gpg: Fix possible memory corruption in the armor parser.
* g10/armor.c (armor_filter): Fix faulty double increment.
This fixes a bug in a code path which can only be reached with special
crafted input data and would then error out at an upper layer due to
corrupt input (every second byte in the buffer is unitialized
garbage). No fuzzing has yet hit this case and we don't have a test
case for this code path. However memory corruption can never be
tolerated as it always has the protential for remode code execution.
which fixed
Backported-from-master: 115d138ba599328005c5321c0ef9f00355838ca9
The bug was introduced on 1999-01-07 by me:
- armor.c: Rewrote large parts.
which I fixed on 1999-03-02 but missed to fix the other case:
- armor.c (armor_filter): Fixed armor bypassing.
- Reported-by: 49016 and Liam (two-heart)
- Fixes-commit: 7d0efec7cf5ae110c99511abc32587ff0c45b14f