[git] GnuPG - branch, master, updated. gnupg-2.2.1-29-g995c46e

by NIIBE Yutaka cvs at cvs.gnupg.org
Thu Oct 19 04:23:56 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  995c46ea77cff5b99b2fca17b547d6525a4f227e (commit)
      from  645f30ad310a518a863eb7bd3e11251a7e7f2eca (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 995c46ea77cff5b99b2fca17b547d6525a4f227e
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Thu Oct 19 11:08:24 2017 +0900

    g10: Fix find_and_check_key for multiple keyrings.
    
    * g10/pkclist.c (find_and_check_key): Call get_validity on a specific
    keyblock.
    
    --
    
    When we have multiple keyrings, get_validity after
    get_best_pubkey_byname should access same keyring.  Or else, the
    situation of an expired key in keyring A but valid key in keyring B
    causes SEGV.
    
    Thanks to Guido Günther for the use case and the log.
    
    Debian-bug-id: 878812
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>

diff --git a/g10/pkclist.c b/g10/pkclist.c
index 67d932e..220936c 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -826,6 +826,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
 {
   int rc;
   PKT_public_key *pk;
+  KBNODE keyblock = NULL;
 
   if (!name || !*name)
     return gpg_error (GPG_ERR_INV_USER_ID);
@@ -838,7 +839,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
   if (from_file)
     rc = get_pubkey_fromfile (ctrl, pk, name);
   else
-    rc = get_best_pubkey_byname (ctrl, NULL, pk, name, NULL, 0, 0);
+    rc = get_best_pubkey_byname (ctrl, NULL, pk, name, &keyblock, 0, 0);
   if (rc)
     {
       int code;
@@ -861,6 +862,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
   if (rc)
     {
       /* Key found but not usable for us (e.g. sign-only key). */
+      release_kbnode (keyblock);
       send_status_inv_recp (3, name); /* Wrong key usage */
       log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) );
       free_public_key (pk);
@@ -872,7 +874,8 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
     {
       int trustlevel;
 
-      trustlevel = get_validity (ctrl, NULL, pk, pk->user_id, NULL, 1);
+      trustlevel = get_validity (ctrl, keyblock, pk, pk->user_id, NULL, 1);
+      release_kbnode (keyblock);
       if ( (trustlevel & TRUST_FLAG_DISABLED) )
         {
           /* Key has been disabled. */

-----------------------------------------------------------------------

Summary of changes:
 g10/pkclist.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list