[gpgme] bad signature causes infinite loop in verify.c

Marcus Brinkmann Marcus.Brinkmann at ruhr-uni-bochum.de
Mon May 19 02:15:02 CEST 2003

On Mon, May 19, 2003 at 08:12:42AM +1000, Benjamin Lee wrote:
> Hi all,
> Using the cvs version of gpgme, there seems to be an infinite loop in
> gpgme/verify.c inside parse_new_sig() when handling case
> GPGME_STATUS_ERRSIG around line 188.
> You'll notice that 'i' is never incremented so the while loop:

[embarrasing code snippet removed ;)]

Thanks for finding this bug and sending a patch.  I just put it into CVS.
> The other problem was that strchr was being used incorrectly (although pre
> 1.43 it was being used correctly).

Yes, I rewrote a good deal of that code, and introduced some new bugs.

> To create a test case, all one needs to do is gpg --clear-sign, and then
> edit by hand the created .asc file, removing or adding a couple of
> erroneous characters in the signature.

You must have been lucky.  I tried this, and I only get checksum errors,
NODATA or BADARMOR status code (note that in two of these cases, gpgme will
fail the operation silently, ie return GPGME_No_Error - this is going to be
fixed in a major overhaul of the error handling at some time).

> I have not yet checked all other uses of strchr.

I just did, and it seemed to be a single incident.

`Rhubarb is no Egyptian god.' GNU      http://www.gnu.org    marcus at gnu.org
Marcus Brinkmann              The Hurd http://www.gnu.org/software/hurd/
Marcus.Brinkmann at ruhr-uni-bochum.de

More information about the Gnupg-devel mailing list