AW: gpgme_op_decrypt segfault

Schultschik, Sven sven.schultschik at siemens.com
Tue Jun 29 11:59:14 CEST 2021


Hi Ingo,

you were totally right.

I looked now for days at the code and didn't saw this trivial fault. The
Nullpoint check for the outstream was missing. 

So I check now the outstream for nullpointer and catch it. 

But a null point check for gpgme wouldn't be a bad idea. This way it could
be a catchable exception.

Thank you for your two fresh eyes and the hint.

Regards

Sven

-----Ursprüngliche Nachricht-----
Von: Gnupg-users <gnupg-users-bounces at gnupg.org> Im Auftrag von Ingo Klöcker
Gesendet: Dienstag, 29. Juni 2021 09:20
An: gnupg-users at gnupg.org
Betreff: Re: gpgme_op_decrypt segfault

Hi,

On Montag, 28. Juni 2021 21:37:58 CEST Schultschik, Sven via Gnupg-users
wrote:
> Hello all together,
> 
> I have created a small Applikation to zip and encrypte and vise versa.
> 
> I struggle at the point of          err = gpgme_op_decrypt(ctx, in, out);
> Which terminates with an segfault if not sufficient access rights are 
> available. If I run with sudo it works as expected.

It would be really helpful if you'd give us the backtrace you get for the
segfault.

Moreover, it is unclear what you mean by "not sufficient access rights are
available". Is the input file only readable by root? Or is only root allowed
to write to fullBackupPath?

Quite frankly, it's up to you, the caller/user of gpgme, to check whether
the
fopen() calls succeeded before you pass the streams to gpgme. You do check
instream for being NULL, but apparently you forgot to check outstream.
Should
gpgme_data_new_from_stream() check for a null pointer passed to it? Maybe. 
Should you pass a NULL pointer to gpgme_data_new_from_stream()? Definitely
not. It makes no sense because how should gpgme_data_new_from_stream() know
the reason for the NULL pointer?

FWIW, I just checked. gpgme_data_new_from_stream() does not check for a NULL
pointer. I guess this could be changed.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 14944 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210629/8ac7c0a6/attachment-0001.bin>


More information about the Gnupg-users mailing list