Page MenuHome GnuPG
Create Task
Maniphest T5577

Null ptr dereference in gpg-agent (gnupg 2.3.2)
Closed, ResolvedPublic
Actions

Description

There is a fairly obvious null pointer dereference in gpg-agent, file agent/command.c, line 1958. (Variable "pi" is null.)

This (at least on my machine) breaks symmetric decryption.

The bug is obvious, but the fix is less obvious. I tried lifting the memory allocation for "pi" out of the "if" statement, and passing pi to "agent_get_passphrase" (line 1955), but that broke symmetric encryption even worse. I commented out line 1958 and 1966, and that seems to work okay.

This bug is new in version 2.3.2.

Details

Version
2.3.2

Revisions and Commits

rG GnuPG
rGaf3b1901549b agent: Fix segv in GET_PASSPHRASE (regression)
rG4b2cfec2dc2f agent: Fix segv in GET_PASSPHRASE (regression)

Related Objects

Event Timeline

brad.kaiser created this task.Aug 30 2021, 2:29 PM

See description above.

brad.kaiser updated the task description. (Show Details)Aug 30 2021, 2:31 PM
werner closed this task as Resolved.Aug 30 2021, 4:42 PM
werner claimed this task.
werner triaged this task as High priority.
werner added projects: gnupg (gpg23), segv.
werner added a subscriber: werner.

Aihhh, my fault. seems that a new version it not too far away.

werner reopened this task as Open.Sep 7 2021, 7:53 AM

(I closed this by accident)

werner mentioned this in rGb89b1f35c29c: agent: Ignore passphrase constraints for a generated passphrase..Sep 7 2021, 7:56 AM
werner closed this task as Resolved.Sep 7 2021, 9:04 AM

Fixed in 2.3 and 2.2

werner added a commit: rG4b2cfec2dc2f: agent: Fix segv in GET_PASSPHRASE (regression).Sep 7 2021, 9:43 AM
werner added a commit: rGaf3b1901549b: agent: Fix segv in GET_PASSPHRASE (regression).
ikloecker mentioned this in T5574: Doubled characters in Windows console output.Sep 13 2021, 12:34 PM
werner mentioned this in T5571: Release GnuPG 2.2.31.Sep 16 2021, 12:31 PM
gniibe mentioned this in T5623: gpg2 hangs on many tasks on OpenIndiana (Illumos).Sep 30 2021, 7:05 AM
werner mentioned this in T5565: Release GnuPG 2.3.3.Oct 12 2021, 6:16 PM