x/crypto/openpgp: ReadMessage(): Panic on invalid input in packet.nextSubpacket() (slice bounds out of range) (original) (raw)

The following program panics:

package main

import ( "bytes" "encoding/hex" "io" "log" "os"

"golang.org/x/crypto/openpgp"

)

// An empty Keyring type emptyKR struct { }

func (kr emptyKR) KeysById(id uint64) []openpgp.Key { return nil }

func (kr emptyKR) DecryptionKeys() []openpgp.Key { return nil }

func (kr emptyKR) KeysByIdUsage(uint64, byte) []openpgp.Key { return nil }

var data = "8c040402000aa430aa8228b9248b01fc899a91197130303030"

func main() { buf, err := hex.DecodeString(data) if err != nil { log.Fatalln(err) }

md, err := openpgp.ReadMessage(bytes.NewBuffer(buf), emptyKR{},
    func([]openpgp.Key, bool) ([]byte, error) {
        return []byte("insecure"), nil
    }, nil)

if err != nil {
    log.Fatalln(err)
}

_, err = io.Copy(os.Stdout, md.UnverifiedBody)
if err != nil {
    log.Fatalln(err)
}

if md.SignatureError != nil {
    log.Fatalln("integrity check failed")
}

}

with the trace:

panic: runtime error: slice bounds out of range

goroutine 1 [running]:
golang.org/x/crypto/openpgp/packet.nextSubpacket(0xc208068001, 0x4, 0x5ff, 0x2, 0xc2080202c0, 0x0, 0x0)
    /home/marebri/devel/go/src/golang.org/x/crypto/openpgp/packet/opaque.go:145 +0x1ff
golang.org/x/crypto/openpgp/packet.OpaqueSubpackets(0xc208068000, 0x5, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0)
    /home/marebri/devel/go/src/golang.org/x/crypto/openpgp/packet/opaque.go:98 +0x93
golang.org/x/crypto/openpgp/packet.(*UserAttribute).parse(0xc2080202a0, 0x7eff58289bc0, 0xc208020280, 0x0, 0x0)
    /home/marebri/devel/go/src/golang.org/x/crypto/openpgp/packet/userattribute.go:63 +0xa6
golang.org/x/crypto/openpgp/packet.Read(0x7eff58289d38, 0xc20800a4b0, 0x7eff58289d60, 0xc2080202a0, 0x0, 0x0)
    /home/marebri/devel/go/src/golang.org/x/crypto/openpgp/packet/packet.go:375 +0x152
golang.org/x/crypto/openpgp/packet.(*Reader).Next(0xc20803c480, 0x0, 0x0, 0x0, 0x0)
    /home/marebri/devel/go/src/golang.org/x/crypto/openpgp/packet/reader.go:37 +0x10c
golang.org/x/crypto/openpgp.readSignedMessage(0xc20803c480, 0xc208060000, 0x7eff58289b88, 0x68c0a8, 0xc208060000, 0x0, 0x0)
    /home/marebri/devel/go/src/golang.org/x/crypto/openpgp/read.go:234 +0xc4
golang.org/x/crypto/openpgp.ReadMessage(0x7eff58289b60, 0xc2080120e0, 0x7eff58289b88, 0x68c0a8, 0x5f08c0, 0x0, 0xc208060000, 0x0, 0x0)
    /home/marebri/devel/go/src/golang.org/x/crypto/openpgp/read.go:217 +0xd90
main.main()
    /home/marebri/devel/lab/go/crypto/openpgp/issues/075301e76/main.go:40 +0x285

goroutine 2 [runnable]:
runtime.forcegchelper()
    /opt/go/src/runtime/proc.go:90
runtime.goexit()
    /opt/go/src/runtime/asm_amd64.s:2232 +0x1

goroutine 3 [runnable]:
runtime.bgsweep()
    /opt/go/src/runtime/mgc0.go:82
runtime.goexit()
    /opt/go/src/runtime/asm_amd64.s:2232 +0x1

goroutine 4 [runnable]:
runtime.runfinq()
    /opt/go/src/runtime/malloc.go:712
runtime.goexit()
    /opt/go/src/runtime/asm_amd64.s:2232 +0x1

Found using gofuzz. You may assign this issue to me.