diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2022-12-05 17:24:55 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2023-05-12 10:29:31 +0200 |
| commit | b9badbdd2e9bd996fa6afd8187ffe8653bdaf294 (patch) | |
| tree | 2049c68ed08f317aa115ce7dcbe73a0aa6551f5e /openpgp/src/parse.rs | |
| parent | f6307652fb2cbf4e0fbd3f897b1ec70863fcfa61 (diff) | |
openpgp: Fix crash in the packet parser.
- The packet parser hashes packet bodies to provide a robust
equality relation even when packet bodies are streamed. To hash
all bytes on the fly everywhere, we do that when it is consumed in
PacketParser::consume.
- This function assumes that if BufferedReader::data and friends
returned n bytes, future calls to these interfaces will succeed if
up to n bytes are requested, and no data was consumed in the
meantime.
- However, armor::Reader::data_helper did not provide that
guarantee, making PacketParser::consume panic with the message "It
is an error to consume more than data returns", which doesn't
quite correctly name the problem at hand.
- Fix this crash by fixing armor::Reader::data_helper in the same
way the previous commit fixes
buffered_reader::Generic::data_helper.
- Fixes #957.
Diffstat (limited to 'openpgp/src/parse.rs')
| -rw-r--r-- | openpgp/src/parse.rs | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index d414cbe4..2dc9fad5 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -6491,4 +6491,15 @@ zXvj -----END PGP SIGNATURE----- "); } + + /// Tests issue 957. + #[test] + fn panic_on_malformed_armor() { + parse_message("-----BEGIN PGP MESSAGE----- + +heLBX8Pq0kUBwQz2iFAzRwOdgTBvH5KsDU9lmE + +-----END PGP MESSAGE----- +"); + } } |