http://bugzilla.novell.com/show_bug.cgi?id=527385 Summary: gpg-agent segfaults Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Critical Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: code933k@gmail.com QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.1) Gecko/20090714 SUSE/3.5.1-3.1 Firefox/3.5.1 gpg-agent was working OK but, suddenly, about two weeks ago it keeps refusing to start. I can't even issue gpg-agent --help because it segfaults anyway... Here is the trace: execve("/usr/bin/gpg-agent", ["gpg-agent"], [/* 94 vars */]) = 0 mmap(0x246000, 350164, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, 0, 0) = 0x246000 readlink("/proc/self/exe", "/usr/bin/gpg-agent", 4096) = 18 mmap(NULL, 2383872, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4501d4e000 mmap(0x7f4501d4e000, 274388, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4501d4e000 mprotect(0x7f4501d4e000, 274388, PROT_READ|PROT_EXEC) = 0 mmap(0x7f4501f91000, 8096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0x43000) = 0x7f4501f91000 mprotect(0x7f4501f91000, 8096, PROT_READ|PROT_WRITE) = 0 mmap(0x7f4501f93000, 1376, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4501f93000 open("/lib64/ld-linux-x86-64.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\v\240=?\0\0\0"..., 1024) = 1024 mmap(0x3f3da00000, 2224128, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3f3da00000 mmap(0x3f3da00000, 120992, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x3f3da00000 mmap(0x3f3dc1d000, 6928, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1d000) = 0x3f3dc1d000 close(3) = 0 munmap(0x246000, 350164) = 0 brk(0) = 0x246000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4501d4d000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4501d4c000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=145793, ...}) = 0 mmap(NULL, 145793, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f4501d28000 close(3) = 0 open("/lib64/libgcrypt.so.11", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0q\200\355<\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=425512, ...}) = 0 mmap(NULL, 2518968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4501ac1000 fadvise64(3, 0, 2518968, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f4501b26000, 2093056, PROT_NONE) = 0 mmap(0x7f4501d25000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x64000) = 0x7f4501d25000 close(3) = 0 open("/lib64/libgpg-error.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\10@\355<\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=16944, ...}) = 0 mmap(NULL, 2109536, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f45018bd000 fadvise64(3, 0, 2109536, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f45018c0000, 2093056, PROT_NONE) = 0 mmap(0x7f4501abf000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f4501abf000 close(3) = 0 open("/usr/lib64/libpth.so.20", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360M >?\0\0\0"..., 832) = 832 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f45018bc000 fstat(3, {st_mode=S_IFREG|0755, st_size=104344, ...}) = 0 mmap(NULL, 2207064, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f45016a1000 fadvise64(3, 0, 2207064, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f45016b9000, 2093056, PROT_NONE) = 0 mmap(0x7f45018b8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7f45018b8000 mmap(0x7f45018ba000, 7512, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f45018ba000 close(3) = 0 open("/lib64/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\r`??\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=17800, ...}) = 0 mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f450149d000 fadvise64(3, 0, 2109696, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f450149f000, 2097152, PROT_NONE) = 0 mmap(0x7f450169f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f450169f000 close(3) = 0 open("/lib64/libnsl.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340@\340=?\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=92104, ...}) = 0 mmap(NULL, 2194128, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4501285000 fadvise64(3, 0, 2194128, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f450129a000, 2093056, PROT_NONE) = 0 mmap(0x7f4501499000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14000) = 0x7f4501499000 mmap(0x7f450149b000, 6864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f450149b000 close(3) = 0 open("/lib64/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\346\341>?\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1411776, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4501284000 mmap(NULL, 3506872, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4500f2b000 fadvise64(3, 0, 3506872, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f450107a000, 2097152, PROT_NONE) = 0 mmap(0x7f450127a000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14f000) = 0x7f450127a000 mmap(0x7f450127f000, 17080, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f450127f000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4500f2a000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4500f29000 arch_prctl(ARCH_SET_FS, 0x7f4500f296f0) = 0 open("/dev/urandom", O_RDONLY) = 3 read(3, "\252m\304\261r\351C\277", 8) = 8 close(3) = 0 mprotect(0x7f450127a000, 16384, PROT_READ) = 0 mprotect(0x7f4501499000, 4096, PROT_READ) = 0 mprotect(0x7f450169f000, 4096, PROT_READ) = 0 mprotect(0x7f45018b8000, 4096, PROT_READ) = 0 mprotect(0x7f4501abf000, 4096, PROT_READ) = 0 mprotect(0x7f4501d25000, 4096, PROT_READ) = 0 mprotect(0x7f4501f91000, 4096, PROT_READ) = 0 mprotect(0x3f3dc1d000, 4096, PROT_READ) = 0 munmap(0x7f4501d28000, 145793) = 0 brk(0) = 0x246000 brk(0x267000) = 0x267000 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ Any help is greatly appreciated. Reproducible: Always Steps to Reproduce: Issue gpg-agent, gpg-agent -h or whatever you like Actual Results: Segfaults all the time. gpg2, however, does not seem to have any problems listing signatures and so on. Expected Results: eval `gpg-agent` should be enough for handling signatures correctly by third parties. gpg-agent -h should show at least a help message. An application, whichever it is, should not segfault when asked just for -h (help), I am no expert at all but I wonder how secure gpg-agent really is [...] -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.