MDC bug in GPG ?

Werner Koch wk at gnupg.org
Tue Aug 20 11:15:01 CEST 2002


On Tue, 13 Aug 2002 12:29:37 +0200, disastry  said:

>> in parse-packet.c parse_mdc() there is check:
>> if( !new_ctb || pktlen != 20 ) {
>> log_error("mdc_packet with invalid encoding\n");
>> but obviously it didn't worked...

This is due to compression.  If you encrypt with -z 0 you see this
error message.  It is not expected that a packet follows an
compression packet because the length of the compressed packet is
implicitly known and all trailing garbage is ignored.  Changing this
is hard and so we better keep it as it is.

The MDC itself works in all cases becuase it is checked in the
decryptionb filter which does only check the last 20 bytes.  The
packet header are a fake anyway and not very useful.  I don't see a
security implication with this.


Shalom-Salam,

   Werner





More information about the Gnupg-devel mailing list