Diffusion GPGME a9b28c79e92f

core: Prevent wrong plaintext when verifying clearsigned signature
a9b28c79e92f
Actions

Tags

None

Subscribers

None

Description

core: Prevent wrong plaintext when verifying clearsigned signature

* src/engine-gpg.c (gpg_verify): Use a separate pipe instead of stdout
for reading the plaintext.
* tests/gpg/t-support.h (PGM): Define if undefined.
(print_data): Undefine BUF_SIZE.
(check_data): New.
* tests/gpg/t-verify.c (clearsigned_plus_key_block): New.
(main): Add test.

Reading the plaintext from stdout is a bad idea because gpg can also
print other stuff on stdout, e.g. the keys contained in a public key
block. This is fixed by reading the plaintext via a special pipe.

GnuPG-bug-id: T6622

Details

Provenance

Authored on Jul 28 2023, 4:15 PM

Parents

rM777cf7f2d173: core: Return bad data error instead of general error on unexpected data

Branches

Unknown

Tags

Unknown

Tasks

T6622: Kleopatra: Misleading result when decrypting clear signed message followed by public key block in notepad

Event Timeline

ikloecker committed rMa9b28c79e92f: core: Prevent wrong plaintext when verifying clearsigned signature (authored by ikloecker).Jul 28 2023, 4:15 PM

ikloecker added a task: T6622: Kleopatra: Misleading result when decrypting clear signed message followed by public key block in notepad.

Changes (3)

Path

Size

src/

tests/

gpg/

rMa9b28c79e92f

src/engine-gpg.c

Loading...

tests/gpg/t-support.h

Loading...

tests/gpg/t-verify.c

Loading...