Kleopatra: Crash when searching in LDAP
Closed, ResolvedPublic


Kleopatra crashes often when a key is searched in ldap.

The crash is reproducible for me against a test ldap server. It looks like there is a read of uninitalized memory (probably unterminated string) in GPGME

Valgrind output:

==13840== Use of uninitialised value of size 8
==13840==    at 0x4C2EDA2: strlen (vg_replace_strmem.c:454)
==13840==    by 0x63ADB12: pr_string (estream-printf.c:1218)
==13840==    by 0x63ADB12: do_format (estream-printf.c:1447)
==13840==    by 0x63ADB12: _gpgrt_estream_format (estream-printf.c:1605)
==13840==    by 0x63AE646: _gpgrt_estream_vasprintf (estream-printf.c:1819)
==13840==    by 0x63AF6B6: gpgrt_asprintf (visibility.c:656)
==13840==    by 0x7BD5BC2: gpg_keylist_preprocess (engine-gpg.c:2638)
==13840==    by 0x7BD62D9: read_colon_line (engine-gpg.c:1332)
==13840==    by 0x7BD62D9: colon_line_handler (engine-gpg.c:1396)
==13840==    by 0x7BC30E0: _gpgme_run_io_cb (wait.c:218)
==13840==    by 0x7BC38C9: _gpgme_wait_on_condition (wait-private.c:116)
==13840==    by 0x7BCC73D: gpgme_op_keylist_next (keylist.c:1218)
==13840==    by 0x7728B08: GpgME::Context::nextKey(GpgME::Error&) (context.cpp:513)
==13840==    by 0x7496675: do_list_keys(GpgME::Context*, QStringList const&, std::vector<GpgME::Key, std::allocator<GpgME::Key> >&, bool) (qgpgmekeylistjob.cpp:77)
==13840==    by 0x749762E: list_keys(GpgME::Context*, QStringList, bool) (qgpgmekeylistjob.cpp:91)

The crash does not happen for me when run in GDB, probably because the memory is zero