openpgp: Fix PacketParser to return the packet preceding any junk.

  - If the `PacketParser` encounters junk (i.e., corruption) and is
    able to find a valid packet within `RECOVERY_THRESHOLD` bytes of the
    end of the last valid packet, it recovers by converting the junk to
    an `Unknown` packet, and continuing to parse.

  - Extend this recovery mechanism to junk at the end of the file.  If
    the `PacketParser` encounters up to `RECOVERY_THRESHOLD` bytes of
    junk at the end of the file, convert that data into an `Unknown`
    packet instead of immediately returning an error.

  - By returning an `Unknown` packet instead of an error, we also
    return the last buffered packet, which was otherwise lost.

  - When converting `RECOVERY_THRESHOLD` bytes of junk into an
    `Unknown` packet, queue an error (in `PacketParserState`) so that
    the next call to `PacketParser::next` will not continue trying to
    parse the input, but return an unrecoverable error.

  - Fixes #967.

1 files changed, 2 insertions, 3 deletions

diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs
index cd9818c9..25ff0311 100644
--- a/openpgp/src/parse/stream.rs
+++ b/openpgp/src/parse/stream.rs
@@ -2639,14 +2639,13 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
                         }
                     }
 
-                    if let Err(err) = possible_message {
+                    if let Err(_err) = possible_message {
                         if self.processing_csf_message.expect("set by now") {
                             // CSF transformation creates slightly out
                             // of spec message structure.  See above
                             // for longer explanation.
                         } else {
-                            return Err(err.context(
-                                "Malformed OpenPGP message"));
+                            return Err(Error::ManipulatedMessage.into());
                         }
                     }