Page MenuHome GnuPG

libgcrypt 1.7.4 breaks KWallet5: "Can't get secure memory" from GCRYCTL_INIT_SECMEM
Closed, ResolvedPublic

Description

Libgcrypt 1.7.4 completely breaks KWallet5, which starts complaining "Can't get
secure memory" and refuses to open wallet files, thus cutting off access to all of
the user's saved passwords. Downgrading to libgcrypt 1.7.3 restores correct
functionality. Took me a while to figure this out. :\

You can find the location of the failure here:
https://github.com/KDE/kwallet/blob/5f1f5fed934a3f2639591aaa7e303983936a68a0/src/r
untime/kwalletd/backend/kwalletbackend.cc#L135

Why would gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0) succeed in libgcrypt 1.7.3
but fail in libgcrypt 1.7.4?

Details

Version
1.7.4

Event Timeline

This is indeed a bug in libgcrypt. Thanks for the report.

I improved our test suite so that it detects this problem.

The Gentoo bug report for this has a
proposed fix, correcting a typo (EGAIN-

EAGAIN) in an autoconf script.

https://bugs.gentoo.org/show_bug.cgi?
id=602502#c5

werner added a project: Unreleased.

Applied with commit 0a90f87799 to master. I will backport and release 1.7.5 today.