corrupt trustdb caused by commandline?

Thu May 25 15:58:20 CEST 2006

On Thu, May 25, 2006 at 06:42:45PM +0930, Alphax wrote:
> David Shaw wrote:
> > On Wed, May 24, 2006 at 11:38:17PM -0400, Atom Smasher wrote:
> >> On Tue, 9 May 2006, David Shaw wrote:
> >>
> >>> I'm not sure why you didn't have the problem in 1.4.2.  It should happen 
> >>> there as well.
> >>>
> >>> Try this patch.
> >> ===================
> >>
> >> took me some time to try this out...
> >>
> >> i tweaked the patch to drop it into 
> >> /usr/ports/security/gnupg/files/patch-stdout.reopen.patch (freeBSD ports), 
> >> reinstalled gpg and everything is now running smooth.
> >>
> >> so...
> >>  * why was closing stdout causing gpg to have problems?
> > 
> > It's not a GPG thing, specifically.  Closing stdout (or stderr) is
> > actually a pretty dangerous thing to do on *any* program that opens
> > files and also uses printf.
> > 
> > Here's an example:
> > 
> >   fd=open("foo",O_WRONLY,0777);
> >   printf("hi there - I'm writing to a file\n");
> >   write(fd,"whee",4);
> > 
> > Normally, if you run this, you get "hi there" on stdout, and "whee" in
> > the file.  Close stdout before you run it, and the open() can end up
> > with fd 1 attached to "foo".  When you printf, you'll be printf-ing to
> > "foo" as well, mangling it.
> > 
> > If the goal is to squish stdout, you should redirect stdout to
> > /dev/null rather than closing it outright.
> > 
> >>  * will this patch be incorporated into production?
> > 
> > Yes.  Already has, actually.
> > 
> >>  * why was 1.4.2 not having problems with this?
> > 
> > Luck?  I'm honestly not sure - the code in 1.4.2 and 1.4.3 here is
> > nearly identical.
> > 
> 
> Well, I've experienced this problem before - mainly when CTRL+C-ing an
> operation that's acting on the keyring and/or the trustdb. Not much fun
> to recover from.

Terminating a process acting on the keyring should not cause this
unless you are closing stdout or stderr.

David