Optimization-dependent behavior with GnuPG 1.4.19 and GCC 5

Kevin Locke kevin at kevinlocke.name
Wed Sep 30 09:16:52 CEST 2015 

Hello all,

I'm encountering a rather odd issue and I would appreciate some help
confirming my suspicions about the cause and in fixing the issue.

The basic issue is that I am unable to install Google Cloud SDK
packages on Debian testing due to signature validation failure.  In
tracking down the issue, I realized that gnupg 1.4.19-5 (present in
testing) fails to validate the signature while 1.4.18-7 (present in
Jessie) validates the signature as good.  Further investigation
revealed that when compiled from pristine sources with -O1, 1.4.19
will validate the signature as good, while compilation with -O2 will
cause the validation to fail.

To reproduce the issue:
(on Debian testing using gcc "(Debian 5.2.1-17) 5.2.1 20150911")

# Build a version with -O2 (default) and -O1
tar -xjf gnupg-1.4.19.tar.bz2
cd gnupg-1.4.19
./configure && make
mv g10/gpg gpg.O2
make clean && CFLAGS="-g -O1" ./configure && make
mv g10/gpg gpg.O1

# Get the signed file and import the key into a keyring
curl -O http://packages.cloud.google.com/apt/dists/cloud-sdk-jessie/InRelease
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --no-default-keyring --keyring ./google-cloud-sdk.gpg --import

# Attempt to verify the signature with each binary
./gpg.O2 --verbose --no-default-keyring --keyring ./google-cloud-sdk.gpg --verify InRelease
./gpg.O1 --verbose --no-default-keyring --keyring ./google-cloud-sdk.gpg --verify InRelease

On my machine, running with gpg.O2 results in the following output:

gpg: Signature made Sun 27 Sep 2015 12:33:10 PM PDT using RSA key ID A7317B0F
gpg: assuming bad signature from key A7317B0F due to an unknown critical bit
gpg: BAD signature from "Google Cloud Packages Automatic Signing Key <gc-team at google.com>"

While running with gpg.O1 results in the following output:

gpg: Signature made Sun 27 Sep 2015 12:33:10 PM PDT using RSA key ID A7317B0F
gpg: Good signature from "Google Cloud Packages Automatic Signing Key <gc-team at google.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D0BC 747F D8CA F711 7500  D6FA 3746 C208 A731 7B0F

Debugging the behavior in gdb shows that in parse_signature at
g10/parse-packet.c:1413, sig->unhashed is NULL.  This results in
taking the branch at g10/parse-packet.c:1185 in enum_sig_subpkt which
returns the address of the pktbuf argument.  Although the code expects
this to result in a non-NULL value, it appears that the compiler
optimizations at -O2 result in returning a NULL value.  I'm unsure if
this is a compiler error, or if this is allowed as undefined behavior
when using the address of an argument after a function has returned.

Thoughts?  Is anyone else seeing this behavior?  Does this analysis
seem correct?  Think it is a GCC bug?  Regardless, would it be
acceptable to return either a constant or the address of a global
symbol to avoid the issue?  Is there anything odd about the InRelease
file which causes the issue?  More importantly, is there a way to
avoid causing this issue, so that users of affected versions of GPG
can still install signed packages from the Google Cloud SDK,
presumably by making sig->unhashed non-NULL?

Thanks for your time and efforts!
Kevin


-- 
Cheers,      |  kevin at kevinlocke.name    | XMPP: kevin at kevinlocke.name
Kevin        |  https://kevinlocke.name  | IRC:   kevinoid on freenode

More information about the Gnupg-devel mailing list