From ea4d757852786ea334a034c30b4cd4cd34b76a21 Mon Sep 17 00:00:00 2001
From: Michał Górny <mgorny@gentoo.org>
Date: Thu, 26 Oct 2017 22:44:33 +0200
Subject: manifest: Test for incomplete OpenPGP message

---
 gemato/manifest.py    | 10 ++++++++++
 tests/test_openpgp.py | 18 ++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/gemato/manifest.py b/gemato/manifest.py
index 0fae91f..e6c9837 100644
--- a/gemato/manifest.py
+++ b/gemato/manifest.py
@@ -349,6 +349,16 @@ class ManifestFile(object):
             tag = sl[0]
             self.entries.append(MANIFEST_TAG_MAPPING[tag].from_list(sl))
 
+        if state == ManifestState.SIGNED_PREAMBLE:
+            raise gemato.exceptions.ManifestSyntaxError(
+                    "Manifest terminated early, in OpenPGP headers")
+        elif state == ManifestState.SIGNED_DATA:
+            raise gemato.exceptions.ManifestSyntaxError(
+                    "Manifest terminated early, before signature")
+        elif state == ManifestState.SIGNATURE:
+            raise gemato.exceptions.ManifestSyntaxError(
+                    "Manifest terminated early, inside signature")
+
     def dump(self, f):
         """
         Dump data into file @f. The file should be open for writing
diff --git a/tests/test_openpgp.py b/tests/test_openpgp.py
index 3771bed..32028f0 100644
--- a/tests/test_openpgp.py
+++ b/tests/test_openpgp.py
@@ -171,6 +171,24 @@ class SignedManifestTest(unittest.TestCase):
             self.assertRaises(gemato.exceptions.ManifestUnsignedData,
                     m.load, f)
 
+    def test_signed_manifest_terminated_before_data(self):
+        m = gemato.manifest.ManifestFile()
+        with io.StringIO('\n'.join(SIGNED_MANIFEST.splitlines()[:3])) as f:
+            self.assertRaises(gemato.exceptions.ManifestSyntaxError,
+                    m.load, f)
+
+    def test_signed_manifest_terminated_before_signature(self):
+        m = gemato.manifest.ManifestFile()
+        with io.StringIO('\n'.join(SIGNED_MANIFEST.splitlines()[:7])) as f:
+            self.assertRaises(gemato.exceptions.ManifestSyntaxError,
+                    m.load, f)
+
+    def test_signed_manifest_terminated_before_end(self):
+        m = gemato.manifest.ManifestFile()
+        with io.StringIO('\n'.join(SIGNED_MANIFEST.splitlines()[:15])) as f:
+            self.assertRaises(gemato.exceptions.ManifestSyntaxError,
+                    m.load, f)
+
 
 class OpenPGPCorrectKeyTest(unittest.TestCase):
     """
-- 
cgit v1.2.3