When attempting to decrypt an incomplete encrypted file, gpg can hang with 100%
cpu use until interrupted. This happens when the encrypted file uses bzip2
compression and an RSA key. The expected behaviour is for gpg to report an
error and quit.
Steps to reproduce:
- Create some test data.
~$ head -c 16384 /dev/urandom >test.in
- Encrypt with a 2048-bit RSA test key, using bzip2 compression.
~$ gpg --encrypt --compress-algo bzip2 --recipient test@example <test.in >test.gpg
- Test normal operation.
~$ gpg --decrypt <test.gpg >test.out
gpg: encrypted with 2048-bit RSA key, ID B22C9B86, created 2009-03-11
"Test Key <test@example>"
~$ diff test.in test.out
- Stop encrypted stream after 8464 bytes - gpg reports error and quits as expected.
~$ head -c 8464 test.gpg | gpg --decrypt >test.out
gpg: block_filter 0x8121f90: read error (size=16383,a->size=16383)
gpg: encrypted_mdc packet with unknown version 255
gpg: block_filter: pending bytes!
- Stop encrypted stream after 8465 bytes - gpg consumes 100% cpu until interrupted
~$ head -c 8465 test.gpg | gpg --decrypt >test.out
gpg: encrypted with 2048-bit RSA key, ID B22C9B86, created 2009-03-11
"Test Key <test@example>"
gpg: block_filter: 1st length byte missing
gpg: Interrupt caught ... exiting
~$
Tested on Mac OS X 10.5 with gpg 2.0.10 and Xubuntu 7.04 with gpg 1.4.6.