Home GnuPG
Diffusion GnuPG 91dbfce3b784

* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
91dbfce3b784Unpublished
Actions

Unpublished Commit ยท Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

(no title)

* parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.  
This prevents a memory allocation attack with a very large user ID.  A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number.  Noted by Evgeny Legerov on full-disclosure.

Details

Provenance
dshawAuthored on Jun 9 2006, 9:45 PM
Parents
rG49c31957f02c: Revert last. It is still wrong.
Branches
Unknown
Tags
Unknown

Event Timeline

David Shaw <dshaw@jabberwocky.com> committed rG91dbfce3b784: * parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes. (authored by David Shaw <dshaw@jabberwocky.com>).Jun 9 2006, 9:45 PM

Changes (2)

PathSize
g10/

rG91dbfce3b784

View Options

g10/ChangeLog

Loading...
View Options

g10/parse-packet.c

Loading...