[PATCH] netpgp segfaults on empty pubring

To: tech-crypto%netbsd.org@localhost
Subject: [PATCH] netpgp segfaults on empty pubring
From: Jason High <json.high%gmail.com@localhost>
Date: Thu, 19 Mar 2020 22:34:58 -0500

Hello NetBSD,

netpgp is throwing a segfault if pubring is empty.

--
[jhigh@varmot ~]$ ls -l /home/jhigh/.gnupg/pubring.gpg
-rw-------  1 jhigh  users  0 Mar 19 14:47 /home/jhigh/.gnupg/pubring.gpg
[jhigh@varmot ~]$ netpgp --encrypt test.txt
Segmentation fault

[jhigh@varmot ~]$ ls -l /home/jhigh/.gnupg/pubring.gpg
-rw-------  1 jhigh  users  1202 Mar 19 15:31 /home/jhigh/.gnupg/pubring.gpg
[jhigh@varmot ~]$ netpgp --encrypt test.txt
[jhigh@varmot ~]$
--

Below patch is one solution, which causes initialization to fail
cleanly.  Tested on current.

Ok?

--

Index: dist/src/lib/netpgp.c
===================================================================
RCS file: /cvsroot/src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c,v
retrieving revision 1.102
diff -u -p -r1.102 netpgp.c
--- dist/src/lib/netpgp.c       13 Nov 2018 14:52:30 -0000      1.102
+++ dist/src/lib/netpgp.c       20 Mar 2020 02:57:38 -0000
@@ -429,7 +429,7 @@ get_first_ring(pgp_keyring_t *ring, char
        int      i;
        int      n;

-       if (ring == NULL) {
+       if (ring == NULL || ring->keyc == 0) {
                return 0;
        }
        (void) memset(id, 0x0, len);

--

Thanks and regards,
Jason

Prev by Date: Re: netpgp and SHA1-PGP stuff
Next by Date: getrandom and getentropy
Previous by Thread: netpgp and SHA1-PGP stuff
Next by Thread: getrandom and getentropy
Indexes:

Home | Main Index | Thread Index | Old Index