From collin.funk1 at gmail.com Thu Jul 3 04:51:54 2025 From: collin.funk1 at gmail.com (Collin Funk) Date: Wed, 2 Jul 2025 19:51:54 -0700 Subject: [PATCH gpgme] Remove duplicate character passed to strchr. Message-ID: <5e22d59820d24bbcfb99fbc8f5782ea51284d557.1751511107.git.collin.funk1@gmail.com> * src/keylist.c (parse_sec_field15): Remove duplicate '0' character. Signed-off-by: Collin Funk --- src/keylist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/keylist.c b/src/keylist.c index c0bf2155..7d4c706a 100644 --- a/src/keylist.c +++ b/src/keylist.c @@ -454,7 +454,7 @@ parse_sec_field15 (gpgme_key_t key, gpgme_subkey_t subkey, char *field) subkey->secret = 0; key->secret = 1; } - else if (strchr ("01234567890ABCDEFabcdef", *field)) + else if (strchr ("0123456789ABCDEFabcdef", *field)) { /* Fields starts with a hex digit; thus it is a serial number. */ key->secret = 1; -- 2.50.0 From wk at gnupg.org Thu Jul 3 09:21:26 2025 From: wk at gnupg.org (Werner Koch) Date: Thu, 03 Jul 2025 09:21:26 +0200 Subject: [PATCH gpgme] Remove duplicate character passed to strchr. In-Reply-To: <5e22d59820d24bbcfb99fbc8f5782ea51284d557.1751511107.git.collin.funk1@gmail.com> (Collin Funk via Gnupg-devel's message of "Wed, 2 Jul 2025 19:51:54 -0700") References: <5e22d59820d24bbcfb99fbc8f5782ea51284d557.1751511107.git.collin.funk1@gmail.com> Message-ID: <87h5zt91u1.fsf@jacob.g10code.de> On Wed, 2 Jul 2025 19:51, Collin Funk said: > * src/keylist.c (parse_sec_field15): Remove duplicate '0' character. Thanks. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From wk at gnupg.org Thu Jul 3 09:24:32 2025 From: wk at gnupg.org (Werner Koch) Date: Thu, 03 Jul 2025 09:24:32 +0200 Subject: [PATCH gnupg v2] Disable CPU speculation-related misfeatures In-Reply-To: <1751021219.6405.6.camel@trentalancia.com> (Guido Trentalancia's message of "Fri, 27 Jun 2025 12:46:59 +0200") References: <1748260854.1126.8.camel@trentalancia.com> <87tt57fn0s.fsf@jacob.g10code.de> <1751021219.6405.6.camel@trentalancia.com> Message-ID: <87cyah91ov.fsf@jacob.g10code.de> Hi! I and other already explained that the way you propose the patches is not acceptable: - No autoconf macros and possibly tests to decide whether to use the feature. - No proper ChangeLog (see gnupg/doc/HACKING) Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From collin.funk1 at gmail.com Fri Jul 4 05:34:05 2025 From: collin.funk1 at gmail.com (Collin Funk) Date: Thu, 3 Jul 2025 20:34:05 -0700 Subject: [PATCH gpgme] Fix an uninitialized variable. Message-ID: <5b1f676a4db6395e4919281b77b97e13256fe012.1751600035.git.collin.funk1@gmail.com> * src/engine-gpg.c (gpg_getdirect): Initialize ERR to zero to satisfy the loop condition. -- Fixes-commit: 0a64c7d0c6d0463cf2e06b3a01ef5be4d879bcf0 Signed-off-by: Collin Funk --- src/engine-gpg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/engine-gpg.c b/src/engine-gpg.c index b3399027..c6c5c4e6 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -4226,7 +4226,7 @@ gpg_getdirect (void *engine, const char *argv[], gpgme_data_t dataout, unsigned int flags) { engine_gpg_t gpg = engine; - gpgme_error_t err; + gpgme_error_t err = 0; int i; if (!engine || !argv || !dataout || flags) -- 2.50.0 From collin.funk1 at gmail.com Fri Jul 4 05:42:43 2025 From: collin.funk1 at gmail.com (Collin Funk) Date: Thu, 03 Jul 2025 20:42:43 -0700 Subject: [PATCH gpgme] Fix an uninitialized variable. In-Reply-To: <5b1f676a4db6395e4919281b77b97e13256fe012.1751600035.git.collin.funk1@gmail.com> References: <5b1f676a4db6395e4919281b77b97e13256fe012.1751600035.git.collin.funk1@gmail.com> Message-ID: <87h5zs7hak.fsf@gmail.com> Collin Funk writes: > * src/engine-gpg.c (gpg_getdirect): Initialize ERR to zero to satisfy > the loop condition. > > -- > > Fixes-commit: 0a64c7d0c6d0463cf2e06b3a01ef5be4d879bcf0 > Signed-off-by: Collin Funk > --- > src/engine-gpg.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/engine-gpg.c b/src/engine-gpg.c > index b3399027..c6c5c4e6 100644 > --- a/src/engine-gpg.c > +++ b/src/engine-gpg.c > @@ -4226,7 +4226,7 @@ gpg_getdirect (void *engine, const char *argv[], > gpgme_data_t dataout, unsigned int flags) > { > engine_gpg_t gpg = engine; > - gpgme_error_t err; > + gpgme_error_t err = 0; > int i; > > if (!engine || !argv || !dataout || flags) Hi Werner, forgot to CC. Looks like this was from that commit a few months ago. The original code: gpgme_error_t err; int i; if (!engine || !argv || !dataout || flags) return gpg_error (GPG_ERR_INV_VALUE); for (i=0; !err && argv[i]; i++) if ((err = add_arg (gpg, argv[i]))) return err; Basically, the first iteration will always read an uninitialized variable. Seems mostly harmless and will probably mostly work, but UB is UB. :) Collin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 832 bytes Desc: not available URL: