GnuPG can't handle some V3 secret keys

Werner Koch wk at gnupg.org
Fri May 4 18:39:01 CEST 2001


On Fri, 4 May 2001, Florian Weimer wrote:

> The code in the g10 directory doesn't check the return value of
> mpi_read(), which is a null pointer if an error has occured.  In some
> situations, the null pointer dereferenced, resulting in a segmentation

I know about this but there is no need to be worried about it
because about all modern OSes will SEGV on a NULL pointer
dereference without a way to exploit it.  It would be worse in a
library, though.

Anyway, I have put a note in the TODO that this has to be fixed.

Thanks for reminding me of that.

  Werner


-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus





More information about the Gnupg-devel mailing list