http://bugzilla.opensuse.org/show_bug.cgi?id=981020
http://bugzilla.opensuse.org/show_bug.cgi?id=981020#c5
--- Comment #5 from Rainer Sabelka ---
I can also reproduce the crash with gpg2-2.1.12-1.1 and libgcrypt20-1.6.5-2.1
(see bt in the attachment).
I also ran valgrind. There is an "Invalid read" shortly before the crash:
~> valgrind gpg -k
==10542== Memcheck, a memory error detector
==10542== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==10542== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==10542== Command: gpg -k
==10542==
gpg: enabled debug flags: memstat
gpg: verwende Vertrauensmodell pgp
gpg: "Trust-DB" wird überprüft
gpg: removing stale lockfile (created by 10456)
gpg: buffer shorter than subpacket
gpg: buffer shorter than subpacket
gpg: signature packet without keyid
gpg: buffer shorter than subpacket
gpg: buffer shorter than subpacket
gpg: buffer shorter than subpacket
gpg: signature packet without keyid
gpg: buffer shorter than subpacket
==10542== Invalid read of size 4
==10542== at 0x56016B0: _gcry_mpi_normalize.part.0 (mpi-bit.c:61)
==10542== by 0x560173F: _gcry_mpi_normalize (mpi-bit.c:75)
==10542== by 0x560173F: _gcry_mpi_get_nbits (mpi-bit.c:79)
==10542== by 0x429D5D: encode_md_value (seskey.c:350)
==10542== by 0x43F4AD: check_signature_end_simple (sig-check.c:461)
==10542== by 0x44000E: check_signature_over_key_or_uid (sig-check.c:892)
==10542== by 0x4406EF: check_key_signature2 (sig-check.c:1075)
==10542== by 0x440784: check_key_signature (sig-check.c:686)
==10542== by 0x429601: keyring_rebuild_cache (keyring.c:1554)
==10542== by 0x426293: keydb_rebuild_caches (keydb.c:1775)
==10542== by 0x46FD8E: validate_keys (trustdb.c:1904)
==10542== by 0x444BB7: public_key_list (keylist.c:133)
==10542== by 0x40B661: main (gpg.c:4100)
==10542== Address 0x4 is not stack'd, malloc'd or (recently) free'd
==10542==
gpg: signal Segmentation fault caught ... exiting
==10542==
==10542== Process terminating with default action of signal 11 (SIGSEGV)
==10542== at 0x5EEA908: raise (in /lib64/libc-2.23.so)
==10542== by 0x5EEA98F: ??? (in /lib64/libc-2.23.so)
==10542== by 0x56016AF: ??? (in /usr/lib64/libgcrypt.so.20.0.5)
==10542== by 0x560173F: _gcry_mpi_normalize (mpi-bit.c:75)
==10542== by 0x560173F: _gcry_mpi_get_nbits (mpi-bit.c:79)
==10542== by 0x429D5D: encode_md_value (seskey.c:350)
==10542== by 0x43F4AD: check_signature_end_simple (sig-check.c:461)
==10542== by 0x44000E: check_signature_over_key_or_uid (sig-check.c:892)
==10542== by 0x4406EF: check_key_signature2 (sig-check.c:1075)
==10542== by 0x440784: check_key_signature (sig-check.c:686)
==10542== by 0x429601: keyring_rebuild_cache (keyring.c:1554)
==10542== by 0x426293: keydb_rebuild_caches (keydb.c:1775)
==10542== by 0x46FD8E: validate_keys (trustdb.c:1904)
==10542==
==10542== HEAP SUMMARY:
==10542== in use at exit: 3,965,558 bytes in 57,887 blocks
==10542== total heap usage: 140,986 allocs, 83,099 frees, 32,966,576 bytes
allocated
==10542==
==10542== LEAK SUMMARY:
==10542== definitely lost: 42 bytes in 2 blocks
==10542== indirectly lost: 0 bytes in 0 blocks
==10542== possibly lost: 0 bytes in 0 blocks
==10542== still reachable: 3,965,516 bytes in 57,885 blocks
==10542== suppressed: 0 bytes in 0 blocks
==10542== Rerun with --leak-check=full to see details of leaked memory
==10542==
==10542== For counts of detected and suppressed errors, rerun with: -v
==10542== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Speicherzugriffsfehler (Speicherabzug geschrieben)
Note, that the crash doesn't occur if I delete .gnupg/trustdb.gpg
but as soon as I modify the trust level of any key gpg crashes again.
--
You are receiving this mail because:
You are on the CC list for the bug.