From f6ffaacbbf7f5aca45139a612c5dd8db3f2094dc Mon Sep 17 00:00:00 2001

From: Michal Domonkos <mdomonko@redhat.com>

Date: Mon, 5 Aug 2024 14:40:57 +0200

Subject: [PATCH] Skip to hashed subpacket data directly

Let OpenScanHub grok the bigger picture instead of producing a spurious

overrun warning for v->hashlen when we're dereferencing p later.

Casting the v pointer back to uint8_t is unnecessary when we could just

use h directly but it's done this way in the if branch for pgp version 3

in this function as well as in pgpPrtKey() so copy that, just for the

sake of consistency.

Along the same lines (consistency), change the p pointer to a const

pointer.

No functional change.

Resolves: RHEL-22607

---

 rpmio/rpmpgp.c | 5 ++---

 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c

index d0688ebe9..6f044eb1b 100644

--- a/rpmio/rpmpgp.c

+++ b/rpmio/rpmpgp.c

@@ -565,7 +565,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,

 		     pgpDigParams _digp)

 {

     uint8_t version = 0;

-    uint8_t * p;

+    const uint8_t * p;

     unsigned int plen;

     int rc = 1;

@@ -618,10 +618,9 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,

 	pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);

 	pgpPrtNL();

-	p = &v->hashlen[0];

 	if (pgpGet(v->hashlen, sizeof(v->hashlen), h + hlen, &plen))

 	    return 1;

-	p += sizeof(v->hashlen);

+	p = ((uint8_t *)v) + sizeof(*v);

 	if ((p + plen) > (h + hlen))

 	    return 1;

-- 

2.46.0