diff options
| author | Panu Matilainen <pmatilai@redhat.com> | 2021-06-15 11:46:06 +0300 |
|---|---|---|
| committer | Panu Matilainen <pmatilai@redhat.com> | 2021-06-15 13:06:02 +0300 |
| commit | 201e38372d8cd6259790c3364104cf25cdc37492 (patch) | |
| tree | 5ae126dc97d31d06c3e5557557aaf210d6ab1d51 | |
| parent | d07c6ce856354e2e744024dce49940460c3829e8 (diff) | |
| download | rpm-201e38372d8cd6259790c3364104cf25cdc37492.tar.gz | |
Validate the buffer size when calculating PGP packet size
Check that the buffer can actually hold the computed number of bytes.
Initial patch by Demi Marie Obenour.
| -rw-r--r-- | rpmio/rpmpgp.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index e9c1b9e30..4a6e54fea 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -314,6 +314,9 @@ size_t pgpLen(const uint8_t *s, size_t slen, size_t * lenp) dlen = pgpGrab(s+1, 4); } + if (slen - lenlen < dlen) + lenlen = 0; + if (lenlen) *lenp = dlen; |