From: Jonathan McDowell Date: Mon, 22 Aug 2016 22:14:24 +0000 (+0100) Subject: Add sanity check for PGP packet version X-Git-Tag: onak-0.5.0~3 X-Git-Url: https://the.earth.li/gitweb/?a=commitdiff_plain;h=7fd2267eca87bd9bcfe5e66e95e2e683bda1533b;p=onak.git Add sanity check for PGP packet version At present only PGP packet versions up to 4 are supported. There's no indication version 5+ will be backwards compatible, so if we see anything higher it indicates something unsupported. Fixes some issues found using American Fuzzy Lop. --- diff --git a/parsekey.c b/parsekey.c index 008248e..f9b1465 100644 --- a/parsekey.c +++ b/parsekey.c @@ -354,6 +354,12 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count, } else { rc = ONAK_E_INVALID_PKT; } + if (rc == ONAK_E_OK) { + /* Make sure the packet version is sane */ + if (curpacket->packet->data[0] > 4) { + rc = ONAK_E_INVALID_PKT; + } + } } if (packetend != NULL) {