gpg --verify hangs on malformed signature

Steffen Ullrich ccrlphr at xensei.com
Tue Jul 21 13:22:26 CEST 1998 

subject says it.
If the issue came up already I'm sorry, but I just downloaded 0.3.2, found the problem, looked into
the last 2 month archived mail and found nothing. The problem in detail:

I try to verify a signed text (mail, signed with PGP5.0i using SHA).
If the signature is fine it reports it, however if I corrupt the signature a bit by adding a key to
it I get:

	gpg: CRC error; d8b879 - 826da9
	gpg: onepass_sig with unknown version 20

and then it hangs. GDB shows where it hangs:

	#0  underflow (a=0x80a5314) at iobuf.c:745
	#1  0x808f3a5 in iobuf_readbyte (a=0x80a5314) at iobuf.c:843
	#2  0x806414d in skip_rest (inp=0x80a5314, pktlen=60224425) at parse-packet.c:437
	#3  0x8065632 in parse_onepass_sig (inp=0x80a5314, pkttype=4, pktlen=604044299, ops=0x80a86fc) at parse-packet.c:864
	#4  0x8063c46 in parse (inp=0x80a5314, pkt=0x80a4c8c, reqtype=0, retpos=0x0, skip=0xbffffa28, out=0x0, do_skip=0)
	    at parse-packet.c:324
	#5  0x8063294 in parse_packet (inp=0x80a5314, pkt=0x80a4c8c) at parse-packet.c:127
	#6  0x8059ba1 in do_proc_packets (c=0x80a4bf4, a=0x80a5314) at mainproc.c:700
	#7  0x8059af3 in proc_signature_packets (a=0x80a5314, signedfiles=0x0) at mainproc.c:674
	#8  0x8071a0c in verify_signatures (nfiles=1, files=0xbffffc8c) at verify.c:80
	#9  0x804fdcd in main (argc=1, argv=0xbffffc8c) at g10.c:788

and the whole stuff run with --debug-all shows at the critical point:

	gpg: DBG: free_packet() type=2
	gpg: DBG: iobuf-3.0: close 'file_filter'
	gpg: DBG: iobuf-6.0: open '/homes/steffen/tmp/bla'
	gpg: DBG: armor-filter: control: 5
	gpg: DBG: iobuf-6.1: push 'armor_filter'
	gpg: DBG:       chain: 6.1 'armor_filter'
	gpg: DBG:       chain: 6.0 'file_filter'
	gpg: DBG: armor-filter: control: 1
	gpg: DBG: armor-filter: control: 3
	gpg: DBG: parse_packet(iob=6): type=4 length=13
	gpg: DBG: iobuf-6.2: push 'block_filter'
	gpg: DBG:       chain: 6.2 'block_filter'
	gpg: DBG:       chain: 6.1 'armor_filter'
	gpg: DBG:       chain: 6.0 'file_filter'
	gpg: DBG: init block_filter 0x80a761c
	gpg: DBG: parse_packet(iob=6): type=11 length=0
	gpg: DBG: armor-filter: control: 3
	gpg: DBG: free block_filter 0x80a761c
	gpg: DBG: iobuf-6.2: pop '(null)'
	gpg: DBG: free_packet() type=11
	gpg: DBG: armor-filter: control: 3
	gpg: CRC error; d8b879 - 826da9
	gpg: DBG: parse_packet(iob=6): type=4 length=604044300
	gpg: onepass_sig with unknown version 20
	gpg: DBG: iobuf-6.1: error
	gpg: DBG: iobuf-6.1: error
	gpg: DBG: iobuf-6.1: error
	(last line repeated again and again)
	
any clues/workarounds?

More information about the Gnupg-devel mailing list