ports/158674: [PATCH] security/gnupg fix gpg2 Assertion failed: (data), function mpi_from_sexp, file pkglue.c, line 41.

Mark Atkinson atkin901 at gmail.com
Tue Jul 5 20:10:11 UTC 2011 

>Number:         158674
>Category:       ports
>Synopsis:       [PATCH] security/gnupg fix gpg2 Assertion failed: (data), function mpi_from_sexp, file pkglue.c, line 41.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jul 05 20:10:10 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Mark Atkinson
>Release:        9.0-current
>Organization:
>Environment:
FreeBSD moby 9.0-CURRENT FreeBSD 9.0-CURRENT #4 r223681: Wed Jun 29 12:50:00 PDT 2011
>Description:
If you try to sign something in the recent gnupg 2.0.17 w/libcrypt 5.0 you will receive the following error:

enigmail> /usr/local/bin/gpg2 --charset utf8 --batch --no-tty --status-fd 2 --comment Using GnuPG with Mozilla - http://enigmail.mozdev.org/ -t --clearsign -u <atkin901 at gmail.com> --use-agent
Warning: using insecure memory!
Assertion failed: (data), function mpi_from_sexp, file pkglue.c, line 41.

This is first described here:

http://www.gossamer-threads.com/lists/gnupg/gcrypt/55063

and the appropriate patch is found here:

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blobdiff_plain;f=g10/pkglue.c;h=5c47511f7236cbde17a2a983bc597950be830475;hp=cbfe21ea89f4088033e660c5210178a535fb86c9;hb=13290b0e0fcf3a493e4848b29329d56b69bc4dd9;hpb=af497d52c3c88d1cdbedf1c7c2ce2f21f2bc9ad4


>How-To-Repeat:
Attempt to sign with gnupg 2.0.17 w/libcrypt 5.0
>Fix:
Apply the attached patch recompile and re-install.

Patch attached with submission follows:

diff --git a/g10/pkglue.c b/g10/pkglue.c
index cbfe21e..5c47511 100644
--- a/g10/pkglue.c
+++ b/g10/pkglue.c
@@ -34,10 +34,10 @@ mpi_from_sexp (gcry_sexp_t sexp, const char * item)
 {
   gcry_sexp_t list;
   gcry_mpi_t data;
-  
+
   list = gcry_sexp_find_token (sexp, item, 0);
   assert (list);
-  data = gcry_sexp_nth_mpi (list, 1, 0);
+  data = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG);
   assert (data);
   gcry_sexp_release (list);
   return data;
@@ -293,7 +293,7 @@ pk_decrypt (int algo, gcry_mpi_t * result, gcry_mpi_t * data,
   if (rc)
     return rc;
 
-  *result = gcry_sexp_nth_mpi (s_plain, 0, 0);
+  *result = gcry_sexp_nth_mpi (s_plain, 0, GCRYMPI_FMT_USG);
   gcry_sexp_release (s_plain);
   if (!*result)
     return -1;			/* oops */


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list