aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch')
-rw-r--r--recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch64
1 files changed, 64 insertions, 0 deletions
diff --git a/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch b/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch
new file mode 100644
index 0000000..3627176
--- /dev/null
+++ b/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch
@@ -0,0 +1,64 @@
+commit f0b33b6fb8e0586e9584a7a409dcc31263776a67
+Author: Werner Koch <wk@gnupg.org>
+Date: Thu Dec 20 09:43:41 2012 +0100
+
+ gpg: Import only packets which are allowed in a keyblock.
+
+ * g10/import.c (valid_keyblock_packet): New.
+ (read_block): Store only valid packets.
+ --
+
+ A corrupted key, which for example included a mangled public key
+ encrypted packet, used to corrupt the keyring. This change skips all
+ packets which are not allowed in a keyblock.
+
+ GnuPG-bug-id: 1455
+
+ (cherry-picked from commit f795a0d59e197455f8723c300eebf59e09853efa)
+
+Upstream-Status: Backport
+CVE: CVE-2012-6085
+
+Signed-off-by: Saul Wold <sgw@linux.intel.com>
+
+diff --git a/g10/import.c b/g10/import.c
+index bfe02eb..a57b32e 100644
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -384,6 +384,27 @@ import_print_stats (void *hd)
+ }
+
+
++/* Return true if PKTTYPE is valid in a keyblock. */
++static int
++valid_keyblock_packet (int pkttype)
++{
++ switch (pkttype)
++ {
++ case PKT_PUBLIC_KEY:
++ case PKT_PUBLIC_SUBKEY:
++ case PKT_SECRET_KEY:
++ case PKT_SECRET_SUBKEY:
++ case PKT_SIGNATURE:
++ case PKT_USER_ID:
++ case PKT_ATTRIBUTE:
++ case PKT_RING_TRUST:
++ return 1;
++ default:
++ return 0;
++ }
++}
++
++
+ /****************
+ * Read the next keyblock from stream A.
+ * PENDING_PKT should be initialzed to NULL
+@@ -461,7 +482,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
+ }
+ in_cert = 1;
+ default:
+- if( in_cert ) {
++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
+ if( !root )
+ root = new_kbnode( pkt );
+ else