BUG: Signing and encrypting a single space in textmode is broken

David Shaw dshaw at jabberwocky.com
Tue Apr 23 05:53:01 CEST 2002

On Sat, Apr 20, 2002 at 09:32:27PM +0200, Ingo Klöcker wrote:
> [Please cc me as I'm not subscribed to gnupg-devel.]
> Hi,
> a KMail user tried to send himself a signed and encrypted message which 
> only contains a single space. After decrypting the received message it 
> contained some garbage characters and was not signed.

Very interesting bug.  GnuPG was making a good signature, but the
verification side was not correctly handling the zero-length data for
the signature.  The binary garbage you found in the received message
was actually the signature itself.

This is fixed now.


   David Shaw  |  dshaw at jabberwocky.com  |  WWW http://www.jabberwocky.com/
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

More information about the Gnupg-devel mailing list