Package: gnupg2 / 2.0.26-6+deb8u2

0052-gpg-Fix-a-NULL-deref-in-export-due-to-invalid-packet.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
From 8da836e76f1349f4587d1bb74864b11dde7b8a39 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 12 Feb 2015 18:54:17 +0100
Subject: [PATCH 52/56] gpg: Fix a NULL-deref in export due to invalid packet
 lengths.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* g10/build-packet.c (write_fake_data): Take care of a NULL stored as
opaque MPI.
--

Reported-by: Hanno Böck <hanno@hboeck.de>

(back ported from commit 0835d2f44ef62eab51fce6a927908f544e01cf8f)
---
 g10/build-packet.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/g10/build-packet.c b/g10/build-packet.c
index 2e6dfc0..538f2fe 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -220,7 +220,8 @@ write_fake_data (IOBUF out, gcry_mpi_t a)
       void *p;
 
       p = gcry_mpi_get_opaque ( a, &n );
-      iobuf_write (out, p, (n+7)/8 );
+      if (p)
+        iobuf_write (out, p, (n+7)/8 );
     }
 }
 
-- 
2.1.4