libgcrypt 1.7.0 segfault (libcrypt-gcrypt-perl)

Werner Koch wk at
Fri Apr 22 09:23:25 CEST 2016

On Fri, 22 Apr 2016 02:33, gniibe at said:

> For me, easier fix on the libgcrypt side would be:
>     at encryption, let it return an error for not-initialized key (no
>     setkey called before encryption).

I concur.  We do this at other places as well, for example in

  if (!c->marks.key)
    return GPG_ERR_INV_STATE;  /* Key must have been set first.  */

> I don't think modification for encryption by ZERO (which was done in
> older libgcrypt) should be done to keep (undocumented?) backward
> compatibility.

If that was possible, it was clearly a bug.  I do not see a problem to
fix it.  The fix may actually reveal improper use, for example always
using a ZERO key instead of the desired key.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gcrypt-devel mailing list