Throw away invalid packet data when parsing packets

[onak.git] / parsekey.c

diff --git a/parsekey.c b/parsekey.c
index ed61e24d16be5e556a527cfbfa80bc4f10e6beaa..008248e005633f0563d9bdcd409c61130cfc1423 100644 (file)
--- a/parsekey.c
+++ b/parsekey.c
@@ -308,7 +308,7 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
                                                break;
                                        }
                                        curpacket->packet->length = 
-                                               (curchar << 24);
+                                               ((unsigned) curchar << 24);
                                        if (getchar_func(ctx, 1, &curchar)) {
                                                rc = ONAK_E_INVALID_PKT;
                                                break;
@@ -356,10 +356,25 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
                }
        }
 
-       /* Trim the last packet if it doesn't actually exist */
-       if (packetend != NULL && (*packetend)->packet == NULL) {
-               free(*packetend);
-               *packetend = NULL;
+       if (packetend != NULL) {
+               if ((*packetend)->packet != NULL) {
+                       /* If we got an invalid final packet, discard it. */
+                       if ((*packetend)->packet->data != NULL &&
+                                       rc != ONAK_E_OK) {
+                               free((*packetend)->packet->data);
+                               (*packetend)->packet->data = NULL;
+                       }
+                       /* If we didn't get any data, clean it up. */
+                       if ((*packetend)->packet->data == NULL) {
+                               free((*packetend)->packet);
+                               (*packetend)->packet = NULL;
+                       }
+               }
+               /* Trim the last packet if it doesn't actually exist */
+               if ((*packetend)->packet == NULL) {
+                       free(*packetend);
+                       *packetend = NULL;
+               }
        }
 
        return (rc);