Given RFC 4880 provides the code to do this calculation, I am not sure
how I managed to stuff that up! This bug was only exposed when a
signature made with "include-key-block" was added to the Arch repos,
which provided a subpacket with the required size to hit this issue.
Signed-off-by: Allan McRae <al...@archlinux.org>
---
Also appropriate for 5.2.2
lib/libalpm/signing.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index c8eaaca2..422523b6 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -1058,7 +1058,7 @@ static int parse_subpacket(alpm_handle_t *handle, const
char *identifier,
if(length_check(len, spos, 2, handle,
identifier) != 0){
return -1;
}
- slen = (sig[spos] << 8) | sig[spos + 1];
+ slen = (((sig[spos] - 192) << 8) | sig[spos +
1]) + 192;
spos = spos + 2;
} else {
if(length_check(len, spos, 5, handle,
identifier) != 0) {
--
2.26.2
