[Rpm-maint] [rpm-software-management/rpm] pgpGet(): check that the returned length is in bounds (#1706)

Demi Marie Obenour notifications at github.com
Thu Jun 17 17:58:02 UTC 2021


@DemiMarie commented on this pull request.



> + * hold `nbytes + *valp` bytes.
+ * @param s		pointer to read from
+ * @param nbytes	length of length field
+ * @param send		pointer past end of buffer
+ * @param[out] *valp	decoded length
+ * @return		0 if buffer can hold `nbytes + *valp` of data,
+ * 			otherwise -1.
+ */
+static int pgpGet(const uint8_t *s, size_t nbytes, const uint8_t *send,
+		  size_t *valp)
+{
+    int rc = -1;
+
+    if (nbytes <= send - s &&
+	nbytes <= sizeof(size_t) &&
+	nbytes <= sizeof(unsigned int)) {

> This looks highly bogus, what does size of size_t have to do with anything PGP?
> Okay, I guess the bogosity comes from pgpGrab() dealing with sizeof(size_t) which looks equally bogus to begin with, going back all the way to [95c55a1](https://github.com/rpm-software-management/rpm/commit/95c55a1af9fa4be56737eefa0e709ce5abe47deb). Looks like well-intended but misguided attempt to size_t type-pedantry, I'm kinda suprised this isn't my fault because I certainly did my share of those in the early days 

I believe this code is correct, but in the interest of accelerating code review, I will leave it out and include it in a separate PR.

> Also the condition aligns on the same indentation level with the following code making it unnecessary hard to read.

How would you prefer that this code be indented?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1706#discussion_r653811469
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210617/bca9977a/attachment.html>


More information about the Rpm-maint mailing list