Page MenuHome GnuPG

gpgme: accepts NULL ctx, crashes
Closed, ResolvedPublic

Description

In the gpgme.texi documentation, it says for almost every function:

The function returns the error code GPG_ERR_INV_VALUE if
@var{ctx} is not a valid pointer

But, if you pass NULL as the ctx argument (which I'm guessing qualifies as
not-a-valid-pointer), gpgme dereferences it and crashes the program in
_gpgme_release_result(). So it doesn't actually return GPG_ERR_INV_VALUE.

I attached what I *think* would partially fix this, if only for the NULL
case--if ctx is a pointer to unallocated memory or something that isn't a
'struct gpgme_context', things can still go horribly wrong.