fix undefined shift in block_filter()
This commit is contained in:
wangchen2020
parent
fd38ee0c48
commit
0248e99965
52
common-Avoid-undefined-behavior-of-left-shift-operat.patch
Normal file
52
common-Avoid-undefined-behavior-of-left-shift-operat.patch
Normal file
@ -0,0 +1,52 @@
|
||||
From 8abf065307ff4a7ea873fe59f76173bf17dac241 Mon Sep 17 00:00:00 2001
|
||||
From: NIIBE Yutaka <gniibe@fsij.org>
|
||||
Date: Thu, 16 Jul 2020 11:00:45 +0900
|
||||
Subject: [PATCH] common: Avoid undefined behavior of left shift operator.
|
||||
|
||||
* common/iobuf.c (block_filter): Handle an error earlier.
|
||||
Make sure it's unsigned.
|
||||
|
||||
--
|
||||
|
||||
GnuPG-bug-id: 4975
|
||||
Suggested-by: lutianxiong <lutianxiong@huawei.com>
|
||||
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
||||
---
|
||||
common/iobuf.c | 16 +++++++++++-----
|
||||
1 file changed, 11 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/common/iobuf.c b/common/iobuf.c
|
||||
index 43f2e10..a00ee0b 100644
|
||||
--- a/common/iobuf.c
|
||||
+++ b/common/iobuf.c
|
||||
@@ -909,16 +909,22 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
|
||||
}
|
||||
else if (c == 255)
|
||||
{
|
||||
- a->size = iobuf_get_noeof (chain) << 24;
|
||||
- a->size |= iobuf_get_noeof (chain) << 16;
|
||||
- a->size |= iobuf_get_noeof (chain) << 8;
|
||||
- if ((c = iobuf_get (chain)) == -1)
|
||||
+ size_t len = 0;
|
||||
+ int i;
|
||||
+
|
||||
+ for (i = 0; i < 4; i++)
|
||||
+ if ((c = iobuf_get (chain)) == -1)
|
||||
+ break;
|
||||
+ else
|
||||
+ len = ((len << 8) | c);
|
||||
+
|
||||
+ if (i < 4)
|
||||
{
|
||||
log_error ("block_filter: invalid 4 byte length\n");
|
||||
rc = GPG_ERR_BAD_DATA;
|
||||
break;
|
||||
}
|
||||
- a->size |= c;
|
||||
+ a->size = len;
|
||||
a->partial = 2;
|
||||
if (!a->size)
|
||||
{
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: gnupg2
|
||||
Version: 2.2.17
|
||||
Release: 7
|
||||
Release: 8
|
||||
Summary: Utility for secure communication and data storage
|
||||
|
||||
License: GPLv3+
|
||||
@ -11,6 +11,7 @@ Patch0: fix-CVE-2019-14855-0-Ignore-all-SHA-1-3rd-party-key-sig.patch
|
||||
Patch1: fix-CVE-2019-14855-1-Add-option-allow-weak-key-signatures.patch
|
||||
Patch2: fix-CVE-2019-14855-2-Forbid-creation-of-SHA-1-3rd-party-key-sig.patch
|
||||
Patch3: fix-a-memory-leak-in-g10.patch
|
||||
Patch4: common-Avoid-undefined-behavior-of-left-shift-operat.patch
|
||||
|
||||
BuildRequires: zlib-devel, npth-devel, gdb, texinfo
|
||||
BuildRequires: libgpg-error-devel >= 1.31
|
||||
@ -105,6 +106,9 @@ make check
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Aug 3 2020 wangchen <wangchen137@huawei.com> - 2.2.17-8
|
||||
- fix undefined shift in block_filter()
|
||||
|
||||
* Wed Jun 3 2020 Anakin Zhang <nbztx@126.com> - 2.2.17-7
|
||||
- fix a memory leak in g10
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user