Attachment 671621 Details for Bug 891142 – GnuPG1-CVE-2012-6085.patch

[patch] GnuPG1-CVE-2012-6085.patch

GnuPG1-CVE-2012-6085.patch (text/plain), 1.50 KB, created by Kurt Seifried on 2013-01-02 19:07:37 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Kurt Seifried

Created: 2013-01-02 19:07:37 UTC

Size: 1.50 KB

patch

obsolete

>commit f0b33b6fb8e0586e9584a7a409dcc31263776a67
>Author: Werner Koch <wk@gnupg.org>
>Date:   Thu Dec 20 09:43:41 2012 +0100
>
>    gpg: Import only packets which are allowed in a keyblock.
>    
>    * g10/import.c (valid_keyblock_packet): New.
>    (read_block): Store only valid packets.
>    --
>    
>    A corrupted key, which for example included a mangled public key
>    encrypted packet, used to corrupt the keyring.  This change skips all
>    packets which are not allowed in a keyblock.
>    
>    GnuPG-bug-id: 1455
>    
>    (cherry-picked from commit f795a0d59e197455f8723c300eebf59e09853efa)
>
>diff --git a/g10/import.c b/g10/import.c
>index bfe02eb..a57b32e 100644
>--- a/g10/import.c
>+++ b/g10/import.c
>@@ -384,6 +384,27 @@ import_print_stats (void *hd)
> }
> 
> 
>+/* Return true if PKTTYPE is valid in a keyblock.  */
>+static int
>+valid_keyblock_packet (int pkttype)
>+{
>+  switch (pkttype)
>+    {
>+    case PKT_PUBLIC_KEY:
>+    case PKT_PUBLIC_SUBKEY:
>+    case PKT_SECRET_KEY:
>+    case PKT_SECRET_SUBKEY:
>+    case PKT_SIGNATURE:
>+    case PKT_USER_ID:
>+    case PKT_ATTRIBUTE:
>+    case PKT_RING_TRUST:
>+      return 1;
>+    default:
>+      return 0;
>+    }
>+}
>+
>+
> /****************
>  * Read the next keyblock from stream A.
>  * PENDING_PKT should be initialzed to NULL
>@@ -461,7 +482,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
> 	    }
> 	    in_cert = 1;
> 	  default:
>-	    if( in_cert ) {
>+	    if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
> 		if( !root )
> 		    root = new_kbnode( pkt );
> 		else

Actions: View | Diff

Attachments on bug 891142: 671621 | 671624