Page MenuHome GnuPG
Create Task
Maniphest T6528

gpg: No error status when encrypting to full disk
Closed, ResolvedPublic
Actions

Description

To reproduce I have a native disk, which I filled up until only little space was left. Then I tried encrypting a file. Kleopatra shows the system error without error code from T6526

Gpgtar probably does the same, but I left it out of testing to have the most simple version to reproduce this:

Command line:

F:\>gpg --status-fd 1 --verbose --debug io -o battlepresets.gpg -er largefile "ldata-test\Empire Total War\data\battlepresets.pack"
gpg: reading options from 'C:/Users/Andre Heinecke/AppData/Roaming/gnupg/gpg.conf'
gpg: reading options from '[cmdline]'
gpg: unknown debug flag 'io' ignored
gpg: enabled debug flags: memstat
gpg: enabled compatibility flags:
[GNUPG:] KEY_CONSIDERED E2AFED40E9EB19AA85DD35E90DAC780060A465D3 0
gpg: using pgp trust model
gpg: key 0D2BCA3D499F0E37: accepted as trusted key
gpg: key 49C3A4D4848D585F: accepted as trusted key
gpg: key F7E017CAED158080: accepted as trusted key
gpg: key 06673A58E125DFCE: accepted as trusted key
gpg: key 41FAC215ADE1CB46: accepted as trusted key
gpg: key EE77B3D57243F72E: accepted as trusted key
gpg: key 298B0D99CB96F5BC: accepted as trusted key
gpg: key 4BAA787CA5E951D6: accepted as trusted key
gpg: key D78D8BB4CA553DA3: accepted as trusted key
gpg: key E27313528F72EFBA: accepted as trusted key
gpg: key 0DAC780060A465D3: accepted as trusted key
gpg: using subkey C2CF90025CE3C419 instead of primary key 0DAC780060A465D3
[GNUPG:] KEY_CONSIDERED E2AFED40E9EB19AA85DD35E90DAC780060A465D3 0
gpg: This key belongs to us
gpg: reading from 'ldata-test\\Empire Total War\\data\\battlepresets.pack'
File 'battlepresets.gpg' exists. Overwrite? (y/N) y
gpg: writing to 'battlepresets.gpg'
gpg: ECDH/AES256.OCB encrypted for: "C2CF90025CE3C419 largefile-test <gogol@da.da>"
[GNUPG:] BEGIN_ENCRYPTION 0 9 2
gpg: battlepresets.gpg: write error: ec=112
gpg: do_plaintext(): wrote 1428226048 bytes but expected 1536763945 bytes
gpg: battlepresets.gpg: write error: ec=112
gpg: IOBUFCTRL_FREE failed on close: Success
[GNUPG:] END_ENCRYPTION
gpg: keydb: handles=2 locks=0 parse=2 get=2
gpg:        build=0 update=0 insert=0 delete=0
gpg:        reset=0 found=2 not=0 cache=0 not=0
gpg: kid_not_found_cache: count=0 peak=0 flushes=0
gpg: sig_cache: total=4 cached=0 good=0 bad=0
gpg: objcache: keys=2/2/0 chains=381,1..1 buckets=383/20 attic=254
gpg: objcache: uids=1/1/0 chains=106,1..1 buckets=107/20
gpg: random usage: poolsize=600 mixed=286 polls=0/6 added=164/167602
              outmix=4 getlvl1=3/79 getlvl2=0/0
gpg: rndjent stat: collector=0x02a70d30 calls=4 bytes=128
gpg: secmem usage: 1568/32768 bytes in 3 blocks

Revisions and Commits

rG GnuPG
rG1e9ac18f8818 common,w32: Add missing GetLastError->errno mapping.
rG8425cdcc8eb9 gpg: Print status line and proper diagnostics for write errors.
rG5e94470d053e common,w32: Add missing GetLastError->errno mapping.
rG695cb04af521 gpg: Print status line and proper diagnostics for write errors.

Related Objects

Event Timeline

aheinecke renamed this task from gpg: No error status when disk full to gpg: No error status when encrypting to full disk.Jun 9 2023, 2:25 PM
aheinecke triaged this task as High priority.
aheinecke created this task.
werner added a subscriber: werner.EditedJun 9 2023, 4:22 PM

Seems to be gnupg 2.4. ec 112 is ERROR_DISK_FULL.

werner claimed this task.Jun 9 2023, 4:24 PM
werner added projects: gnupg24, gnupg22, Restricted Project.
werner added a comment.Jun 9 2023, 5:26 PM

Actually two bugs. Easy to test on Unix with a small (e.g. 10MiB partition).

