diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2017-06-10 20:06:41 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2017-06-10 20:06:41 +0700 |
commit | 90076c81bd0110c75678fe3c4c958dcec5d3daba (patch) | |
tree | 9dee8e73b79f5b708b829db5e24a9886393f1db6 | |
parent | Update GCMBlockCipher from Java API (diff) | |
download | BouncyCastle.NET-ed25519-90076c81bd0110c75678fe3c4c958dcec5d3daba.tar.xz |
Stop decoding exceptions escaping from GetDecoderStream
-rw-r--r-- | crypto/src/openpgp/PgpUtilities.cs | 81 | ||||
-rw-r--r-- | crypto/test/src/openpgp/test/PGPArmoredTest.cs | 17 |
2 files changed, 63 insertions, 35 deletions
diff --git a/crypto/src/openpgp/PgpUtilities.cs b/crypto/src/openpgp/PgpUtilities.cs index 055f99636..7d96dee8d 100644 --- a/crypto/src/openpgp/PgpUtilities.cs +++ b/crypto/src/openpgp/PgpUtilities.cs @@ -417,7 +417,20 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp return inputStream; } - else + + if (!IsPossiblyBase64(ch)) + { + inputStream.Position = markedPos; + + return new ArmoredInputStream(inputStream); + } + + byte[] buf = new byte[ReadAhead]; + int count = 1; + int index = 1; + + buf[0] = (byte)ch; + while (count != ReadAhead && (ch = inputStream.ReadByte()) >= 0) { if (!IsPossiblyBase64(ch)) { @@ -426,51 +439,49 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp return new ArmoredInputStream(inputStream); } - byte[] buf = new byte[ReadAhead]; - int count = 1; - int index = 1; - - buf[0] = (byte)ch; - while (count != ReadAhead && (ch = inputStream.ReadByte()) >= 0) + if (ch != '\n' && ch != '\r') { - if (!IsPossiblyBase64(ch)) - { - inputStream.Position = markedPos; + buf[index++] = (byte)ch; + } - return new ArmoredInputStream(inputStream); - } + count++; + } - if (ch != '\n' && ch != '\r') - { - buf[index++] = (byte)ch; - } + inputStream.Position = markedPos; - count++; - } + // + // nothing but new lines, little else, assume regular armoring + // + if (count < 4) + { + return new ArmoredInputStream(inputStream); + } - inputStream.Position = markedPos; + // + // test our non-blank data + // + byte[] firstBlock = new byte[8]; - // - // nothing but new lines, little else, assume regular armoring - // - if (count < 4) - { - return new ArmoredInputStream(inputStream); - } + Array.Copy(buf, 0, firstBlock, 0, firstBlock.Length); - // - // test our non-blank data - // - byte[] firstBlock = new byte[8]; - Array.Copy(buf, 0, firstBlock, 0, firstBlock.Length); - byte[] decoded = Base64.Decode(firstBlock); + try + { + byte[] decoded = Base64.Decode(firstBlock); - // + // // it's a base64 PGP block. // - bool hasHeaders = (decoded[0] & 0x80) == 0; + bool hasHeaders = (decoded[0] & 0x80) == 0; - return new ArmoredInputStream(inputStream, hasHeaders); + return new ArmoredInputStream(inputStream, hasHeaders); + } + catch (IOException e) + { + throw e; + } + catch (Exception e) + { + throw new IOException(e.Message); } } diff --git a/crypto/test/src/openpgp/test/PGPArmoredTest.cs b/crypto/test/src/openpgp/test/PGPArmoredTest.cs index aa13477ed..e48827a35 100644 --- a/crypto/test/src/openpgp/test/PGPArmoredTest.cs +++ b/crypto/test/src/openpgp/test/PGPArmoredTest.cs @@ -87,6 +87,22 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests return matches; } + private void pgpUtilTest() + { + // check decoder exception isn't escaping. + MemoryStream bIn = new MemoryStream(Strings.ToByteArray("abcde"), false); + + try + { + PgpUtilities.GetDecoderStream(bIn); + Fail("no exception"); + } + catch (IOException) + { + // expected: ignore. + } + } + private void blankLineTest() { byte[] blankLineBytes = Encoding.ASCII.GetBytes(blankLineData); @@ -241,6 +257,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests } blankLineTest(); + pgpUtilTest(); } public override string Name |