diff options
Diffstat (limited to '')
-rw-r--r-- | crypto/src/bcpg/ECPublicBCPGKey.cs | 6 | ||||
-rw-r--r-- | crypto/src/bcpg/SignatureSubpacketsReader.cs | 3 |
2 files changed, 6 insertions, 3 deletions
diff --git a/crypto/src/bcpg/ECPublicBCPGKey.cs b/crypto/src/bcpg/ECPublicBCPGKey.cs index c473139e7..df19caac3 100644 --- a/crypto/src/bcpg/ECPublicBCPGKey.cs +++ b/crypto/src/bcpg/ECPublicBCPGKey.cs @@ -81,10 +81,10 @@ namespace Org.BouncyCastle.Bcpg BcpgInputStream bcpgIn) { int length = bcpgIn.ReadByte(); + if (length < 0) + throw new EndOfStreamException(); if (length == 0 || length == 0xFF) - { - throw new IOException("future extensions not yet implemented."); - } + throw new IOException("future extensions not yet implemented"); byte[] buffer = new byte[length + 2]; bcpgIn.ReadFully(buffer, 2, buffer.Length - 2); diff --git a/crypto/src/bcpg/SignatureSubpacketsReader.cs b/crypto/src/bcpg/SignatureSubpacketsReader.cs index 80bedb07c..45dc96885 100644 --- a/crypto/src/bcpg/SignatureSubpacketsReader.cs +++ b/crypto/src/bcpg/SignatureSubpacketsReader.cs @@ -52,6 +52,9 @@ namespace Org.BouncyCastle.Bcpg if (tag < 0) throw new EndOfStreamException("unexpected EOF reading signature sub packet"); + if (bodyLen <= 0) + throw new EndOfStreamException("out of range data found in signature sub packet"); + byte[] data = new byte[bodyLen - 1]; // |