gpg: Allow for longer signature subpackets.

* g10/parse-packet.c (parse_signature): Increase the cap for hashed
subpackets to 30000.  Print the value in the error message.  Do not
return an error but skip a too long signature.
--

The limit of 10000 served us well for decades but given the option to
put a key into the signature, a larger limit will eventually be
useful.  The second part makes things a bit robust against rogue
subpackets on a keyserver.

1 files changed, 8 insertions, 7 deletions

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index a16f70fea..ac784b7fb 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2281,12 +2281,12 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
       pktlen -= 2;  /* Length of hashed data. */
       if (pktlen < n)
 	goto underflow;
-      if (n > 10000)
+      if (n > 30000)
 	{
-	  log_error ("signature packet: hashed data too long\n");
+	  log_error ("signature packet: hashed data too long (%u)\n", n);
           if (list_mode)
-            es_fputs (":signature packet: [hashed data too long]\n", listfp);
-	  rc = GPG_ERR_INV_PACKET;
+            es_fprintf (listfp,
+                        ":signature packet: [hashed data too long (%u)]\n", n);
 	  goto leave;
 	}
       if (n)
@@ -2313,10 +2313,11 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
 	goto underflow;
       if (n > 10000)
 	{
-	  log_error ("signature packet: unhashed data too long\n");
+	  log_error ("signature packet: unhashed data too long (%u)\n", n);
           if (list_mode)
-            es_fputs (":signature packet: [unhashed data too long]\n", listfp);
-	  rc = GPG_ERR_INV_PACKET;
+            es_fprintf (listfp,
+                        ":signature packet: [unhashed data too long (%u)]\n",
+                        n);
 	  goto leave;
 	}
       if (n)