Page MenuHome GnuPG

Null ptr dereference in gpg-agent (gnupg 2.3.2)
Closed, ResolvedPublic


There is a fairly obvious null pointer dereference in gpg-agent, file agent/command.c, line 1958. (Variable "pi" is null.)

This (at least on my machine) breaks symmetric decryption.

The bug is obvious, but the fix is less obvious. I tried lifting the memory allocation for "pi" out of the "if" statement, and passing pi to "agent_get_passphrase" (line 1955), but that broke symmetric encryption even worse. I commented out line 1958 and 1966, and that seems to work okay.

This bug is new in version 2.3.2.



Event Timeline

werner claimed this task.
werner triaged this task as High priority.
werner added projects: gnupg (gpg23), segv.
werner added a subscriber: werner.

Aihhh, my fault. seems that a new version it not too far away.

(I closed this by accident)

Fixed in 2.3 and 2.2