Gpgtar produces corrupt binaries
Closed, ResolvedPublic

Description

To reproduce:

  • Use gpgex to select a binary file to encrypt (e.g. c:\Program

Files\Gnu\gnupg\gpg.exe )

  • In the kleopatra Dialog select -> Archive
  • OpenPGP Encrypt to yourself.
  • Decrypt

-> File is corrupted.

Sha1sums differ and the file size differs.

I've tested this with gpg4win 2.2.0 to rule out a regression in recent encoding
and error handling fixes for gpgtar. But this also occurs with the current
master of gpg4win.

Inspecting the binaries shows that the last 512 bytes are not written to after
decryption.

Tested this on Windows 8.1 and Windows 7.

The problem does not occur with short text files.

Details

Version
master
aheinecke set Version to 2.0.27.
aheinecke added subscribers: aheinecke, werner.

Further tracked this problem down to be a gpgtar extraction issue.

Calling gpgtar on the decrypted archive with the same command kleopatra uses:

C:\Users\aheinecke\Desktop>type gpg-archive.tar |"c:\Program
Files\GNU\GnuPG\gpgtar.exe" --openpgp --skip-crypto --set-filename
C:/Users/aheinecke/Desktop/gpg-archive.tar.gpg --decrypt -- -

Produces the corrupted binary. Copying this archive to a GNU/Linux system and
extracting the tarball with GNU Tar produces a valid binary.

Next test on GNU/Linux with:

./gpgtar --version

gpgtar (GnuPG) 2.1.3-beta4

./gpgtar --openpgp --skip-crypto \

--set-filename /home/aheinecke/arbeit/gpg4win/gpg-archive.tar.gpg \
--decrypt -- /home/aheinecke/arbeit/gpg4win/gpg-archive.tar

sha1sum gpg-archive.tar_1_/gpg2.exe

2d387c8fb53d105c31e4cc2ec186e70a365b0c65 gpg-archive.tar_1_/gpg2.exe

tar -fx /home/aheinecke/arbeit/gpg4win/gpg-archive.tar
sha1sum gpg2.exe

54c8c2ec1083943e556255f76ff8f58e623c5b27 gpg2.exe

The second one is correct.

aheinecke changed Version from 2.0.27 to master.
aheinecke renamed this task from Gpgtar / Kleopatra on Windows produces corrupt binaries to Gpgtar produces corrupt binaries.

To further minimize the test case:

dd if=/dev/urandom of=testfile count=1024 bs=1024
./gpgtar --encrypt --skip-crypto -- testfile > test.tar
./gpgtar --decrypt --skip-crypto -- test.tar
diff ./test.tar_1_/testfile ./testfile

Binary files ./test.tar_1_/testfile and ./testfile differ

last 512 bytes of testfile are missing after extracting it with gpgtar.

In gpgtar-extract.c extract_regular

  for (n=0; n < hdr->nrecords;)
    {
      err = read_record (stream, record);
      if (err)
        goto leave;
      n++;
      nbytes = (n < hdr->nrecords)? RECORDSIZE : (hdr->size % RECORDSIZE);

^ this does not work for the last header if hdr->size size is a multiple of 512.
In that case the last record will not be written.

Please check my attached patch which fixes the problem.

And the testscript I used to test this.

Pushed your patch to master and 2.0. Thanks.

werner closed this task as Resolved.Mar 17 2015, 12:05 PM