Diffusion GnuPG be8b30f8ebf6

kbx: Add bounds check to detect corrupt keyboxes.

Authored by werner on Tue, Sep 22, 11:45 AM.

Description

kbx: Add bounds check to detect corrupt keyboxes.

* kbx/keybox-dump.c (_keybox_dump_blob): Fix the fixmes.  Add support
for 32 byte fingerprints.

kbxutil is a debug tool but nevertheless it should behave well and not
read beyond allocated buffers and in turn crash.

Vincent Ulitzsch and Dominik Maier were kind enough to report these
crashes along with a couple of test keyboxes and crash analysis.

Backported from master and while doing that adding also the support
for OpenPGP v5 keys.

  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Committed
wernerTue, Sep 22, 11:53 AM
Parents
rG61aea64b3c17: scd: Fix the use case of verify_chv2 by CHECKPIN.
Branches
Unknown
Tags
Unknown