Bug#616366: libgmime-2.4-2: segmentation fault at gmime-gpg-context.c:1448

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Mar 3 21:01:42 UTC 2011 

Package: libgmime-2.4-2
Version: 2.4.14-1+nmu1
Severity: normal

Normally GMime works great.

However, I have a PGP/MIME encrypted+signed message that when i feed
it through gmime, i get a segmentation fault.

Here is the backtrace (i rebuilt libgmime with
DEB_BUILD_OPTIONS=nostrip to get it):

(gdb) bt
#0  __strlen_sse2 () at ../sysdeps/i386/i686/multiarch/strlen.S:99
#1  0xb7f82ecb in gpg_ctx_op_step (gpg=<value optimized out>, err=<value optimized out>) at gmime-gpg-context.c:1448
#2  0xb7f8450c in gpg_decrypt (context=0x807b400, istream=0x80b4230, ostream=0x80b4290, err=0xbffff42c) at gmime-gpg-context.c:1890
#3  0xb7f780e2 in g_mime_cipher_context_decrypt (ctx=0x807b400, istream=0x80b4230, ostream=0x80b4290, err=0xbffff42c) at gmime-cipher-context.c:342
#4  0xb7f8c50d in g_mime_multipart_encrypted_decrypt (mpe=0x80b3610, ctx=0x807b400, err=0xbffff42c) at gmime-multipart-encrypted.c:405
#5  0x08053de4 in reply_part ()
#6  0x0805850f in show_message_body ()
#7  0x08053644 in notmuch_reply_format_default ()
#8  0x08052c81 in notmuch_reply_command ()
#9  0x0804efce in main ()
(gdb) 

The message in question is signed with a key that has since expired
(it was not expired at the time the signature was made) -- i don't
know whether that's relevant or not.  Also, another message made
within hours that is also PGP/MIME encrypted+signed (using the same
keys) does not cause this fault.

Because the message is encrypted to my secret key, i'm afraid i can't
share it to allow this to be easily replicated.

However, i'm happy to provide any additional info about the message
that you think would be useful.

If i manually decrypt the message, gpg's status output looks like this:

0 dkg at pip:~/tmp$ gpg --decrypt --no-tty --status-fd 2 2>&1 > /dev/null  < bad.msg
[GNUPG:] ENC_TO C61BD3EC21484CFF 1 0
[GNUPG:] USERID_HINT C61BD3EC21484CFF Daniel Kahn Gillmor <dkg at fifthhorseman.net>
[GNUPG:] NEED_PASSPHRASE C61BD3EC21484CFF CCD2ED94D21739E9 1 0
[GNUPG:] GOOD_PASSPHRASE
[GNUPG:] ENC_TO 6C4607A577A37458 16 0
[GNUPG:] KEYEXPIRED 1275505354
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] KEYEXPIRED 1275505354
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
gpg: encrypted with 1024-bit ELG-E key, ID 77A37458, created 2004-01-23
      "Jamie McClelland <jamie at mayfirst.org>"
[GNUPG:] NO_SECKEY 6C4607A577A37458
gpg: encrypted with 4096-bit RSA key, ID 21484CFF, created 2007-06-02
      "Daniel Kahn Gillmor <dkg at fifthhorseman.net>"
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] PLAINTEXT 74 1235778304 mutt-liberace-1000-18750-173
gpg: Signature made Fri 27 Feb 2009 06:45:04 PM EST using DSA key ID 76CC057D
[GNUPG:] KEYEXPIRED 1275505354
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] KEYEXPIRED 1275505354
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] KEYEXPIRED 1275505354
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] SIG_ID 6/A60nJx3RFzGwmrnRuao9uo8Gg 2009-02-27 1235778304
[GNUPG:] KEYEXPIRED 1275505354
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] KEYEXPIRED 1275505354
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
gpg: please do a --check-trustdb
[GNUPG:] EXPKEYSIG 9EAF376276CC057D Jamie McClelland <jamie at mayfirst.org>
gpg: Good signature from "Jamie McClelland <jamie at mayfirst.org>" [expired]
gpg:                 aka "Jamie McClelland <jm at mayfirst.org>" [expired]
[GNUPG:] VALIDSIG 4322A68D5010CF2F22188A179EAF376276CC057D 2009-02-27 1235778304 0 4 0 17 2 01 4322A68D5010CF2F22188A179EAF376276CC057D
gpg: Note: This key has expired!
Primary key fingerprint: 4322 A68D 5010 CF2F 2218  8A17 9EAF 3762 76CC 057D
[GNUPG:] DECRYPTION_OKAY
[GNUPG:] GOODMDC
[GNUPG:] END_DECRYPTION
0 dkg at pip:~/tmp$  

Thanks for maintaining gmime in debian,

  --dkg

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.37-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libgmime-2.4-2 depends on:
ii  libc6                   2.11.2-11        Embedded GNU C Library: Shared lib
ii  libglib2.0-0            2.28.1-1+b1      The GLib library of C routines
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

libgmime-2.4-2 recommends no packages.

libgmime-2.4-2 suggests no packages.

-- no debconf information

More information about the pkg-gnome-maintainers mailing list