Commit b32f230526b432c04572ad4aebc4f3f135183c1a - pgpdump

Update keys.c 2022-03-01: insert "memset" where ELLIP_CURVES are evaluated to re-initialize the "oid_input_HEX" array to all zero; left as it was, multiple different ECC curve evaluations may leave remnants of earlier read input values which can cause "memcpy" to fail (for "invalid/undefined/unmatched values") -> segfault; most notable when evaluating "keys" with a plethora of packets with different ECC algorithms galaxiesFarApart authored 2 years ago Kazu Yamamoto committed 2 years ago

1 changed file(s) with 6 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all

-0

keys.c less more

124	124	break;
125	125	case 18:/ECDH/
126	126	oidLEN = Getc();
	127	memset(oid_input_HEX,0,10);
127	128	for(jj=0;jj<oidLEN;jj++){oid_input_HEX[jj]=Getc();}
128	129	for(jj=0;jj<ELLIP_CURVES_NUM;jj++){
129	130	if(memcmp(ELLIP_CURVES[jj].oidhex,oid_input_HEX,oid_input_HEX_size) == 0){

165	166	break;
166	167	case 19:/ECDSA/
167	168	oidLEN = Getc();
	169	memset(oid_input_HEX,0,10);
168	170	for(jj=0;jj<oidLEN;jj++){oid_input_HEX[jj]=Getc();}
169	171	for(jj=0;jj<ELLIP_CURVES_NUM;jj++){
170	172	if(memcmp(ELLIP_CURVES[jj].oidhex,oid_input_HEX,oid_input_HEX_size) == 0){

187	189	break;
188	190	case 22:/EdDSA/
189	191	oidLEN = Getc();
	192	memset(oid_input_HEX,0,10);
190	193	for(jj=0;jj<oidLEN;jj++){oid_input_HEX[jj]=Getc();}
191	194	for(jj=0;jj<ELLIP_CURVES_NUM;jj++){
192	195	if(memcmp(ELLIP_CURVES[jj].oidhex,oid_input_HEX,oid_input_HEX_size) == 0){

303	306	break;
304	307	case 18:/ECDH/
305	308	oidLEN = Getc();
	309	memset(oid_input_HEX,0,10);
306	310	for(jj=0;jj<oidLEN;jj++){oid_input_HEX[jj]=Getc();}
307	311	for(jj=0;jj<ELLIP_CURVES_NUM;jj++){
308	312	if(memcmp(ELLIP_CURVES[jj].oidhex,oid_input_HEX,oid_input_HEX_size) == 0){

344	348	break;
345	349	case 19:/ECDSA/
346	350	oidLEN = Getc();
	351	memset(oid_input_HEX,0,10);
347	352	for(jj=0;jj<oidLEN;jj++){oid_input_HEX[jj]=Getc();}
348	353	for(jj=0;jj<ELLIP_CURVES_NUM;jj++){
349	354	if(memcmp(ELLIP_CURVES[jj].oidhex,oid_input_HEX,oid_input_HEX_size) == 0){

366	371	break;
367	372	case 22:/EdDSA/
368	373	oidLEN = Getc();
	374	memset(oid_input_HEX,0,10);
369	375	for(jj=0;jj<oidLEN;jj++){oid_input_HEX[jj]=Getc();}
370	376	for(jj=0;jj<ELLIP_CURVES_NUM;jj++){
371	377	if(memcmp(ELLIP_CURVES[jj].oidhex,oid_input_HEX,oid_input_HEX_size) == 0){