kbx: Fix handling of overlong keys.
authorWerner Koch <wk@gnupg.org>
Thu, 9 Oct 2014 18:19:05 +0000 (20:19 +0200)
committerWerner Koch <wk@gnupg.org>
Thu, 9 Oct 2014 18:19:05 +0000 (20:19 +0200)
commitb6507bb80e4e4aa5c85a918fdcf5c28cccb75081
tree6892ed42e79aea6233da23439283079a02e9a279
parentec332d58efc50f6508b87fc9f51db68c39cee044
kbx: Fix handling of overlong keys.

* kbx/keybox-file.c (IMAGELEN_LIMIT): Change limit from 10^6 to 2MiB.
(_keybox_read_blob2): Skip too long record records.
(_keybox_write_blob): Do not accept too long record.
* kbx/keybox-dump.c (file_stats_s): Add field skipped_long_blobs.
(_keybox_dump_file): Print new counter.
(_keybox_dump_file): Skip too long records.
----

To test this feature you may set the limit back to 1MiB and use key
F7F0E70F307D56ED which is in my local copy close to 2MiB.  Without
this patch it was possible to import the key but access to that key
and all keys stored after it was not possible.

Signed-off-by: Werner Koch <wk@gnupg.org>
kbx/keybox-dump.c
kbx/keybox-file.c