Bug#412041: libmail-gnupg-perl: encryption methods behave weirdly if bad recipients are passed

Niko Tyni ntyni at iki.fi
Sat Mar 17 23:17:27 UTC 2007 

tags 412041 - unreproducible moreinfo
clone 412041 -1
retitle -1 libgnupg-interface-perl: please mention the possibility of SIGPIPE
reassign -1 libgnupg-interface-perl 0.33-6
severity -1 wishlist
submitter -1 !
tags 412041 + confirmed
thanks

On Thu, Feb 22, 2007 at 07:56:02PM -0500, Celejar wrote:
> Package: libmail-gnupg-perl
> Version: 0.08-2
> Severity: normal
> 
> All four of the encryption methods behave strangely and inconsistently
> when passed recipients for which gpg can't find public keys. gpg itself
> consistently returns: 'gpg: error reading key: public key not found'.
> The Mail::GnuPG encryption methods sometimes behave correctly, returning a
> non-zero status code, with $self->{last_message} containing:
> 
> gpg: recipient: skipped: public key not found
>  gpg: [stdin]: encryption failed: public key not found
> 
> where 'recipient' is the unmatched recipient.
> 
> But sometimes, the program just dies without any explanation, dropping
> unceremoniously to a command prompt. This occurs even when running under
> rhe debugger; the debugger itself just terminates with no explanation.

Hi,

I can reproduce this here. It's a race condition in
Mail::GnuPG::mime_encrypt(): it's invoking GnuPG::Interface::encrypt()
with options including a non-existent keyid, and then blindly writing
to the child gpg process without preparing for SIGPIPE.  In this case
gpg will exit immediately when it can't find the key, and this sometimes
happens before the print() calls are executed.

Just setting $SIG{PIPE} = 'IGNORE' when doing the print() statements
should fix this, as the gpg error can still be read out of the error
handle afterwards.

I'll prepare a patch and inform upstream hopefully tomorrow. It looks
like most of the methods in Mail::GnuPG suffer from the same problem.

I'm cloning a wishlist bug against libgnupg-interface-perl. Please
consider mentioning this possibility in the documentation, particularly
in the EXAMPLES section.

Cheers,
-- 
Niko Tyni   ntyni at iki.fi

More information about the pkg-perl-maintainers mailing list