[Bug 595553] Re: gpg --list-packets on specific file causes EOF infite loop

Thijs Kinkhorst kink at squirrelmail.org
Mon Feb 20 20:10:52 UTC 2012 

Fixed at least in 1.4.11

** Changed in: gnupg (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/595553

Title:
  gpg --list-packets on specific file causes EOF infite loop

Status in GNU Privacy Guard:
  Fix Released
Status in “gnupg” package in Ubuntu:
  Fix Released

Bug description:
  Binary package hint: gnupg

  I have an encrypted file that I'm trying to get packet information
  from. When I run the file using gpg --list-packets, I get an infinite
  loop of EOFs. Here is the gpg version information:

  
  $ gpg --version
  gpg (GnuPG) 1.4.10
  Copyright (C) 2008 Free Software Foundation, Inc.
  License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
  This is free software: you are free to change and redistribute it.
  There is NO WARRANTY, to the extent permitted by law.

  Home: ~/.gnupg
  Supported algorithms:
  Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
  Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, 
          CAMELLIA192, CAMELLIA256
  Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
  Compression: Uncompressed, ZIP, ZLIB, BZIP2

  Here is a sample of the output:

  $ gpg --list-packets blah.gpg
  :pubkey enc packet: version 3, algo 16, keyid 8158B8738374392C
  	data: [1023 bits]
  	data: [1023 bits]
  :trust packet: flag=e9 sigcache=00
  :unknown packet: type 41, length 2624801341
  dump: 6e 6f 76 7d ac fa f6 7d  84 49 a9 39 ce 47 7b 76  48 7b ff 34 75 c6 1b b1
    24: ac 38 f3 8e 4f 12 ca 1e  ca aa 97 57 97 cc ed 18  31 a5 77 19 83 f1 de d9
    48: 39 80 a3 a6 d4 c0 93 bf  7e 2a 1b b2 78 9a 67 24  3d fd 9d 74 c7 71 3b fe
    72: 6a 34 e8 ce b3 8c c0 c2  41 c7 5c a3 58 bd d2 dd  75 9b 83 74 c7 90 05 2c
    96: 87 40 e9 14 e3 37 49 07  70 dc 1c 81 4c 08 cb 35  fd 30 1b df ff 46 6f 97
   120: 07 2a 46 c9 bf ee 53 67  f0 7c fb 30 6e cf 7d 21  3b fc 90 0b e1 2e 9f 0f
   144: 8a 14 9e 3a d6 d5 00 b2  40 64 d6 20 29 f7 31 9f  45 32 94 3f 88 c1 0b 0b
   168: 20 64 dd 0e e7 d7 b2 6f  c5 90 26 ec 94 30 a9 72  c0 ae 26 61 8c 10 a5 c4
   192: 06 aa c1 f3 a3 0d 0a 43  11 38 75 52 2d ee 0c 98  42 dc b4 c0 71 ad 1b 8e
   216: 22 11 35 d2 af 2c f0 ba  77 81 94 32 1e f4 3e 40  71 17 88 85 d2 27 73 5c
   240: 48 16 30 e2 3e da c4 33  0f 11 83 2c 5a 53 5d 87  df a3 d5 ff a9 6a dd 1d
   264: f0 8c b1 43 e7 61 8c 2c  56 53 f2 a6 36 2f 85 b8  a7 94 d9 9e 2a 6e 9a 7e
   288: a4 dc 62 bc 36 25 71 ab  06 06 04 f8 53 a4 c0 ed  bd 2b 55 ed b5 a5 52 80
   312: 90 bc 0b d7 51 60 f7 f1  57 7c 26 d9 82 bd 52 26  6c 1c 2f 94 1c 78 47 7e
   336: bd bc 31 c8 3c 98 02 8b  34 ba c7 86 77 0f 14 b7  c0 7e 3b c1 0c 0e 56 6c
   360: eb 75 23 a5 9d 0b de 2d  81 3f c0 f9 a0 ba 55 18  bc 23 7f c9 54 49 a2 e9
   384: 4c 66 41 7a d1 a2 45 49  2f d6 59 4d c0 e9 36 ff  c2 3e 70 11 0e 26 51 90
   408: 79 fe 16 ff d9 38 49 5c  79 4e 2f c8 da a8 ac c6  54 c3 55 ee b9 ea 38 6d
   432: dd 4b 7a e3 d5 32 7d 88  e2 b5 9e 55 fa ff ae 77  e9 aa 6a 8d 21 39 e8 0c
   456: f1 df b7 15 85 9b ef be  5d 5f 0d 0a 4a 2a 7d e5  0e 18 e8 54 a2 ba bc 5a
   480: 67 3b 8f a4 0e 9e 2f 0b  e7 48 7f 56 d4 37 39 55  51 b2 3b 05 64 b9 81 e4
   504: 44 c3 3d a2 44 4f 11 d9  ae 48 80 5a a3 d0 36 c6  77 d0 89 7a bc e1 88 14
   528: df 2b b0 f8 a3 69 2d fe  bb 22 c5 d5 a6 85 f7 ef  19 2d c1 cb 29 e0 d2 e8
   552: d2 0c 16 d6 b2 d7 1f 4f  e9 14 fc c2 88 64 89 f2  cc da 9a 6a c8 ec 70 20
   576: 7c f1 d1 35 b5 a1 77 1c  7f e9 f1 0f 89 9f 08 19  f1 6c fb 72 23 23 9e 61
   600: 47 78 fb 24 14 52 c7 9d  e2 3c fe d3 63 86 16 0e  5a 96 2b d4 ec dd f0 e8
   624: 9f 7e 39 d7 ad 26 ee 2b  9b 76 e9 d3 ee bf 49 f4  96 bb b6 b6 c4 28 20 f7
   648: 24 e4 a0 fe a7 2b 07 c1  8e 88 5d 83 c9 ec 0d 0a  e8 c9 de d7 54 42 4d b2
   672: 9f 88 46 7b a6 be 12 12  48 17 e0 9a 82 77 86 c6  9e 27 76 2c c5 41 4a f1
   696: ea ec 2f 29 d3 ef 8b 18  31 36 3b 13 ec fb b7 1e  38 6b ea 83 30 41 aa 1f
   720: 67 61 00 1a ca 5f d3 ab  fd a6 2a 0d 0a bd 23 66  EOF EOF EOF EOF EOF EOF EOF EOF
   744: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   768: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   792: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   816: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   840: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   864: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   888: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   912: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   936: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   960: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
   984: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1008: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1032: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1056: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1080: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1104: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1128: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1152: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF
  1176: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF

