NetBSD Problem Report #49539
From mlelstv@twitty.1st.de Tue Jan 6 13:37:10 2015
Return-Path: <mlelstv@twitty.1st.de>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id CFC18A654B
for <gnats-bugs@gnats.NetBSD.org>; Tue, 6 Jan 2015 13:37:09 +0000 (UTC)
Message-Id: <20150106133659.8096A1EF@twitty.1st.de>
Date: Tue, 6 Jan 2015 14:36:59 +0100 (CET)
From: mlelstv@serpens.de
Reply-To: mlelstv@serpens.de
To: gnats-bugs@NetBSD.org
Subject: netpgpkeys segfaults on bad commandline
X-Send-Pr-Version: 3.95
>Number: 49539
>Notify-List: khorben@NetBSD.org
>Category: bin
>Synopsis: netpgpkeys segfaults on bad ocmmandline
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Jan 06 13:40:00 +0000 2015
>Closed-Date:
>Last-Modified: Wed Nov 01 13:27:02 +0000 2017
>Originator: Michael van Elst
>Release: NetBSD 7.99.2
>Organization:
--
Michael van Elst
Internet: mlelstv@serpens.de
"A potential Snark may lurk in every tree."
>Environment:
System: NetBSD twitty 7.99.2 NetBSD 7.99.2 (TWITTY) #22: Tue Dec 16 21:53:35 CET 2014 mlelstv@pussyfoot:/home/netbsd-current/obj.evbarm/home/netbsd-current/src/sys/arch/evbarm/compile/TWITTY evbarm
Architecture: earmv6hf
Machine: evbarm
>Description:
netpgpkeys passes a NULL pointer to its command functions when
a parameter (usually a filename) is missing.
| if (optind == argc) {
| if (!netpgp_cmd(&netpgp, &p, NULL)) {
The command function does not check the passed value and dereferences
the NULL pointer.
>How-To-Repeat:
twitty% netpgpkeys --import-key
/home/mlelstv/.gnupg/pubring.gpg: No such file or directory
Can't read pubring /home/mlelstv/.gnupg/pubring.gpg
Can't read pub keyring
Segmentation fault
>Fix:
Check arguments either when parsing or when evaluating them.
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback
State-Changed-By: khorben@NetBSD.org
State-Changed-When: Sun, 09 Apr 2017 22:56:43 +0000
State-Changed-Why:
I believe I fixed this in
crypto/external/bsd/netpgp/dist/src/lib/keyring.c 1.51.
Can you confirm?
From: Michael van Elst <mlelstv@serpens.de>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@netbsd.org, netbsd-bugs@netbsd.org, khorben@NetBSD.org
Subject: Re: bin/49539 (netpgpkeys segfaults on bad ocmmandline)
Date: Tue, 11 Apr 2017 00:23:25 +0200
On Sun, Apr 09, 2017 at 10:56:44PM +0000, khorben@NetBSD.org wrote:
> I believe I fixed this in
> crypto/external/bsd/netpgp/dist/src/lib/keyring.c 1.51.
> Can you confirm?
Doesn't look like it.
% netpgpkeys --import-key
/home/mlelstv/.gnupg/pubring.gpg: No such file or directory
Can't read pubring /home/mlelstv/.gnupg/pubring.gpg
Can't read pub keyring
Segmentation fault
That's -current with keyring.c 1.55.
Greetings,
--
Michael van Elst
Internet: mlelstv@serpens.de
"A potential Snark may lurk in every tree."
State-Changed-From-To: feedback->open
State-Changed-By: maya@NetBSD.org
State-Changed-When: Wed, 01 Nov 2017 13:27:02 +0000
State-Changed-Why:
Not fixed
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.