summaryrefslogtreecommitdiffstats
path: root/g10/call-agent.h
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2014-12-12 10:41:25 +0100
committerWerner Koch <wk@gnupg.org>2014-12-12 10:41:25 +0100
commit193815030d20716d9a97850013ac3cc8749022c9 (patch)
tree647565d2a6b3753f4470a0d0c71c8491e7700431 /g10/call-agent.h
parentbuild: Replace deprecated autconf macro. (diff)
downloadgnupg2-193815030d20716d9a97850013ac3cc8749022c9.tar.xz
gnupg2-193815030d20716d9a97850013ac3cc8749022c9.zip
gpg: Fix possible read of unallocated memory
* g10/parse-packet.c (can_handle_critical): Check content length before calling can_handle_critical_notation. -- The problem was found by Jan Bee and gniibe proposed the used fix. Thanks. This bug can't be exploited: Only if the announced length of the notation is 21 or 32 a memcmp against fixed strings using that length would be done. The compared data is followed by the actual signature and thus it is highly likely that not even read of unallocated memory will happen. Nevertheless such a bug needs to be fixed. Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'g10/call-agent.h')
0 files changed, 0 insertions, 0 deletions