  1. The error is actually emitted using log_error and thus gpg will return with failure. However a STATUS is not returned except for the END_ENCRYPTION. We should see a STATUS_ERROR here too.
  1. The code in do_plaintext assumes that iobuf_copy returns (size_t)(-1) on error which it never does for write error. However the iobuf_error() returns the error code but it is only queried if iobuf_copy returns an error due to a read failure.

re 1: We should catch such missing status errors by emitting a STATUS_FAILURE but we don't do that in fear of breaking existing applications.

re 2: We need to properly return the error to the caller

werner added a comment.Jun 9 2023, 5:38 PM

With my fixes I now get this:

$ gpg -z0 --status-fd 2 --chunk-size 6 -v -er toweltest --no-encrypt-to --always-trust --yes -o smalldisk/towelrack.gpg <towelrack.txt
[...]
gpg: reading from '[stdin]'
gpg: writing to 'smalldisk/towelrack.gpg'
gpg: ECDH/AES256.OCB encrypted for: "339BB4386319B338 toweltest@example.net"
[GNUPG:] BEGIN_ENCRYPTION 0 9 2
gpg: smalldisk/towelrack.gpg: write error: No space left on device
gpg: build_packet failed: No space left on device
[GNUPG:] FAILURE encrypt 32859
gpg: [stdin]: encryption failed: No space left on device

$ gpg -z0 --status-fd 2 --chunk-size 6 -v -er toweltest --no-encrypt-to --always-trust --yes -o smalldisk/towelrack.gpg towelrack.txt
[...]
gpg: reading from 'towelrack.txt'
gpg: writing to 'smalldisk/towelrack.gpg'
gpg: ECDH/AES256.OCB encrypted for: "339BB4386319B338 toweltest@example.net"
[GNUPG:] BEGIN_ENCRYPTION 0 9 2
gpg: smalldisk/towelrack.gpg: write error: No space left on device
gpg: do_plaintext(): wrote 7536640 bytes but expected 13071240 bytes
gpg: build_packet failed: No space left on device
[GNUPG:] FAILURE encrypt 32859
gpg: towelrack.txt: encryption failed: No space left on device

Note that gpg has now also removed the partly written towelrack.gpg file. Needs to be tested on Windows but this is a generic error.

werner moved this task from Backlog to QA on the gnupg24 board.Jun 9 2023, 5:42 PM
werner added a commit: rG695cb04af521: gpg: Print status line and proper diagnostics for write errors..Jun 15 2023, 11:17 AM
ebo added a subscriber: ebo.Jul 3 2023, 2:33 PM

I get a failure status, but a different one.
Seems to be an other issue? But wasn't (ec=112) disk full?
And the disk of the Windows VM must have been running full with that file, before the start there were ~2,6 GB free:

C:\Users\g10code.WIN-TEST3\Documents>gpg -v --status-fd 2 -o GB_33.gpg -er Ted 3G.txt
[...]
gpg: Lesen von '3G.txt'
gpg: Schreiben nach 'GB_33.gpg'
gpg: Hinweis: Schlüssel CD573B2B0736643A besitzt nicht die AEAD Eigenschaft
gpg: RSA/AES256.CFB verschlüsselt für: "CD573B2B0736643A Ted Tester <Ted.Tester@demo.gnupg.com>"
[GNUPG:] BEGIN_ENCRYPTION 2 9
gpg: GB_33.gpg: write error: Unknown error (ec=112)
gpg: DBG: deflate: iobuf_write failed
gpg: do_plaintext(): wrote 2853896192 bytes but expected 3221225472 bytes
gpg: build_packet failed: No such file or directory
gpg: GB_33.gpg: write error: Unknown error (ec=112)
gpg: DBG: deflate: iobuf_write failed
[GNUPG:] FAILURE encrypt 32849
gpg: 3G.txt: encryption failed: No such file or directory
gpg: DBG: chan_0x00000178 -> BYE
gpg: secmem usage: 1568/32768 bytes in 3 blocks
ebo added a comment.Jul 3 2023, 2:45 PM

gpgrt version?

