Page MenuHome GnuPG
Create Task
Maniphest T3164

The argument parser does not detect invalid integers
Open, LowPublic
Actions

Description

E.g.:

$ g10/gpg --command-fd=foobar --status-fd=foobar --decrypt ../tests/openpgp/samplemsgs/enc-1-key-1.gpg
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: public key is 9185878E4FCD74C0
[GNUPG:] ENC_TO 9185878E4FCD74C0 18 0
gpg: encrypted with ECDH key, ID 9185878E4FCD74C0
[GNUPG:] NO_SECKEY 9185878E4FCD74C0
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_FAILED
gpg: decryption failed: No secret key
[GNUPG:] END_DECRYPTION

Details

Version
master

Event Timeline

justus created this task.May 15 2017, 12:11 PM
werner moved this task from Backlog to WiP on the common board.Dec 12 2022, 12:14 PM
werner moved this task from WiP to Backlog on the common board.
werner edited projects, added gpgrt, Bug Report; removed common.Jun 2 2023, 11:52 AM
werner added a subscriber: werner.Feb 23 2024, 2:09 PM

That could be fixed in src/argparse.c:set_opt_arg by adding and endptr to the strtol calls and check that only white space follows. However, there is some risk of regression with this approach. Maybe just display a warning?