Page MenuHome GnuPG
Files F31795841

armor-validation-one-pass-sig-2025-11-05.patch
gniibe (NIIBE Yutaka)
Actions

Authored By
gniibe
Nov 5 2025, 6:25 AM
Size
2 KB
Subscribers
werner

armor-validation-one-pass-sig-2025-11-05.patch
View Options

diff --git a/g10/armor.c b/g10/armor.c
index 59a6202aa..eacb1a378 100644
--- a/g10/armor.c
+++ b/g10/armor.c
@@ -584,7 +584,7 @@ check_input( armor_filter_context_t *afx, IOBUF a )
}
else if (i >= 0
&& !(afx->only_keyblocks && i != 1 && i != 5 && i != 6 )) {
- hdr_line = i;
+ hdr_line = afx->what = i;
if( hdr_line == BEGIN_SIGNED_MSG_IDX ) {
if( afx->in_cleartext ) {
log_error(_("nested clear text signatures\n"));
@@ -1039,9 +1039,10 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn,
checkcrc++;
break;
}
- else if (c == '-'
- && afx->buffer_pos + 8 < afx->buffer_len
- && !strncmp (afx->buffer, "-----END ", 8)) {
+ else if (afx->buffer_pos == 1 && c == '-'
+ && afx->buffer_len > 9
+ && !strncmp (afx->buffer, "-----END ", 9)) {
+ /* FIXME: Check tail_strings here if it matches ->what. */
break; /* End in --dearmor mode or No CRC. */
}
else {
@@ -1612,3 +1613,22 @@ make_radix64_string( const byte *data, size_t len )
*p = 0;
return buffer;
}
+
+
+/* Return >= 0 if it's armored, -1 otherwise. */
+int
+armor_context_if_any (iobuf_t a)
+{
+ iobuf_t a2;
+
+ for (a2 = a; a2; a2 = a2->chain)
+ if (a2->filter == armor_filter)
+ /* Found the armor filter. */
+ {
+ armor_filter_context_t *afx = a2->filter_ov;
+
+ return afx->what;
+ }
+
+ return -1;
+}
diff --git a/g10/filter.h b/g10/filter.h
index b15ce6aa5..77563f6cd 100644
--- a/g10/filter.h
+++ b/g10/filter.h
@@ -177,6 +177,8 @@ void release_armor_context (armor_filter_context_t *afx);
int push_armor_filter (armor_filter_context_t *afx, iobuf_t iobuf);
int was_armored (armor_filter_context_t *afx);
int use_armor_filter( iobuf_t a );
+int armor_context_if_any (iobuf_t a);
+
/*-- compress.c --*/
gpg_error_t push_compress_filter (iobuf_t out, compress_filter_context_t *zfx,
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 32ec46b6f..f9efb72bb 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2546,6 +2546,16 @@ parse_onepass_sig (IOBUF inp, int pkttype, unsigned long pktlen,
{
int version;
int rc = 0;
+ int what = armor_context_if_any (inp);
+
+ /* If armored, it should be wrapped by
+ "BEGIN PGP MESSAGE" and "END PGP MESSAGE". */
+ if (what > 0)
+ {
+ log_error (_("Wrongly armored signature\n"));
+ rc = gpg_error (GPG_ERR_FORBIDDEN);
+ goto leave;
+ }
if (pktlen < 13)
{

File Metadata

Mime Type
text/x-diff
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
9b/e7/80e23fbe9c434eac63092c4d4bff

Event Timeline

werner added a subscriber: werner.Nov 10 2025, 9:17 AM
_("Wrongly armored signature\n"));

I think we start all string lowercase. Would it be possible to re-use another text?

gniibe added a comment.Nov 10 2025, 10:11 AM

We can use:

log_error (_("invalid armor header: "));