[gpgme] bad signature causes infinite loop in verify.c
Marcus Brinkmann
Marcus.Brinkmann at ruhr-uni-bochum.de
Mon May 19 02:15:02 CEST 2003
On Mon, May 19, 2003 at 08:12:42AM +1000, Benjamin Lee wrote:
> Hi all,
>
> Using the cvs version of gpgme, there seems to be an infinite loop in
> gpgme/verify.c inside parse_new_sig() when handling case
> GPGME_STATUS_ERRSIG around line 188.
>
> You'll notice that 'i' is never incremented so the while loop:
[embarrasing code snippet removed ;)]
Thanks for finding this bug and sending a patch. I just put it into CVS.
> The other problem was that strchr was being used incorrectly (although pre
> 1.43 it was being used correctly).
Yes, I rewrote a good deal of that code, and introduced some new bugs.
> To create a test case, all one needs to do is gpg --clear-sign, and then
> edit by hand the created .asc file, removing or adding a couple of
> erroneous characters in the signature.
You must have been lucky. I tried this, and I only get checksum errors,
NODATA or BADARMOR status code (note that in two of these cases, gpgme will
fail the operation silently, ie return GPGME_No_Error - this is going to be
fixed in a major overhaul of the error handling at some time).
> I have not yet checked all other uses of strchr.
I just did, and it seemed to be a single incident.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' GNU http://www.gnu.org marcus at gnu.org
Marcus Brinkmann The Hurd http://www.gnu.org/software/hurd/
Marcus.Brinkmann at ruhr-uni-bochum.de
http://www.marcus-brinkmann.de/
More information about the Gnupg-devel
mailing list