diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-03-14 14:19:07 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-03-14 16:17:26 +0100 |
commit | f01de4c06369d5d2f1ddea71843915312515ceb6 (patch) | |
tree | 0e41f58df91de22e10ddf8d3635309e964e6cc0b | |
parent | aa7e617e4a6aee954d30651d7ba9e6b9c51e57c0 (diff) |
openpgp: Avoid a heap allocation during MPI parsing.
- Not only was the heap allocation superfluous, it also leaked
secrets into the heap.
-rw-r--r-- | openpgp/src/parse.rs | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index b465a395..64c5b531 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -2990,9 +2990,15 @@ impl MPI { first_used_bit, value[0], value[0])).into()); } - // Now consume the data. - php.parse_be_u16(name_len).expect("worked before"); - php.parse_bytes(name, bytes).expect("worked before"); + // Now consume the data. Note: we avoid using parse_bytes + // here because MPIs may contain secrets, and we don't want to + // casually leak them into the heap. Also, we avoid doing a + // heap allocation. + php.reader.consume(2 + bytes); + // Now fix the map. + php.field(name_len, 2); + php.field(name, bytes); + Ok(value.into()) } } |