  This seems to continue on forever. I've let it run for several minutes
  and it just keeps producing line after line of EOF. The number up
  front continues to increment.

  If I run it in GDB and Ctrl+C, Here is what I get:

  Program received signal SIGINT, Interrupt.
  0xb7fe2430 in __kernel_vsyscall ()
  (gdb) where
  #0  0xb7fe2430 in __kernel_vsyscall ()
  #1  0xb7ecce83 in __write_nocancel () at ../sysdeps/unix/syscall-template.S:82
  #2  0xb7e761c4 in _IO_new_file_write (f=0xb7f654e0, data=0xb7c6f000, n=106)
      at fileops.c:1276
  #3  0xb7e75e4f in new_do_write (fp=0xb7f654e0, 
      data=0xb7c6f000 "161640: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF\n", to_do=106) at fileops.c:530
  #4  0xb7e76166 in _IO_new_do_write (fp=0xb7f654e0, 
      data=0xb7c6f000 "161640: EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF  EOF EOF EOF EOF EOF EOF EOF EOF\n", to_do=106) at fileops.c:503
  #5  0xb7e76c4d in _IO_new_file_overflow (f=0xb7f654e0, ch=-1) at fileops.c:881
  #6  0xb7e75f98 in _IO_new_file_xsputn (f=0xb7f654e0, data=0x80fc5cb, n=1)
      at fileops.c:1358
  #7  0xb7e4bd1e in _IO_vfprintf_internal (s=0xb7f654e0, 
      format=0x80fc5cb "\n%4d:", ap=0xbfffec7c "\200w\002") at vfprintf.c:1333
  #8  0xb7eefddd in ___fprintf_chk (fp=0xb7f654e0, flag=1, 
      format=0x80fc5cb "\n%4d:") at fprintf_chk.c:37
  #9  0x0806ac99 in fprintf (c=-1, i=0xbfffecfc) at /usr/include/bits/stdio2.h:98
  #10 dump_hex_line (c=-1, i=0xbfffecfc) at parse-packet.c:561
  #11 0x0806f7ac in skip_packet (inp=0x8126948, pkt=<value optimized out>, 
      onlykeypkts=<value optimized out>, retpos=0x0, skip=0xbfffedbc, out=0x0, 
      do_skip=0, dbg_w=0x80fcce8 "parse", dbg_f=0x80fa500 "mainproc.c", 
      dbg_l=1236) at parse-packet.c:625
  #12 parse (inp=0x8126948, pkt=<value optimized out>, 
      onlykeypkts=<value optimized out>, retpos=0x0, skip=0xbfffedbc, out=0x0, 
      do_skip=0, dbg_w=0x80fcce8 "parse", dbg_f=0x80fa500 "mainproc.c", 
      dbg_l=1236) at parse-packet.c:546
  #13 0x0806ffd0 in dbg_parse_packet (inp=0x8126948, pkt=0x81246b0, 
      dbg_f=0x80fa500 "mainproc.c", dbg_l=1236) at parse-packet.c:162
  #14 0x08063497 in do_proc_packets (c=0x8128a90, a=<value optimized out>)
      at mainproc.c:1236
  #15 0x08063909 in proc_packets (anchor=0x0, a=0x8126948) at mainproc.c:1170
  #16 0x0805016e in main (argc=1, argv=0xbffff28c) at gpg.c:3983

  
  I've been able to reproduce this on a RHEL4 box as well using version 1.4.9 of gpg. The file causing the issue is attached. It could very well be that the file is corrupt, but I wouldn't expect gpg to behave that way on a corrupted file. If I pass it a non encrypted file, I get a valid error stating it isn't encrypted. I would expect something similar.

  ProblemType: Bug
  DistroRelease: Ubuntu 10.04
  Package: gnupg 1.4.10-2ubuntu1 [modified: usr/lib/gnupg/gpgkeys_hkp usr/lib/gnupg/gpgkeys_curl]
  ProcVersionSignature: Ubuntu 2.6.32-22.36-generic-pae 2.6.32.11+drm33.2
  Uname: Linux 2.6.32-22-generic-pae i686
  Architecture: i386
  Date: Thu Jun 17 08:56:42 2010
  EcryptfsInUse: Yes
  InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
  ProcEnviron:
   PATH=(custom, user)
   LANG=en_US.utf8
   SHELL=/bin/bash
  SourcePackage: gnupg

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnupg/+bug/595553/+subscriptions

More information about the foundations-bugs mailing list