Add sanity check for PGP packet version

At present only PGP packet versions up to 4 are supported. There's no
indication version 5+ will be backwards compatible, so if we see
anything higher it indicates something unsupported. Fixes some issues
found using American Fuzzy Lop.

diff --git a/parsekey.c b/parsekey.c
index 008248e005633f0563d9bdcd409c61130cfc1423..f9b1465b78dece1a18c2cde309cfb937d69bcab6 100644 (file)
--- a/parsekey.c
+++ b/parsekey.c
@@ -354,6 +354,12 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
                } else {
                        rc = ONAK_E_INVALID_PKT;
                }
+               if (rc == ONAK_E_OK) {
+                       /* Make sure the packet version is sane */
+                       if (curpacket->packet->data[0] > 4) {
+                               rc = ONAK_E_INVALID_PKT;
+                       }
+               }
        }
 
        if (packetend != NULL) {