From b64db88c25d3773d66bc2d59c6b1f1257c9fe9b2 Mon Sep 17 00:00:00 2001
From: Landon Fuller <landonf@opendarwin.org>
Date: Sun, 29 Apr 2007 18:56:47 +0000
Subject: [PATCH] Fix handling of unexpected stream data, preventing the
 leaking of session context.

git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/trunk@4662 91ce42f0-d328-0410-95d8-f526ca767f89
---
 bacula/src/filed/restore.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/bacula/src/filed/restore.c b/bacula/src/filed/restore.c
index 08b678cf6e..8c5a8ac6d7 100644
--- a/bacula/src/filed/restore.c
+++ b/bacula/src/filed/restore.c
@@ -396,6 +396,14 @@ void do_restore(JCR *jcr)
       case STREAM_ENCRYPTED_SESSION_DATA:
          crypto_error_t cryptoerr;
 
+         /* Is this an unexpected session data entry? */
+         if (cs) {
+            Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
+            extract = false;
+            bclose(&bfd);
+            continue;
+         }
+
          /* Do we have any keys at all? */
          if (!jcr->pki_recipients) {
             Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
@@ -590,6 +598,13 @@ void do_restore(JCR *jcr)
          break;
 
       case STREAM_SIGNED_DIGEST:
+
+         /* Is this an unexpected signature? */
+         if (sig) {
+            Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
+            continue;
+         }
+
          /* Save signature. */
          if (extract && (sig = crypto_sign_decode((uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) {
             Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
-- 
2.39.5