Issue1455

Title pubring.gpg corruption on invalid public key
Priority bug Status resolved
Category gnupg Due Date 2012-12-17
Version 1.4.11 ExtLink  (go)
Superseder Nosy List kbs
Assigned To Topics  (help)

Created on 2012-12-06.18:06:59 by kbs, last changed 2012-12-20.13:54:18 by werner.

Files
File name Uploaded Type Edit Remove
bug.zip kbs, 2012-12-06.18:06:59 application/zip
Messages
msg4493 (view) Author: werner Date: 2012-12-20.13:54:18
Fixed also for 2.0 and master.
msg4492 (view) Author: werner Date: 2012-12-20.08:54:06
Fixed with commit f795a0d for 1.4.  Will fix it for the other branches later the
day.
msg4475 (view) Author: kbs Date: 2012-12-06.18:06:59
While running some tests on an unrelated project, I noticed that gpg 1.4.11 
appears to corrupt its pubring.gpg database when presented with certain invalid 
public keys.

I've attached the offending public key as well as the pubring.gpg file. The log 
follows.

$ mkdir /tmp/gpg-box; chmod go-rx /tmp/gpg-box
$ gpg --homedir=/tmp/gpg-box --list-keys
gpg: keyring `/tmp/gpg-box/pubring.gpg' created
gpg: /tmp/gpg-box/trustdb.gpg: trustdb created
$ gpg --homedir=/tmp/gpg-box --import raw/fuzz-1617.pkr 
gpg: keyring `/tmp/gpg-box/secring.gpg' created
gpg: packet(1) too short
gpg: keyring_get_keyblock: read error: invalid packet
gpg: keydb_get_keyblock failed: invalid keyring
gpg: keydb_search failed: invalid keyring
gpg: key FC21FDDE: public key "[User ID not found]" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
$ gpg --homedir=/tmp/gpg-box --list-key
gpg: packet(1) too short
gpg: keyring_get_keyblock: read error: invalid packet
gpg: keydb_get_keyblock failed: invalid keyring
$ gpg --homedir=/tmp/gpg-box --delete-key FC21FDDE
gpg (GnuPG) 1.4.11; Copyright (C) 2010 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: packet(1) too short
gpg: keyring_get_keyblock: read error: invalid packet
gpg: error reading keyblock: invalid keyring
gpg: FC21FDDE: delete key failed: invalid keyring
$
History
Date User Action Args
2012-12-20 13:54:18wernersetstatus: testing -> resolved
messages: + msg4493
2012-12-20 08:54:06wernersetstatus: unread -> testing
messages: + msg4492
2012-12-15 08:57:59wernersetduedate: 2012-12-17.00:00:00
2012-12-06 18:06:59kbscreate