diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2021-06-15 11:46:06 +0300 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2021-06-15 13:06:02 +0300 |
commit | 201e38372d8cd6259790c3364104cf25cdc37492 (patch) | |
tree | 5ae126dc97d31d06c3e5557557aaf210d6ab1d51 /rpmio/rpmpgp.c | |
parent | d07c6ce856354e2e744024dce49940460c3829e8 (diff) | |
download | rpm-201e38372d8cd6259790c3364104cf25cdc37492.tar.gz |
Validate the buffer size when calculating PGP packet size
Check that the buffer can actually hold the computed number of bytes.
Initial patch by Demi Marie Obenour.
Diffstat (limited to 'rpmio/rpmpgp.c')
-rw-r--r-- | rpmio/rpmpgp.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index e9c1b9e30..4a6e54fea 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -314,6 +314,9 @@ size_t pgpLen(const uint8_t *s, size_t slen, size_t * lenp) dlen = pgpGrab(s+1, 4); } + if (slen - lenlen < dlen) + lenlen = 0; + if (lenlen) *lenp = dlen; |