GnuPG 1.9.95: gpg2 segfaults on build test

Werner Koch wk at gnupg.org
Fri Nov 10 11:44:53 CET 2006 

On Tue,  7 Nov 2006 17:16, umq.461 at gmail.com said:

> Removing -O2 seems to cease the error.
> I'll apply this in my build ENV.

Well, sitting at the SFScon at Bozen, Marcus and me tracked down the
bug.  It is very easy to fix and actually an oversight when I wrote
mpi_read.  It reveals it self only on 64 bit machines because there
sizeof(unsigned int) != sizeof(size_t).  gcc should have emitted a
warning when compiling on 64 bit. I agree that gnupg is a lot of code
and such warnings are easily overlooked.

I attach a patch.  Most of it is just re-indentation.


Shalom-Salam,

   Werner
-------------- next part --------------
Index: parse-packet.c
===================================================================
--- parse-packet.c	(revision 4329)
+++ parse-packet.c	(working copy)
@@ -112,41 +112,41 @@
   /*FIXME: Needs to be synced with gnupg14/mpi/mpicoder.c*/
 
   int c, c1, c2, i;
-  unsigned int nbits, nbytes, nread=0;
+  unsigned int nbits, nbytes;
+  size_t nread;
   gcry_mpi_t a = NULL;
   byte *buf = NULL;
   byte *p;
   
-  if( (c = c1 = iobuf_get(inp)) == -1 )
+  if ( (c = c1 = iobuf_get (inp)) == -1 )
     goto leave;
   nbits = c << 8;
-  if( (c = c2 = iobuf_get(inp)) == -1 )
+  if ( (c = c2 = iobuf_get (inp)) == -1 )
     goto leave;
   nbits |= c;
-  if( nbits > MAX_EXTERN_MPI_BITS ) 
+  if ( nbits > MAX_EXTERN_MPI_BITS ) 
     {
       log_error("mpi too large (%u bits)\n", nbits);
       goto leave;
     }
   nread = 2;
   nbytes = (nbits+7) / 8;
-  buf = secure? gcry_xmalloc_secure( nbytes+2 ) : gcry_xmalloc( nbytes+2 );
+  buf = secure ? gcry_xmalloc_secure (nbytes + 2) : gcry_xmalloc (nbytes + 2);
   p = buf;
   p[0] = c1;
   p[1] = c2;
-  for( i=0 ; i < nbytes; i++ ) 
+  for ( i=0 ; i < nbytes; i++ ) 
     {
       p[i+2] = iobuf_get(inp) & 0xff;
       nread++;
     }
-  nread += nbytes;
-  if( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, nread, &nread ) )
+  if ( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, nread, &nread ) )
     a = NULL;
     
  leave:
   gcry_free(buf);
-  if( nread > *ret_nread )
-    log_bug("mpi larger than packet");
+  if ( nread > *ret_nread )
+    log_bug ("mpi larger than packet");
   else
     *ret_nread = nread;
   return a;

More information about the Gnupg-devel mailing list