diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-01-19 15:22:08 +0100 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2023-05-16 14:01:39 +0200 |
commit | 93b16c32e50b69962fef23803428670363cb36de (patch) | |
tree | b99b60833d59362e7e2c645355e4b825482d3b73 | |
parent | ce6b99114decda78e68b5524d44b3f843b788fd0 (diff) |
openpgp: Fix a crash in the Cleartext Signature Framework.
- Fixes #977.
-rw-r--r-- | openpgp/src/parse/hashed_reader.rs | 8 | ||||
-rw-r--r-- | openpgp/src/parse/stream.rs | 18 |
2 files changed, 24 insertions, 2 deletions
diff --git a/openpgp/src/parse/hashed_reader.rs b/openpgp/src/parse/hashed_reader.rs index 4db0a0ee..702da881 100644 --- a/openpgp/src/parse/hashed_reader.rs +++ b/openpgp/src/parse/hashed_reader.rs @@ -159,8 +159,12 @@ impl Cookie { let ngroups = self.sig_groups.len(); assert_eq!(self.hashes_for, HashesFor::CleartextSignature); - // There is exactly one group. - assert_eq!(ngroups, 1); + // There is exactly one group. However, this can momentarily + // be violated if there are One-Pass-Signature packets in the + // signature block. This doesn't last long though: the + // message parser will reject the message because it doesn't + // adhere to the grammar. + assert!(ngroups == 1 || ngroups == /* momentarily */ 2); tracer!(TRACE, "Cookie::hash_update_csf", level); t!("Cleartext Signature Framework message"); diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index 5d719fe2..e67c41c1 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -3459,4 +3459,22 @@ wgoEAAAAAAB6CkAAxADLBq8AAKurq8IKBCC/CAAAAAD0sA== .with_policy(&p, None, h); Ok(()) } + + /// Checks for a crash related to HashedReader's assumptions about + /// the number of signature groups. + #[test] + fn csf_sig_group_count_assertion_failure() -> Result<()> { + let p = P::new(); + let m = b"-----BEGIN PGP SIGNED MESSAGE----- +-----BEGIN PGP SIGNATURE----- +xHUDBRY0WIQ+50WENDPP"; + + let mut h = VHelper::new(0, 0, 0, 0, vec![ + Cert::from_bytes(crate::tests::key("testy.pgp"))?, + ]); + h.error_out = false; + let _ = VerifierBuilder::from_bytes(&m[..])? + .with_policy(&p, None, h); + Ok(()) + } } |