Page MenuHome GnuPG

crash when editing key with no signatures
Closed, ResolvedPublic

Description

GPG crashes when trying to edit a key imported from scallion (i.e. a key with no
signatures, not even self-signatures):

$ gpg --import --allow-non-selfsigned-uid key
gpg: key CE96612301234567: accepted non self-signed user ID "Scallion UID
(replace me)"
gpg: /home/steven/gpgkeygen/trustdb.gpg: trustdb created
gpg: key CE96612301234567: public key "Scallion UID (replace me)" imported
gpg: key CE96612301234567: secret key imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1

$ gpg --edit-key CE96612301234567
gpg (GnuPG) 2.1.15; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: Fatal: out of core while allocating 0 bytes

It crashes because it tries to call xmalloc_clear(0). Doing this would resolve
it, but perhaps a warning should be printed?

diff --git a/g10/keyedit.c b/g10/keyedit.c
index 87e69b0..57be8e1 100644

  • a/g10/keyedit.c

+++ b/g10/keyedit.c
@@ -420,6 +420,10 @@ check_all_keysigs (KBNODE kb, int only_selected, int
only_selfsigs)

      else if (n->pkt->pkttype == PKT_SIGNATURE)
        nsigs ++;

+ /* No signatures. */
+ if (nsigs == 0)
+ return 0;
+

/* Add them all to the SIGS array.  */
sigs = xmalloc_clear (sizeof (*sigs) * nsigs);

Details

Version
2.1

Event Timeline

werner added a subscriber: werner.

Thanks. I took your solution.

werner removed a project: Restricted Project.