From f277a1469aef05d3542e8ae9fd3f5dbadbe12463 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Fri, 11 Jan 2019 10:35:16 +0100
Subject: pem: Fix assert condition

If the PEM header is "-----BEGIN -----", *type should be an empty
string and the parser shouldn't fail.  Reported by Han Han in:
https://bugzilla.redhat.com/show_bug.cgi?id=1665172
---
 trust/pem.c      |  2 +-
 trust/test-pem.c | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/trust/pem.c b/trust/pem.c
index ce4f554..fae7dd6 100644
--- a/trust/pem.c
+++ b/trust/pem.c
@@ -84,7 +84,7 @@ pem_find_begin (const char *data,
 
 	if (type) {
 		pref += ARMOR_PREF_BEGIN_L;
-		assert (suff > pref);
+		assert (suff >= pref);
 		*type = strndup (pref, suff - pref);
 		return_val_if_fail (*type != NULL, NULL);
 	}
diff --git a/trust/test-pem.c b/trust/test-pem.c
index 0c7d60a..6feff86 100644
--- a/trust/test-pem.c
+++ b/trust/test-pem.c
@@ -120,6 +120,24 @@ struct {
 	},
 
 	{
+	  /* one block with empty type */
+	  "-----BEGIN -----\n"
+	  "aYNNXqshlVxCdo8QfKeXh3GUzd/yn4LYIVgQrx4a\n"
+	  "-----END -----",
+	  {
+	    {
+	      "",
+	      "\x69\x83\x4d\x5e\xab\x21\x95\x5c\x42\x76\x8f\x10\x7c\xa7\x97\x87"
+	      "\x71\x94\xcd\xdf\xf2\x9f\x82\xd8\x21\x58\x10\xaf\x1e\x1a",
+	      30,
+	    },
+	    {
+	      NULL,
+	    }
+	  }
+	},
+
+	{
 	  NULL,
 	}
 };
-- 
cgit v1.1