[Rpm-maint] [rpm-software-management/rpm] Security fixes for the OpenPGP parser (#1677)

Demi Marie Obenour notifications at github.com
Fri May 7 02:07:23 UTC 2021


See individual commit messages for details.
You can view, comment on, or merge this pull request online at:

  https://github.com/rpm-software-management/rpm/pull/1677

-- Commit Summary --

  * pgpLen(): validate that the buffer is large enough
  * Remove incorrect bounds check in pgpPrtSubType()
  * Do not allow extra packets to follow a signature
  * pgpPrtSigParams(): avoid undefined pointer arithmetic
  * pgpGet(): check that the returned length is in bounds
  * Remove some incorrect bounds checks
  * pgpPrtSig(): Introduce a helper variable
  * pgpPrtSig(): simplify computation of p
  * pgpPrtSig(): remove useless bounds check
  * decodePkt(): use pgpGet() instead of manual bounds checks
  * pgpPubkeyFingerprint(): simplify error detection
  * pgpPrtSig(): properly check that the MPIs fit in the packet
  * pgpPrtPubkeyParams(): avoid undefined pointer arithmetic
  * pgpPrtPubkeyParams(): better checks for OID length
  * Reject signatures of type 0xFF
  * verifySignature(): package signatures must be PGPSIGTYPE_BINARY
  * pgpGrab: assert if nbytes is too large

-- File Changes --

    M lib/rpmvs.c (4)
    M rpmio/rpmpgp.c (157)
    M rpmio/rpmpgp.h (5)

-- Patch Links --

https://github.com/rpm-software-management/rpm/pull/1677.patch
https://github.com/rpm-software-management/rpm/pull/1677.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1677
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210506/a1002b73/attachment.html>


More information about the Rpm-maint mailing list