[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Re: zero-length MPIs (was: Re: mpi error with check-trus
|
From: |
Peter Palfrader |
|
Subject: |
Re: [Sks-devel] Re: zero-length MPIs (was: Re: mpi error with check-trustdb in 1.4.2 - resolved) |
|
Date: |
Thu, 18 Aug 2005 03:18:29 +0200 |
|
User-agent: |
Mutt/1.5.9i |
On Thu, 11 Aug 2005, Jason Harris wrote:
> On Thu, Aug 11, 2005 at 09:54:59PM +0200, Peter Palfrader wrote:
> > On Thu, 11 Aug 2005, Jason Harris wrote:
> > > Fetching them from keyserver.kjsl.com is now possible with gnupg-1.4.2.
> > > To patch pks, add this to the middle of decode_mpi() (in pgputil.c):
> > >
> > > /* skip packets with 0-length MPIs for GPG's benefit (gnupg-1.4.2) */
> > > if (mpi->nbits == 0) {
> > > return (0);
> > > }
> >
> > can we do that in SKS too? please!
>
> Try the patch below.
Ok, that seems to work great.
Yaron, will you accept this patch? I wonder what the effects on
syncing is.
Can we also have one that filters most 'buffer shorter than subpacket'
problems? Such keys have become a real problem since also popular keys
are affected, For instance CA57AD7C (PGP Global Directory Verification
Key).
> ===================================================================
> RCS file: parsePGP.ml,v
> retrieving revision 1.1
> diff -u -r1.1 parsePGP.ml
> --- parsePGP.ml 2005/08/12 00:03:16 1.1
> +++ parsePGP.ml 2005/08/12 00:03:54
> @@ -23,6 +23,7 @@
> open Printf
>
> exception Overlong_mpi
> +exception Zerolen_mpi
> exception Partial_body_length of int
>
> (********************************************************)
> @@ -109,6 +110,7 @@
> try
> let byte2 = cin#read_byte in
> let length = (byte1 lsl 8) + byte2 in
> + if length <= 0 then raise Zerolen_mpi;
> let data = cin#read_string
> ((length + 7)/8)
> in
>
--
PGP signed and encrypted | .''`. ** Debian GNU/Linux **
messages preferred. | : :' : The universal
| `. `' Operating System
http://www.palfrader.org/ | `- http://www.debian.org/