From 201e38372d8cd6259790c3364104cf25cdc37492 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 15 Jun 2021 11:46:06 +0300
Subject: [PATCH] Validate the buffer size when calculating PGP packet size

Check that the buffer can actually hold the computed number of bytes.

Initial patch by Demi Marie Obenour.
---
 rpmio/rpmpgp.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
index e9c1b9e30f..4a6e54fea8 100644
--- a/rpmio/rpmpgp.c
+++ b/rpmio/rpmpgp.c
@@ -314,6 +314,9 @@ size_t pgpLen(const uint8_t *s, size_t slen, size_t * lenp)
 	dlen = pgpGrab(s+1, 4);
     }
 
+    if (slen - lenlen < dlen)
+	lenlen = 0;
+
     if (lenlen)
 	*lenp = dlen;