gpg: Do not allow creation of user ids larger than our parser allows.
d32963eeb33f
Actions

Description

gpg: Do not allow creation of user ids larger than our parser allows.

* g10/parse-packet.c: Move max packet lengths constants to ...
* g10/packet.h: ... here.
* g10/build-packet.c (do_user_id): Return an error if too data is too
large.
* g10/keygen.c (write_uid): Return an error for too large data.

This can lead to keyring corruption becuase we expect that our parser
is abale to parse packts created by us. Test case is

gpg --batch --passphrase 'abc' -v  \
    --quick-gen-key $(yes 'a'| head -4000|tr -d '\n')

GnuPG-bug-id: T4532
Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

• werner

Authored on May 21 2019, 4:25 PM

Parents

rG6e39541f4f48: agent: For SSH key, don't put NUL-byte at the end.

Branches

Unknown

Tags

Unknown

Tasks

T4532: Creating a key with a long userid succeeds, but corrupts the keyring

Event Timeline

• werner committed rGd32963eeb33f: gpg: Do not allow creation of user ids larger than our parser allows. (authored by • werner).May 21 2019, 4:28 PM

• werner added a task: T4532: Creating a key with a long userid succeeds, but corrupts the keyring.

Changes (4)

Path

Size

g10/

rGd32963eeb33f

View Options

g10/build-packet.c

View Options

g10/keygen.c

View Options

g10/packet.h

View Options

gpg: Do not allow creation of user ids larger than our parser allows.d32963eeb33fActions

Description

Details

Event Timeline

Changes (4)

rGd32963eeb33f

g10/build-packet.c

g10/keygen.c

g10/packet.h

g10/parse-packet.c

gpg: Do not allow creation of user ids larger than our parser allows.
d32963eeb33f
Actions