* parse-packet.c (parse): Disallow old style partial length for
authorWerner Koch <wk@gnupg.org>
Tue, 10 Jun 2003 09:05:38 +0000 (09:05 +0000)
committerWerner Koch <wk@gnupg.org>
Tue, 10 Jun 2003 09:05:38 +0000 (09:05 +0000)
all key material packets to avoid possible corruption of keyrings.

g10/ChangeLog
g10/parse-packet.c

index 0e643f8..f289a4d 100644 (file)
@@ -1,3 +1,8 @@
+2003-06-10  Werner Koch  <wk@gnupg.org>
+
+       * parse-packet.c (parse): Disallow old style partial length for
+       all key material packets to avoid possible corruption of keyrings.
+
 2003-06-08  Werner Koch  <wk@gnupg.org>
 
        * import.c (import_keys_internal): Invalidate the cache so that
index dddff86..bdf68c5 100644 (file)
@@ -367,8 +367,28 @@ parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
        lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
        if( !lenbytes ) {
            pktlen = 0; /* don't know the value */
-           if( pkttype != PKT_COMPRESSED )
-               iobuf_set_block_mode(inp, 1);
+            switch (pkttype) {
+              case PKT_ENCRYPTED:
+              case PKT_PLAINTEXT:
+                /* These partial length encodings are from an very
+                  early GnuPG release and deprecated.  However we
+                  still support them read-wise.  Note, that we should
+                  not allow them for any key related packets, because
+                  this might render a keyring unusable if an errenous
+                  packet indicated this mode but not complying to it
+                  gets imported. */
+                iobuf_set_block_mode(inp, 1);
+               break;
+
+              case PKT_COMPRESSED:
+                break; /* the orginal pgp 2 way. */
+
+              default:
+                log_error ("%s: old style partial length "
+                           "for invalid packet type\n", iobuf_where(inp) );
+                rc = G10ERR_INVALID_PACKET;
+                goto leave;
+            }
        }
        else {
            for( ; lenbytes; lenbytes-- ) {