KEYS: Add safe guard against faulty PGP key
hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I5H4FC CVE: NA -------------------------------- Under normal condition, when there is a user id packet, there will always be a public key packet in the front, meaning ctx.fingerprint will never be NULL. However, if a malicious or faulty PGP key is provided with only user id packet but not public key packet, a read out-of-bound will be triggered during the generation of key description. To make things worse, a NULL pointer deference could be triggered in pgp_key_generate_id(). This patch adds a safe guard which prevents parsing the key further if no public key packet is provided. Fixes: a98cb7a4 ("KEYS: Provide PGP key description autogeneration") Signed-off-by:GUO Zihua <guozihua@huawei.com> Reviewed-by:
Loading
Please sign in to comment