openpgp: Avoid a heap allocation during MPI parsing.

- Not only was the heap allocation superfluous, it also leaked secrets into the heap.
author: Justus Winter <justus@sequoia-pgp.org> 2023-03-14 14:19:07 +0100
committer: Justus Winter <justus@sequoia-pgp.org> 2023-03-14 16:17:26 +0100
commit: f01de4c06369d5d2f1ddea71843915312515ceb6 (patch)
tree: 0e41f58df91de22e10ddf8d3635309e964e6cc0b
parent: aa7e617e4a6aee954d30651d7ba9e6b9c51e57c0 (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs
index b465a395..64c5b531 100644
--- a/openpgp/src/parse.rs
+++ b/openpgp/src/parse.rs
@@ -2990,9 +2990,15 @@ impl MPI {
                              first_used_bit, value[0], value[0])).into());
         }
 
-        // Now consume the data.
-        php.parse_be_u16(name_len).expect("worked before");
-        php.parse_bytes(name, bytes).expect("worked before");
+        // Now consume the data.  Note: we avoid using parse_bytes
+        // here because MPIs may contain secrets, and we don't want to
+        // casually leak them into the heap.  Also, we avoid doing a
+        // heap allocation.
+        php.reader.consume(2 + bytes);
+        // Now fix the map.
+        php.field(name_len, 2);
+        php.field(name, bytes);
+
         Ok(value.into())
     }
 }
author	Justus Winter <justus@sequoia-pgp.org>	2023-03-14 14:19:07 +0100
committer	Justus Winter <justus@sequoia-pgp.org>	2023-03-14 16:17:26 +0100
commit	f01de4c06369d5d2f1ddea71843915312515ceb6 (patch)
tree	0e41f58df91de22e10ddf8d3635309e964e6cc0b
parent	aa7e617e4a6aee954d30651d7ba9e6b9c51e57c0 (diff)