GNUPG 0.3.2 encryption bug

Brian Warner warner at lothar.com
Sat Aug 22 17:49:29 CEST 1998


bofh at coker.com.au writes:
> I create a file with "dd if=/dev/zero of=test bs=1k count=2000" (nice empty
> test file).
> I encrypt it using password "abcd" using the command "gpg -z0 -c test".

I get the same bug with gpg-0.3.4, on linux-ppc and linux-i386. A 20k file
will cause it, but not a 2k file. I get the bug with compression turned on
too. It doesn't actually cause my gpg to coredump, but certainly fails to
decrypt:

278:warner at mongo% dd if=/dev/zero of=test bs=1k count=20
20+0 records in
20+0 records out
279:warner at mongo% gpg -z0 -c test
gpg (GNUPG) 0.3.4; Copyright (C) 1998 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

280:warner at mongo% gpg -d test.gpg > t
gpg (GNUPG) 0.3.4; Copyright (C) 1998 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: Problem reading source (3 bytes remaining)
gpg: handle plaintext failed: File read error
gpg: [don't know]: invalid packet (ctb=33)
281:warner at mongo% 


Could there be something wrong with the way that lengths are encoded that
doesn't show up for small files?

 -Brian
  warner at lothar.com




More information about the Gnupg-devel mailing list