Page MenuHome GnuPG
Create Task
Maniphest T1926

Gpgtar produces corrupt binaries
Closed, ResolvedPublic
Actions

Description

To reproduce:

  • Use gpgex to select a binary file to encrypt (e.g. c:\Program

Files\Gnu\gnupg\gpg.exe )

  • In the kleopatra Dialog select -> Archive
  • OpenPGP Encrypt to yourself.
  • Decrypt

-> File is corrupted.

Sha1sums differ and the file size differs.

I've tested this with gpg4win 2.2.0 to rule out a regression in recent encoding
and error handling fixes for gpgtar. But this also occurs with the current
master of gpg4win.

Inspecting the binaries shows that the last 512 bytes are not written to after
decryption.

Tested this on Windows 8.1 and Windows 7.

The problem does not occur with short text files.

Details

Version
master

Related Objects

Event Timeline

aheinecke added projects: gpg4win, gpgtar, gnupg, Bug Report.Mar 17 2015, 9:26 AM
aheinecke set Version to 2.0.27.
aheinecke added subscribers: aheinecke, werner.
aheinecke added a comment.Mar 17 2015, 9:51 AM

Further tracked this problem down to be a gpgtar extraction issue.

Calling gpgtar on the decrypted archive with the same command kleopatra uses:

C:\Users\aheinecke\Desktop>type gpg-archive.tar |"c:\Program
Files\GNU\GnuPG\gpgtar.exe" --openpgp --skip-crypto --set-filename
C:/Users/aheinecke/Desktop/gpg-archive.tar.gpg --decrypt -- -

Produces the corrupted binary. Copying this archive to a GNU/Linux system and
extracting the tarball with GNU Tar produces a valid binary.

Next test on GNU/Linux with:

./gpgtar --version

gpgtar (GnuPG) 2.1.3-beta4

./gpgtar --openpgp --skip-crypto \

--set-filename /home/aheinecke/arbeit/gpg4win/gpg-archive.tar.gpg \
--decrypt -- /home/aheinecke/arbeit/gpg4win/gpg-archive.tar

sha1sum gpg-archive.tar_1_/gpg2.exe

2d387c8fb53d105c31e4cc2ec186e70a365b0c65 gpg-archive.tar_1_/gpg2.exe

tar -fx /home/aheinecke/arbeit/gpg4win/gpg-archive.tar
sha1sum gpg2.exe

54c8c2ec1083943e556255f76ff8f58e623c5b27 gpg2.exe

The second one is correct.

aheinecke renamed this task from Gpgtar / Kleopatra on Windows produces corrupt binaries to Gpgtar produces corrupt binaries.Mar 17 2015, 9:51 AM
aheinecke removed a project: gpg4win.
aheinecke changed Version from 2.0.27 to master.
aheinecke added a comment.Mar 17 2015, 10:08 AM

To further minimize the test case:

dd if=/dev/urandom of=testfile count=1024 bs=1024
./gpgtar --encrypt --skip-crypto -- testfile > test.tar
./gpgtar --decrypt --skip-crypto -- test.tar
diff ./test.tar_1_/testfile ./testfile

Binary files ./test.tar_1_/testfile and ./testfile differ

last 512 bytes of testfile are missing after extracting it with gpgtar.

aheinecke added a comment.Mar 17 2015, 11:10 AM

In gpgtar-extract.c extract_regular

  for (n=0; n < hdr->nrecords;)
    {
      err = read_record (stream, record);
      if (err)
        goto leave;
      n++;
      nbytes = (n < hdr->nrecords)? RECORDSIZE : (hdr->size % RECORDSIZE);

^ this does not work for the last header if hdr->size size is a multiple of 512.
In that case the last record will not be written.

Please check my attached patch which fixes the problem.

aheinecke reassigned this task from aheinecke to werner.Mar 17 2015, 11:10 AM

D289: 587_0001-gpgtar-Fix-extracting-files-with-size-512.patch

aheinecke added a comment.Mar 17 2015, 11:11 AM

And the testscript I used to test this.

aheinecke added a comment.Mar 17 2015, 11:11 AM

588_test-gpgtar.sh311 BDownload

werner added a comment.Mar 17 2015, 12:05 PM

Pushed your patch to master and 2.0. Thanks.

werner closed this task as Resolved.Mar 17 2015, 12:05 PM