Page MenuHome GnuPG

Debug log has full content of a regular mail even when checkmarked not to have decrypted mail content
Closed, ResolvedPublic


I just noticed in the debug log there is the full content of a regular (i.e. non-signed, non-encrypted) mail holding sensitive information, even though I didn't activate the option "Inkl. Mail inhalten (entschlüsselt!) und Meta-Informationen" (i.e. including mail content (decrypted!) and meta information).

Log level was set to "+Speicher Analyse" (+memory analysis).


GPG4win 3.1.4

Revisions and Commits

Event Timeline

aheinecke triaged this task as High priority.
aheinecke added a subscriber: aheinecke.


I broke it a day before the release and didn't notice.
Since f34cd2782bc0cd6f359c14de4d4a889ec4e49a6e it accidentally logs all string allocations if one of DEBUG_TRACE DEBUG_MEMORY or DEBUG_DATA is set. The intention was that it should log when all three are set.

As usual, thanks for the report :-/

aheinecke changed the task status from Open to Testing.Oct 22 2018, 12:17 PM

For what it's worth I found some more places where data leaked out even in log level 1. It will probably be a bit of a process to get this clean to a 100% as there is no automated way to decide what needs to be filtered and what not.

Was released with 3.1.5