diff options
author | Michał Masłowski <mtjm@mtjm.eu> | 2013-01-30 10:59:28 +0100 |
---|---|---|
committer | Michał Masłowski <mtjm@mtjm.eu> | 2013-01-30 10:59:28 +0100 |
commit | 56597deb3729c0071589878712e1bb4783009d05 (patch) | |
tree | c435839df0a778eaa3079148216564599b1848c6 /core/gnupg/valid-keyblock-packet.patch | |
parent | 43b83057ab3fa185f7afae30c7731a68073d58af (diff) | |
parent | c25b7aa323ab71b1a524d15dbbe942dbebd55761 (diff) |
Merge branch 'master' of ssh://parabolagnulinux.org:1863/home/parabola/abslibre-pre-mips64el
Conflicts:
community/chmsee/PKGBUILD
community/mednafen/PKGBUILD
core/reiserfsprogs/PKGBUILD
extra/libmowgli/PKGBUILD
Diffstat (limited to 'core/gnupg/valid-keyblock-packet.patch')
-rw-r--r-- | core/gnupg/valid-keyblock-packet.patch | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/core/gnupg/valid-keyblock-packet.patch b/core/gnupg/valid-keyblock-packet.patch new file mode 100644 index 000000000..64bf1c2da --- /dev/null +++ b/core/gnupg/valid-keyblock-packet.patch @@ -0,0 +1,61 @@ +From: Werner Koch <wk@gnupg.org> +Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100) +Subject: gpg: Import only packets which are allowed in a keyblock. +X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463 + +gpg: Import only packets which are allowed in a keyblock. + +* g10/import.c (valid_keyblock_packet): New. +(read_block): Store only valid packets. +-- + +A corrupted key, which for example included a mangled public key +encrypted packet, used to corrupt the keyring. This change skips all +packets which are not allowed in a keyblock. + +GnuPG-bug-id: 1455 + +(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e) +--- + +diff --git a/g10/import.c b/g10/import.c +index ba2439d..ad112d6 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -347,6 +347,27 @@ import_print_stats (void *hd) + } + + ++/* Return true if PKTTYPE is valid in a keyblock. */ ++static int ++valid_keyblock_packet (int pkttype) ++{ ++ switch (pkttype) ++ { ++ case PKT_PUBLIC_KEY: ++ case PKT_PUBLIC_SUBKEY: ++ case PKT_SECRET_KEY: ++ case PKT_SECRET_SUBKEY: ++ case PKT_SIGNATURE: ++ case PKT_USER_ID: ++ case PKT_ATTRIBUTE: ++ case PKT_RING_TRUST: ++ return 1; ++ default: ++ return 0; ++ } ++} ++ ++ + /**************** + * Read the next keyblock from stream A. + * PENDING_PKT should be initialzed to NULL +@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) + } + in_cert = 1; + default: +- if( in_cert ) { ++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) { + if( !root ) + root = new_kbnode( pkt ); + else |