Page MenuHome GnuPG

Disallow compressed signatures and certificates
Needs ReviewPublic

Authored by DemiMarie on Mon, Jun 20, 6:32 PM.
This revision needs review, but there are no reviewers specified.

Details

Summary

Compressed packets have significant attack surface, both due to the
potential for denial of service (zip bombs and the like) and for code
execution via memory corruption vulnerabilities in the decompressor.
Furthermore, I am not aware of any implementation that uses them in keys
or detached signatures. Therefore, disallow their use in such contexts
entirely.

When parsing detached signatures, forbid any packet that is not a
signature or marker packet. When parsing keys, return an error when
encountering a compressed packet, instead of decompressing the packet.

Furthermore, certificates, keys, and signatures are not allowed to
contain partial-length or indeterminate-length packets. Reject those in
parse_packet, rather than activating the partial-length filter code.

GnuPG-bug-id: T5993

Test Plan

Check that the assertion in proc_compressed() fires if the check in
parse() is missing.

Diff Detail

Repository
rG GnuPG
Branch
no-compressed-sigs
Lint
No Linters Available
Unit
No Unit Test Coverage

Event Timeline

DemiMarie created this revision.

When failing due to a bad packet in a detached signature, log the
packet's type.