From 7fd2267eca87bd9bcfe5e66e95e2e683bda1533b Mon Sep 17 00:00:00 2001
From: Jonathan McDowell <noodles@earth.li>
Date: Mon, 22 Aug 2016 23:14:24 +0100
Subject: [PATCH] Add sanity check for PGP packet version

At present only PGP packet versions up to 4 are supported. There's no
indication version 5+ will be backwards compatible, so if we see
anything higher it indicates something unsupported. Fixes some issues
found using American Fuzzy Lop.
---
 parsekey.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/parsekey.c b/parsekey.c
index 008248e..f9b1465 100644
--- a/parsekey.c
+++ b/parsekey.c
@@ -354,6 +354,12 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
 		} else {
 			rc = ONAK_E_INVALID_PKT;
 		}
+		if (rc == ONAK_E_OK) {
+			/* Make sure the packet version is sane */
+			if (curpacket->packet->data[0] > 4) {
+				rc = ONAK_E_INVALID_PKT;
+			}
+		}
 	}
 
 	if (packetend != NULL) {
-- 
2.39.2