Bug in gpg 1.0.4

Keith Clayton keith@claytons.org
Sat Apr 14 16:57:01 2001


--/9DWx/yDrRhgMJTb
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi all,

I search the recent lists archives and didn't find this mentioned.  My
apologies if this bug has been detected and corrected.  Encrypting to the
following public key will cause gpg to segfault without fail on my system.
Let me know if you need any more information.  I'm not on the list so please
cc any responses to me personally: keith@claytons.org


Here's gdb output and a backtrace . .=20

(gdb) run -v --encrypt --armor --sign -u keith@claytons.org -r miquel@df.ub=
a.ar testfile
Starting program: /usr/local/bin/gpg -v --encrypt --armor --sign -u keith@c=
laytons.org -r miquel@df.uba.ar testfile
gpg: Warning: using insecure memory!

You need a passphrase to unlock the secret key for
user: "Keith Clayton <keith@claytons.org>"
1024-bit DSA key, ID B0CC99EE, created 2001-01-31

gpg: This key probably belongs to the owner
File `testfile.asc' exists. Overwrite (y/N)? y
gpg: writing to `testfile.asc'

Program received signal SIGSEGV, Segmentation fault.
0xfe31264 in _IO_str_overflow (fp=3D0x7fffe3f8, c=3D120) at strops.c:173
173	strops.c: No such file or directory.
(gdb) backtrace
#0  0xfe31264 in _IO_str_overflow (fp=3D0x7fffe3f8, c=3D120) at strops.c:173
#1  0xfe2fd38 in __overflow (f=3D0x0, ch=3D120) at genops.c:197
#2  0xfe30324 in _IO_default_xsputn (f=3D0x7fffe3f8, data=3D0x78, n=3D1)
    at genops.c:417
#3  0xfe1beb0 in _IO_vfprintf (s=3D0x7fffe3f8, format=3D0x10099b30 "x%02x",=
=20
    ap=3D0x7fffe550) at vfprintf.c:1059
#4  0xfe2bdc0 in _IO_vsprintf (string=3D0x0, format=3D0x10099b30 "x%02x",=
=20
    args=3D0x7fffe550) at iovsprintf.c:47
#5  0xfe24554 in sprintf (s=3D0x7fffe3f8 "=FB=AD",=20
    format=3D0x78 <Address 0x78 out of bounds>) at sprintf.c:38
#6  0x10078b50 in utf8_to_native (
    string=3D0x100b4070 "EC9ECF9E Cesar Miquel (\004) <miquel@df.uba.ar>",=
=20
    length=3D44) at strgutil.c:426
#7  0x100147ac in get_user_id_string_native (keyid=3D0x7fffe3f8) at getkey.=
c:2005
#8  0x10032a10 in write_pubkey_enc_from_list (pk_list=3D0x100b1ec0,=20
    dek=3D0x300155c8, out=3D0x100b5170) at encode.c:491
#9  0x10032880 in encrypt_filter (opaque=3D0x7fffe7c8, control=3D4, a=3D0x1=
00b5170,=20
    buf=3D0x100b7260 "\231\001=A2\0049o=DBe\021\004", ret_len=3D0x10099b31)
    at encode.c:428
#10 0x1007e2d4 in iobuf_flush (a=3D0x100b4258) at iobuf.c:1082
#11 0x1007d96c in iobuf_push_filter2 (a=3D0x100b4258,=20
    f=3D0x1000fa24 <compress_filter>, ov=3D0x7fffe768, rel_ov=3D0) at iobuf=
.c:804
#12 0x1007d8e0 in iobuf_push_filter (a=3D0x7fffe3f8, f=3D0x78, ov=3D0x1)
---Type <return> to continue, or q <return> to quit---=20
    at iobuf.c:788
#13 0x10033774 in sign_file (filenames=3D0x100b0b18, detached=3D0,=20
    locusr=3D0x100b0b30, encrypt=3D1, remusr=3D0x100b0b58, outfile=3D0x100b=
0998 "")
    at sign.c:340
#14 0x1000b164 in main (argc=3D1, argv=3D0x7ffffb60) at g10.c:1175


