diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-04-24 15:58:10 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-04-24 16:53:47 +0200 |
commit | 4517d67f0a7d0c3722fa6ba2197098dff7e3b026 (patch) | |
tree | 6e3402d5471059eda7b88f73d4dd8d2362d2e6b4 /openpgp/src | |
parent | 49601752b3bf5315db1edb8426381767325613d9 (diff) |
openpgp: Fix roundtripping of packets with unknown MPIs.
- MPI::parse() is used to parse MPIs from unknown algorithms, which
may use an encoding unknown to us. Therefore, we need to be extra
careful only to consume the data once we found a well-formed MPI.
Diffstat (limited to 'openpgp/src')
-rw-r--r-- | openpgp/src/parse/parse.rs | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/openpgp/src/parse/parse.rs b/openpgp/src/parse/parse.rs index f957254b..93e52f39 100644 --- a/openpgp/src/parse/parse.rs +++ b/openpgp/src/parse/parse.rs @@ -2214,13 +2214,25 @@ impl MPI { fn parse<'a>(name_len: &'static str, name: &'static str, php: &mut PacketHeaderParser<'a>) -> Result<Self> { - let bits = php.parse_be_u16(name_len)? as usize; + // This function is used to parse MPIs from unknown + // algorithms, which may use an encoding unknown to us. + // Therefore, we need to be extra careful only to consume the + // data once we found a well-formed MPI. + let bits = { + let buf = php.reader.data_hard(2)?; + u16::from_be_bytes([buf[0], buf[1]]) as usize + }; if bits == 0 { + // Now consume the data. + php.parse_be_u16(name_len).expect("worked before"); return Ok(MPI{ bits: 0, value: vec![].into_boxed_slice()}); } let bytes = (bits + 7) / 8; - let value = Vec::from(&php.parse_bytes(name, bytes)?[..bytes]); + let value = { + let buf = php.reader.data_hard(2 + bytes)?; + Vec::from(&buf[2..2 + bytes]) + }; let unused_bits = bytes * 8 - bits; assert_eq!(bytes * 8 - unused_bits, bits); @@ -2245,6 +2257,9 @@ impl MPI { first_used_bit, value[0], value[0])).into()); } + // Now consume the data. + php.parse_be_u16(name_len).expect("worked before"); + php.parse_bytes(name, bytes).expect("worked before"); Ok(MPI{ bits: bits, value: value.into_boxed_slice() |