Overview

File gnupg-CVE-2019-13050_4_of_5.patch of Package gpg2.30813

commit eec150eca78a053193a0994a96482791b5da36be
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Jul 9 11:07:35 2019 +0200

    gpg: Fix regression in option "self-sigs-only".
    
    * g10/import.c (read_block): Make sure KEYID is availabale also on a
    pending packet.
    --
    
    Reported-by: Phil Pennock
    Fixes-commit: 2e349bb6173789e0e9e42c32873d89c7bc36cea4
    Signed-off-by: Werner Koch <wk@gnupg.org>

Index: gnupg-2.0.24/g10/import.c
===================================================================
--- gnupg-2.0.24.orig/g10/import.c
+++ gnupg-2.0.24/g10/import.c
@@ -400,12 +400,17 @@ read_block( IOBUF a, unsigned int option
     KBNODE root = NULL;
     int in_cert;
     u32 keyid[2];
+    int got_keyid = 0;
     unsigned int dropped_nonselfsigs = 0;
 
     if( *pending_pkt ) {
 	root = new_kbnode( *pending_pkt );
 	*pending_pkt = NULL;
+	assert (root->pkt->pkttype == PKT_PUBLIC_KEY
+	        || root->pkt->pkttype == PKT_SECRET_KEY);
 	in_cert = 1;
+	keyid_from_pk (root->pkt->pkt.public_key, keyid);
+	got_keyid = 1;
     }
     else
 	in_cert = 0;
@@ -461,6 +466,7 @@ read_block( IOBUF a, unsigned int option
 	      goto x_default;
 	    if (!(options & IMPORT_SELF_SIGS_ONLY))
 	      goto x_default;
+	    assert (got_keyid);
 	    if (pkt->pkt.signature->keyid[0] == keyid[0]
 		&& pkt->pkt.signature->keyid[1] == keyid[1])
 	      { /* This is likely a self-signature.  We import this one.
@@ -483,13 +489,17 @@ read_block( IOBUF a, unsigned int option
 	    
 	  case PKT_PUBLIC_KEY:
 	  case PKT_SECRET_KEY:
+	    if (!got_keyid)
+	      {
+		keyid_from_pk (pkt->pkt.public_key, keyid);
+		got_keyid = 1;
+	      }
 	    if( in_cert ) { /* store this packet */
 		*pending_pkt = pkt;
 		pkt = NULL;
 		goto ready;
 	    }
 	    in_cert = 1;
-	    keyid_from_pk (pkt->pkt.public_key, keyid);
 	    goto x_default;
 
 	  default:
openSUSE Build Service is sponsored by
Places