X-Git-Url: https://the.earth.li/gitweb/?a=blobdiff_plain;f=parsekey.c;h=49b91bfee2c5183cf0794ec187f4e451cf700621;hb=42f7eb9a05e8013f0bc4209cb16fbfd99050378e;hp=6255ab8bd3aa6dd94643792fb881676d5cdde949;hpb=a75148cf51de7fe9112f5ba260e62828d5297979;p=onak.git
diff --git a/parsekey.c b/parsekey.c
index 6255ab8..49b91bf 100644
--- a/parsekey.c
+++ b/parsekey.c
@@ -13,8 +13,7 @@
* more details.
*
* You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 51
- * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * this program. If not, see .
*/
#include
@@ -22,7 +21,6 @@
#include
#include
-#include "keyid.h"
#include "keystructs.h"
#include "ll.h"
#include "mem.h"
@@ -354,12 +352,62 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
} else {
rc = ONAK_E_INVALID_PKT;
}
+ if (rc == ONAK_E_OK) {
+ /* Make sure the packet version is sane */
+ switch (curpacket->packet->tag) {
+ case OPENPGP_PACKET_ENCRYPTED_MDC:
+ /* These packets must be v1 */
+ if (curpacket->packet->data[0] != 1) {
+ rc = ONAK_E_INVALID_PKT;
+ }
+ break;
+ case OPENPGP_PACKET_PKSESSIONKEY:
+ case OPENPGP_PACKET_ONEPASSSIG:
+ /* These packets must be v3 */
+ if (curpacket->packet->data[0] != 3) {
+ rc = ONAK_E_INVALID_PKT;
+ }
+ break;
+ case OPENPGP_PACKET_SYMSESSIONKEY:
+ /* These packets must be v4 */
+ if (curpacket->packet->data[0] != 4) {
+ rc = ONAK_E_INVALID_PKT;
+ }
+ break;
+ case OPENPGP_PACKET_SIGNATURE:
+ case OPENPGP_PACKET_SECRETKEY:
+ case OPENPGP_PACKET_PUBLICKEY:
+ /* Must be v2 -> v5 */
+ if (curpacket->packet->data[0] < 2 ||
+ curpacket->packet->data[0] > 5) {
+ rc = ONAK_E_INVALID_PKT;
+ }
+ break;
+ default:
+ break;
+ }
+ }
}
- /* Trim the last packet if it doesn't actually exist */
- if (packetend != NULL && (*packetend)->packet == NULL) {
- free(*packetend);
- *packetend = NULL;
+ if (packetend != NULL) {
+ if ((*packetend)->packet != NULL) {
+ /* If we got an invalid final packet, discard it. */
+ if ((*packetend)->packet->data != NULL &&
+ rc != ONAK_E_OK) {
+ free((*packetend)->packet->data);
+ (*packetend)->packet->data = NULL;
+ }
+ /* If we didn't get any data, clean it up. */
+ if ((*packetend)->packet->data == NULL) {
+ free((*packetend)->packet);
+ (*packetend)->packet = NULL;
+ }
+ }
+ /* Trim the last packet if it doesn't actually exist */
+ if ((*packetend)->packet == NULL) {
+ free(*packetend);
+ *packetend = NULL;
+ }
}
return (rc);