Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame^] | 1 | commit f0b33b6fb8e0586e9584a7a409dcc31263776a67 |
| 2 | Author: Werner Koch <wk@gnupg.org> |
| 3 | Date: Thu Dec 20 09:43:41 2012 +0100 |
| 4 | |
| 5 | gpg: Import only packets which are allowed in a keyblock. |
| 6 | |
| 7 | * g10/import.c (valid_keyblock_packet): New. |
| 8 | (read_block): Store only valid packets. |
| 9 | -- |
| 10 | |
| 11 | A corrupted key, which for example included a mangled public key |
| 12 | encrypted packet, used to corrupt the keyring. This change skips all |
| 13 | packets which are not allowed in a keyblock. |
| 14 | |
| 15 | GnuPG-bug-id: 1455 |
| 16 | |
| 17 | (cherry-picked from commit f795a0d59e197455f8723c300eebf59e09853efa) |
| 18 | |
| 19 | Upstream-Status: Backport |
| 20 | |
| 21 | Signed-off-by: Saul Wold <sgw@linux.intel.com> |
| 22 | |
| 23 | diff --git a/g10/import.c b/g10/import.c |
| 24 | index bfe02eb..a57b32e 100644 |
| 25 | --- a/g10/import.c |
| 26 | +++ b/g10/import.c |
| 27 | @@ -384,6 +384,27 @@ import_print_stats (void *hd) |
| 28 | } |
| 29 | |
| 30 | |
| 31 | +/* Return true if PKTTYPE is valid in a keyblock. */ |
| 32 | +static int |
| 33 | +valid_keyblock_packet (int pkttype) |
| 34 | +{ |
| 35 | + switch (pkttype) |
| 36 | + { |
| 37 | + case PKT_PUBLIC_KEY: |
| 38 | + case PKT_PUBLIC_SUBKEY: |
| 39 | + case PKT_SECRET_KEY: |
| 40 | + case PKT_SECRET_SUBKEY: |
| 41 | + case PKT_SIGNATURE: |
| 42 | + case PKT_USER_ID: |
| 43 | + case PKT_ATTRIBUTE: |
| 44 | + case PKT_RING_TRUST: |
| 45 | + return 1; |
| 46 | + default: |
| 47 | + return 0; |
| 48 | + } |
| 49 | +} |
| 50 | + |
| 51 | + |
| 52 | /**************** |
| 53 | * Read the next keyblock from stream A. |
| 54 | * PENDING_PKT should be initialzed to NULL |
| 55 | @@ -461,7 +482,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) |
| 56 | } |
| 57 | in_cert = 1; |
| 58 | default: |
| 59 | - if( in_cert ) { |
| 60 | + if (in_cert && valid_keyblock_packet (pkt->pkttype)) { |
| 61 | if( !root ) |
| 62 | root = new_kbnode( pkt ); |
| 63 | else |