Re: [Sks-devel] another bounds problem in SKS

[David Shaw]

On Thu, Sep 30, 2004 at 12:02:43PM +0100, Matthew Wilcox wrote:
> On Wed, Sep 29, 2004 at 10:58:00PM -0400, David Shaw wrote:
> > Packets that need to have this sanity checking are the public key
> > packets, public subkey packets, and signatures.  Basically, anything
> > with MPIs in it.
> 
> Is this the same problem?
> 
>  :signature packet: algo 17, keyid A19A031BBF39BA3D
>         version 4, created 1090858419, md5len 0, sigclass 10
> -       digest algo 2, gpg: buffer shorter than attribute subpacket
> -begin of digest 73 51
> +       digest algo 2, begin of digest 73 51
>         hashed subpkt 2 len 4 (sig created 2004-07-26)
>         subpkt 16 len 8 (issuer key ID A19A031BBF39BA3D)
>         data: [160 bits]
> 
> (this is a diff -u of the output of gpg -vv --recv-keys BCE09436; the -
> from an SKS server, the + from keyserver.kjsl.com)

No, that looks like something else.  The diff is a little mangled,
since you have an error output from another packet in the middle of
the signature packet output.

The problem is similar in the details though: it's a type of packet
that has enclosures with their own length fields, and the internal
length fields point beyond the length of the enclosing packet.  GnuPG
ignores attribute packets with this problem (or for that matter,
signatures with this problem, as it can happen with signature
subpackets as well).

If you check, there are two attribute IDs on that key.  The first is
invalid, so GnuPG ignores it, but the second one is valid.

David