summary refs log tree commit diff
path: root/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--crypto/src/openpgp/PgpPublicKeyEncryptedData.cs9
1 files changed, 7 insertions, 2 deletions
diff --git a/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs b/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs
index c2a351182..78d4d575c 100644
--- a/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs
+++ b/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs
@@ -197,12 +197,17 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
                 byte[] enc = secKeyData[0];
 
                 int pLen = ((((enc[0] & 0xff) << 8) + (enc[1] & 0xff)) + 7) / 8;
-                byte[] pEnc = new byte[pLen];
+                if ((2 + pLen + 1) > enc.Length) 
+                    throw new PgpException("encoded length out of range");
 
+                byte[] pEnc = new byte[pLen];
                 Array.Copy(enc, 2, pEnc, 0, pLen);
 
-                byte[] keyEnc = new byte[enc[pLen + 2]];
+                int keyLen = enc[pLen + 2];
+                if ((2 + pLen + 1 + keyLen) > enc.length)
+                    throw new PgpException("encoded length out of range");
 
+                byte[] keyEnc = new byte[keyLen];
                 Array.Copy(enc, 2 + pLen + 1, keyEnc, 0, keyEnc.Length);
 
                 ECPoint publicPoint = x9Params.Curve.DecodePoint(pEnc);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-20 09:56:12 +0000