Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2020-05-20 14:17:11 +1000
committerAllan McRae <allan@archlinux.org>2020-06-01 10:59:08 +1000
commit5f6ef895b1dac04c7fb1b63acab2d42c19f91922 (patch)
tree8396813a300f02df7f41a66c0b88d523dac6dc40
parent23b50d60e34e324cf6f420c05293f7fa8a909623 (diff)
libalpm/signing.c: Fix calculation of packet size in parse_subpacket
Given RFC 4880 provides the code to do this calculation, I am not sure how I managed to stuff that up! This bug was only exposed when a signature made with "include-key-block" was added to the Arch repos, which provided a subpacket with the required size to hit this issue. Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat
-rw-r--r--lib/libalpm/signing.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index c8eaaca2..2cbbd103 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -1058,7 +1058,7 @@ static int parse_subpacket(alpm_handle_t *handle, const char *identifier,
if(length_check(len, spos, 2, handle, identifier) != 0){
return -1;
}
- slen = (sig[spos] << 8) | sig[spos + 1];
+ slen = ((sig[spos] - 192) << 8) + sig[spos + 1] + 192;
spos = spos + 2;
} else {
if(length_check(len, spos, 5, handle, identifier) != 0) {

Copyright © 2002-2022 Judd Vinet and Aaron Griffin. Copyright © 2022 Erich Eckner.
The Arch Linux name and logo are recognized trademarks. Some rights reserved. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.