core: Do not identify PNG files as PGP signatures.

* src/data-identify.c (next_openpgp_packet): Blacklist PNG files. -- GnuPG-bug-id: 2314 Signed-off-by: Werner Koch <[email protected]>
author: Werner Koch <[email protected]> 2016-08-10 13:31:25 +0000
committer: Werner Koch <[email protected]> 2016-08-10 13:35:52 +0000
commit: a9168185ba97aa1d827315cd8017899bf904aded (patch)
tree: 9a8562fbfe64df33bacfca25089795f27c3e16ce
parent: Cpp: Handle empty recipients consistently (diff)
download: gpgme-a9168185ba97aa1d827315cd8017899bf904aded.tar.gz
gpgme-a9168185ba97aa1d827315cd8017899bf904aded.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/data-identify.c b/src/data-identify.c
index 88a472fb..1edfb9b2 100644
--- a/src/data-identify.c
+++ b/src/data-identify.c
@@ -95,6 +95,11 @@ next_openpgp_packet (unsigned char const **bufptr, size_t *buflen,
   if (!len)
     return gpg_error (GPG_ERR_NO_DATA);
 
+  /* First some blacklisting.  */
+  if (len >= 4 && !memcmp (buf, "\x89PNG", 4))
+    return gpg_error (GPG_ERR_INV_PACKET); /* This is a PNG file.  */
+
+  /* Start parsing.  */
   ctb = *buf++; len--;
   if ( !(ctb & 0x80) )
     return gpg_error (GPG_ERR_INV_PACKET); /* Invalid CTB. */
author	Werner Koch <[email protected]>	2016-08-10 13:31:25 +0000
committer	Werner Koch <[email protected]>	2016-08-10 13:35:52 +0000
commit	a9168185ba97aa1d827315cd8017899bf904aded (patch)
tree	9a8562fbfe64df33bacfca25089795f27c3e16ce
parent	Cpp: Handle empty recipients consistently (diff)
download	gpgme-a9168185ba97aa1d827315cd8017899bf904aded.tar.gz gpgme-a9168185ba97aa1d827315cd8017899bf904aded.zip