, hdrlen); rc = iobuf_write( out, uid->name, uid->len ); |