[Rpm-maint] [rpm-software-management/rpm] Security fixes for the OpenPGP parser (#1677)
Demi Marie Obenour
notifications at github.com
Fri May 7 02:07:23 UTC 2021
See individual commit messages for details.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/1677
-- Commit Summary --
* pgpLen(): validate that the buffer is large enough
* Remove incorrect bounds check in pgpPrtSubType()
* Do not allow extra packets to follow a signature
* pgpPrtSigParams(): avoid undefined pointer arithmetic
* pgpGet(): check that the returned length is in bounds
* Remove some incorrect bounds checks
* pgpPrtSig(): Introduce a helper variable
* pgpPrtSig(): simplify computation of p
* pgpPrtSig(): remove useless bounds check
* decodePkt(): use pgpGet() instead of manual bounds checks
* pgpPubkeyFingerprint(): simplify error detection
* pgpPrtSig(): properly check that the MPIs fit in the packet
* pgpPrtPubkeyParams(): avoid undefined pointer arithmetic
* pgpPrtPubkeyParams(): better checks for OID length
* Reject signatures of type 0xFF
* verifySignature(): package signatures must be PGPSIGTYPE_BINARY
* pgpGrab: assert if nbytes is too large
-- File Changes --
M lib/rpmvs.c (4)
M rpmio/rpmpgp.c (157)
M rpmio/rpmpgp.h (5)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/1677.patch
https://github.com/rpm-software-management/rpm/pull/1677.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1677
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210506/a1002b73/attachment.html>
More information about the Rpm-maint
mailing list