ebo moved this task from QA to WiP on the gnupg24 board.Jul 4 2023, 8:27 AM
werner added a comment.Jul 4 2023, 9:06 AM

No. Missing mapping in iobuf.

ebo mentioned this in T6497: gpgtar does not return failure code to gpgme.Jul 4 2023, 10:01 AM
ebo added a comment.Jul 4 2023, 10:52 AM

with the new gpg.exe you gave me for testing it looks good now:

C:\Users\g10code.WIN-TEST3\Documents>gpg -v --status-fd 2 -o GB_33.txt.gpg -er Ted 3G.txt
[...]
[GNUPG:] BEGIN_ENCRYPTION 2 9
gpg: GB_33.txt.gpg: write error: No space left on device (ec=28)
gpg: DBG: deflate: iobuf_write failed
gpg: do_plaintext(): wrote 2776104960 bytes but expected 3221225472 bytes
gpg: build_packet failed: No space left on device
gpg: GB_33.txt.gpg: write error: No space left on device (ec=28)
gpg: DBG: deflate: iobuf_write failed
[GNUPG:] FAILURE encrypt 32859
gpg: 3G.txt: encryption failed: No space left on device
werner added a commit: rG5e94470d053e: common,w32: Add missing GetLastError->errno mapping..Jul 4 2023, 2:35 PM
werner moved this task from WiP to QA on the gnupg24 board.Jul 4 2023, 2:36 PM
werner moved this task from QA to gnupg-2.4.3 on the gnupg24 board.Jul 4 2023, 2:39 PM
werner edited projects, added gnupg24 (gnupg-2.4.3); removed gnupg24.
werner mentioned this in T6509: Release GnuPG 2.4.3.Jul 4 2023, 4:57 PM
werner moved this task from Backlog to WiP on the gnupg22 board.Jul 5 2023, 11:14 AM
werner added a commit: rG8425cdcc8eb9: gpg: Print status line and proper diagnostics for write errors..Jul 5 2023, 11:31 AM
werner changed the task status from Open to Testing.Jul 5 2023, 11:56 AM
werner moved this task from WiP to QA on the gnupg22 board.
ebo changed the task status from Testing to Open.Sep 21 2023, 4:17 PM
ebo moved this task from QA to WiP on the gnupg22 board.

Does not work yet on VS-Desktop-3.2.0.0-beta214:

C:\Users\g10code.WIN-TEST3\Documents>gpg --status-fd 2 --verbose -o 5G.txt.gpg -er Ted 5G.txt
[...]
[GNUPG:] BEGIN_ENCRYPTION 2 9
gpg: 5G.txt.gpg: write error: Unknown error (ec=112)
gpg: build_packet failed: Systemfehler ohne gesetzten Systemfehlercode
[GNUPG:] FAILURE encrypt 16381
gpg: 5G.txt: encryption failed: Systemfehler ohne gesetzten Systemfehlercode
werner added a commit: rG1e9ac18f8818: common,w32: Add missing GetLastError->errno mapping..Oct 5 2023, 3:50 PM
werner changed the task status from Open to Testing.Oct 5 2023, 3:50 PM
werner moved this task from WiP to QA on the gnupg22 board.

I forgot to backport one patch. With that patch we get what we expect:

c:\Users\dd9jn> gpg --force-ocb -z0 -er dd9jn@w32demo --compatibility-flags vsd-allow-ocb  --enable-progress-filter  --status-fd 2 -v -o out.gpg h:largefile.foo
[...]
[GNUPG:] PROGRESS h:largefile.foo ? 7233 23605 MiB
gpg: out.gpg: write error: No space left on device (ec=112)
gpg: build_packet failed: No space left on device
[GNUPG:] FAILURE encrypt 32859
gpg: h:largefile.foo: encryption failed: No space left on device

Note that when using VirtualBox (6.1) with a shared folder to a small (20MiB) loopback device you won'tt see Disk full but an EIO due to Windows (that is the Virtual Box driver) returning Invalid Parameter.

ebo closed this task as Resolved.Oct 13 2023, 10:20 AM
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

works!

ebo moved this task from QA to gnupg-2.2.42 on the gnupg22 board.Oct 13 2023, 10:20 AM
ebo edited projects, added gnupg22 (gnupg-2.2.42); removed gnupg22.
werner mentioned this in T6307: Release GnuPG 2.2.42.Nov 28 2023, 4:59 PM