corrupt trustdb caused by commandline?

Alphax alphasigmax at gmail.com
Thu May 25 11:12:45 CEST 2006 

David Shaw wrote:
> On Wed, May 24, 2006 at 11:38:17PM -0400, Atom Smasher wrote:
>> On Tue, 9 May 2006, David Shaw wrote:
>>
>>> I'm not sure why you didn't have the problem in 1.4.2.  It should happen 
>>> there as well.
>>>
>>> Try this patch.
>> ===================
>>
>> took me some time to try this out...
>>
>> i tweaked the patch to drop it into 
>> /usr/ports/security/gnupg/files/patch-stdout.reopen.patch (freeBSD ports), 
>> reinstalled gpg and everything is now running smooth.
>>
>> so...
>>  * why was closing stdout causing gpg to have problems?
> 
> It's not a GPG thing, specifically.  Closing stdout (or stderr) is
> actually a pretty dangerous thing to do on *any* program that opens
> files and also uses printf.
> 
> Here's an example:
> 
>   fd=open("foo",O_WRONLY,0777);
>   printf("hi there - I'm writing to a file\n");
>   write(fd,"whee",4);
> 
> Normally, if you run this, you get "hi there" on stdout, and "whee" in
> the file.  Close stdout before you run it, and the open() can end up
> with fd 1 attached to "foo".  When you printf, you'll be printf-ing to
> "foo" as well, mangling it.
> 
> If the goal is to squish stdout, you should redirect stdout to
> /dev/null rather than closing it outright.
> 
>>  * will this patch be incorporated into production?
> 
> Yes.  Already has, actually.
> 
>>  * why was 1.4.2 not having problems with this?
> 
> Luck?  I'm honestly not sure - the code in 1.4.2 and 1.4.3 here is
> nearly identical.
> 

Well, I've experienced this problem before - mainly when CTRL+C-ing an
operation that's acting on the keyring and/or the trustdb. Not much fun
to recover from.

-- 
                Alphax
        Death to all fanatics!
  Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 564 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060525/6b9f46e0/signature.pgp

More information about the Gnupg-devel mailing list