28 lines
834 B
Diff
28 lines
834 B
Diff
From 1f03aba8b2881a5717af97065038fb056e02a2b3 Mon Sep 17 00:00:00 2001
|
|
From: Demi Marie Obenour <demi@invisiblethingslab.com>
|
|
Date: Thu, 3 Feb 2022 20:42:02 -0500
|
|
Subject: [PATCH] Check that the CRC length is correct
|
|
|
|
Also fix a memory leak in an error path.
|
|
---
|
|
rpmio/rpmpgp.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
|
|
index 015c15a..d1966d3 100644
|
|
--- a/rpmio/rpmpgp.c
|
|
+++ b/rpmio/rpmpgp.c
|
|
@@ -1444,7 +1444,8 @@ static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
|
|
|
|
crcdec = NULL;
|
|
crclen = 0;
|
|
- if (rpmBase64Decode(crcenc, (void **)&crcdec, &crclen) != 0) {
|
|
+ if (rpmBase64Decode(crcenc, (void **)&crcdec, &crclen) != 0 || crclen != 3) {
|
|
+ crcdec = _free(crcdec);
|
|
ec = PGPARMOR_ERR_CRC_DECODE;
|
|
goto exit;
|
|
}
|
|
--
|
|
1.8.3.1
|
|
|