Page MenuHome GnuPG
Create Task
Maniphest T7176

write_status_text_and_buffer fails to escape some non-printable characters
Closed, ResolvedPublic
Actions

Description

Hello,

this is https://bugs.debian.org/1074127 submitted by Baptiste Beauplat <lyknode@debian.org>. Afaict the respective code is present in 2.2, 2.4 and master:
The check for escaping characters in write_status_text_and_buffer is
written in g10/cpr.c as:

c
333           if (*s == '%' || *(const byte*)s <= lower_limit
334               || *(const byte*)s == 127 )

Except byte is defined as an unsigned char, with non-printable values
exceeding 127.

Therefor the check should be >= 127 and not == 127.

Practically, this means that some non-printable character are currently
not correctly escaped in a status output.

The following commands illustrate the bug:

mkdir -p /tmp/gpg
chmod 700 /tmp/gpg
echo test > /tmp/test.txt

cat << EOF > /tmp/key.txt
     Key-Type: RSA
     Key-Length: 4096
     Subkey-Type: RSA
     Subkey-Length: 4096
     Name-Real: Test key
     Name-Comment: comment
     Name-Email: test@example.org
     Expire-Date: 0
     Passphrase: abc
     %commit
     %echo done
EOF
GNUPGHOME=/tmp/gpg gpg --batch --generate-key /tmp/key.txt

GNUPGHOME=/tmp/gpg gpg --set-notation \
  "test@example.org=This is a non-printable char [$(printf "\x8c")]" \
  --clearsign /tmp/test.txt

GNUPGHOME=/tmp/gpg gpg --status-fd 1 --with-colons \
  --verify /tmp/test.txt.asc | cat -A

This outputs:

[GNUPG:] NOTATION_DATA This%20is%20a%20non-printable%20char%20[M-^L]$

While with the proposed patch, it encodes correctly to:

[GNUPG:] NOTATION_DATA This%20is%20a%20non-printable%20char%20[%8C]$

Kind regards

Escape-char-127-in-write_status_text_and_buffer.patch678 BDownload

Details

External Link
https://bugs.debian.org/1074127

Event Timeline

ametzler1 created this task.Jun 24 2024, 6:42 PM
werner added a subscriber: werner.Jun 24 2024, 6:49 PM

The point here is to escape control characters so that we do not run into problems when reading the stuff. Escaping non-ascii (c >127) is not required and would put a lower limit on the number of (utf-8) characters we can print via the status lines.
Note also that we use almost everywhere ascii versions of the character checks. Thus I would not consider this a bug.

werner closed this task as Resolved.Jun 25 2024, 9:12 AM
werner claimed this task.
werner edited projects, added Not A Bug, gnupg, Support; removed Bug Report.

Reading the original bug report it is clear that this is not a gpg bug but a problem in the Python code. This should only be read as utf-8 if the NOTATION_FLAGS line indicated that this is human readable.