diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2021-05-27 13:12:44 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-05-27 13:12:44 +0200 |
commit | ea825a6d1f3c4f7f5810b470cd499402e8152dcc (patch) | |
tree | e862d2504cd9357096c393f558554c65f0703e87 | |
parent | d55eb819346ab8a3f0f0224ba12e015649d70a99 (diff) |
openpgp: Fix crash.
- If a signature using an unknown hash algorithm is encountered with
a attested certifications subpacket of length zero, digest_size is
zero. This crashes when used as divisor and as argument to
slice::chunks.
- Fix by explicitly handling this case.
- See https://gitlab.com/sequoia-pgp/sequoia/-/jobs/1298146054
-rw-r--r-- | openpgp/src/parse.rs | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index ada5f7e8..bc129281 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -1773,14 +1773,20 @@ impl Subpacket { hash_algo.context().map(|c| c.digest_size()) .unwrap_or(len); - if len % digest_size != 0 { - return Err(Error::BadSignature( - "Wrong number of bytes in certification subpacket".into()) - .into()); + if digest_size == 0 { + // Empty body with unknown hash algorithm. + SubpacketValue::AttestedCertifications( + Vec::with_capacity(0)) + } else { + if len % digest_size != 0 { + return Err(Error::BadSignature( + "Wrong number of bytes in certification subpacket" + .into()).into()); + } + let bytes = php.parse_bytes("attested crts", len)?; + SubpacketValue::AttestedCertifications( + bytes.chunks(digest_size).map(Into::into).collect()) } - let bytes = php.parse_bytes("attested crts", len)?; - SubpacketValue::AttestedCertifications( - bytes.chunks(digest_size).map(Into::into).collect()) }, SubpacketTag::Reserved(_) | SubpacketTag::PlaceholderForBackwardCompatibility |