]> git.ipfire.org Git - thirdparty/libsolv.git/commitdiff
projects / thirdparty / libsolv.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e2ff280)
Check subpackage length when parsing pubkeys
authorMichael Schroeder <mls@suse.de>
Tue, 13 Sep 2022 13:22:52 +0000 (15:22 +0200)
committerMichael Schroeder <mls@suse.de>
Thu, 15 Sep 2022 13:20:52 +0000 (15:20 +0200)
ext/repo_pubkey.c patch | blob | blame | history

diff --git a/ext/repo_pubkey.c b/ext/repo_pubkey.c
index a965a652d4305d85d17a44f3a34ec345d8cff63d..fdcb9ea42799790d753ce61e47b4a071ea4a4eb7 100644 (file)
--- a/ext/repo_pubkey.c
+++ b/ext/repo_pubkey.c
@@ -458,11 +458,11 @@ pgpsig_init(struct pgpsig *sig, unsigned char *p, int l)
                  sig->haveissuer = 1;
                  memcpy(sig->issuer, q + 1, 8);
                }
-             if (x == 2 && j == 0)
+             if (x == 2 && sl == 5 && j == 0)
                sig->created = q[1] << 24 | q[2] << 16 | q[3] << 8 | q[4];
-             if (x == 3 && j == 0)
+             if (x == 3 && sl == 5 && j == 0)
                sig->expires = q[1] << 24 | q[2] << 16 | q[3] << 8 | q[4];
-             if (x == 9 && j == 0)
+             if (x == 9 && sl == 5 && j == 0)
                sig->keyexpires = q[1] << 24 | q[2] << 16 | q[3] << 8 | q[4];
              q += sl;
              ql -= sl;
Mirror of https://github.com/openSUSE/libsolv.git