Public key in question:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQGiBDrV0n4RBACD+SHbaGdA3rg7h8DUOiog39PTUQGG7GcOCXtfIstr7KjOGHpY
TVz9KjYMAJBgRwmkoyFTq7efFjqJhZRkoJLp8vFvWGA2w2ccQMPNmqlz4m8bnJa4
NuQFpSu/PwI9hVh4DymiDNp7cUSUTCykwwddnDTWf04UMBv+Wyyy89X8EwCglJLa
C5Z20lvu+83ipFtU7rAOubsD/1u7Qkn1Vg481suLTH4dtlvljl8fnUodFDcAeLRV
ssO8Llh+om2xtMAfIOWkJ40KPpg3RNr+6oqLu5txXpo7I8Z5y+G2FiNO4YGymAhF
Y/j66Yr/zV5MsEXHTMTQvNtL5KqVAPhXXZeiuTTABlWxaA5cWcXRu62m61PQCodL
/DUcA/95f+fQEMQ5BhxQvVuhZf0HdLNlaHNWwrkHhxlHQBPz0UeyxWpG9g1duCsL
AV/h7CKo8tUaeF1ilZyBdJ1XddLIF9Bxp8+hvAgMd+nuM0l5yhCzKbN2KOOqrxKI
eetCYnrY8KDPDIqEx7sSGR1bLgpu2O5ySJWUWbC/rFIPD99KZLQjQ2VzYXIgTWlx
dWVsICgEKSA8bWlxdWVsQGRmLnViYS5hcj6IVwQTEQIAFwUCOtXSfgULBwoDBAMV
AwIDFgIBAheAAAoJEFpoI0if8Eo6t/YAn3s2Vy4VKLqRcy1N+198THA71basAJ9X
cKJ8rxNc7IZ3WyQ2u0GV/IiP9rkBDQQ61dKcEAQAzUgFPRlZ2j58N2t48d/pic/F
SF1AbEiPUFQ8M044pNdAvxDYfKru+A5OEo9Eq5PGfpQXYEtWAs4xNkrToCLlD+4w
Q0aUqYEg+G4nVHIRiSYH52ztRhDDq9iIuSZ8nUtbAxk6zluqj3IFv574h0w8VgIO
K8L+5pUhR1U8j0/i7f8AAwUD/0b12fzikwtdANKVM5zqe6BcpAlb/LyK/hxUCOW/
1vMmrkjSIyKiWuiAxW1f0ajYFqS0AQVZ/vtWBjuMNnvntC+R5I4tHiZpsFAE68cS
c83d6kbM0vN9av+g8+hT6t2QKgRyVkdUHy0rp7DICBlE7+ynpZGZ0iex5wREih1o
nhDbiEYEGBECAAYFAjrV0pwACgkQWmgjSJ/wSjrYJgCff3guehaGMyRUXzivPc1M
MnNo7k4AnRjm+R7LvEYY4YsWWChAeJywHAPc
=3DKxEa
-----END PGP PUBLIC KEY BLOCK-----



Cheers,
Keith

--=20
<><><><><><><><><><><><>
Keith Clayton
keith@claytons.org

"If you don't trust me with your source code,
            why should I trust you with my computer?"

GPG key: http://home.pacbell.net/clay-ton/keith_public_key.html        =20
         http://www.keyserver.net                            =20
=20
GPG fingerprint: 33FF 1D80 4562 1600 4BAB  5018 BCB7 635C B0CC 99EE


--/9DWx/yDrRhgMJTb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjrYZeAACgkQvLdjXLDMme65OACgiJgRsLX25F9Lyh06l8q3BPCG
lYcAmgO2Z70fn2LBvISUdGeU8WK8Cb7w
=h+81
-----END PGP SIGNATURE-----

--/9DWx/yDrRhgMJTb--