GnuPG 1.2.0 crash w/ self-test genkey1024 under Solaris

Dr.Stefan.Dalibor at bfa.de Dr.Stefan.Dalibor at bfa.de
Thu Sep 26 13:40:15 CEST 2002


Hi,
GnuPG 1.2.0 fails to pass its self-test genkey1024 under Solaris 8 if EGD
is not running (crash due to calling strlen(NULL) in utils/fileutil.c,
line 105).

The appended patch makes gpg pass all tests under Solaris - while I think
hunk 2 is indeed necessary (almost all non-glibc C libraries I know won't
tolerate strlen(NULL)), I'm not so sure about hunk 1 (but of course, gpg
crashes also if fileutil.c is patched and rndegd.c is left unchanged) .

Stefan
--
diff -C3 -r gnupg-1.2.0/cipher/rndegd.c gnupg-1.2.0-patched/cipher/rndegd.c
*** gnupg-1.2.0/cipher/rndegd.c     Fri Aug 30 18:33:55 2002
--- gnupg-1.2.0-patched/cipher/rndegd.c   Thu Sep 26 09:26:56 2002
***************
*** 114,120 ****
      bname = "=entropy";

    if ( *bname == '=' && bname[1] )
!     name = make_filename( g10_opt_homedir, bname+1 , NULL );
    else
      name = make_filename( bname , NULL );

--- 114,130 ----
      bname = "=entropy";

    if ( *bname == '=' && bname[1] )
!     {
!       if (g10_opt_homedir)
!         name = make_filename( g10_opt_homedir, bname+1 , NULL );
!       else
!         {
!           if (nofail)
!             return -1;
!           else
!             g10_log_fatal("no directory for EGD socket\n");
!         }
!     }
    else
      name = make_filename( bname , NULL );

diff -C3 -r gnupg-1.2.0/util/fileutil.c gnupg-1.2.0-patched/util/fileutil.c
*** gnupg-1.2.0/util/fileutil.c     Sat Jun 29 15:39:56 2002
--- gnupg-1.2.0-patched/util/fileutil.c   Thu Sep 26 09:27:12 2002
***************
*** 101,106 ****
--- 101,109 ----
      const char *s;
      char *name, *home, *p;

+     if (!first_part)
+       return NULL;
+
      va_start( arg_ptr, first_part ) ;
      n = strlen(first_part)+1;
      while( (s=va_arg(arg_ptr, const char *)) )





More information about the Gnupg-devel mailing list