FS#73534 - Segfault in key_search_keyserver if key->uids is NULL/empty
Attached to Project:
Pacman
Opened by Cebtenzzre (cebtenzzre) - Thursday, 27 January 2022, 20:33 GMT
Last edited by Allan McRae (Allan) - Tuesday, 08 March 2022, 00:03 GMT
Opened by Cebtenzzre (cebtenzzre) - Thursday, 27 January 2022, 20:33 GMT
Last edited by Allan McRae (Allan) - Tuesday, 08 March 2022, 00:03 GMT
|
Details
Summary and Info:
Pacman v6.0.1 libalpm v13.0.1 As far as I understand, the uids member of gpgme_key_t is a linked list that may be empty, but key_search_keyserver assumes there is a valid primary user ID. Steps to Reproduce: 1. cat /etc/pacman.d/gnupg/dirmngr.conf keyserver hkps://keys.openpgp.org 2. sudo pacman --debug -S avisynthplus ... checking package integrity... debug: found cached pkg: /var/cache/pacman/pkg/avisynthplus-3.7.1.a-1-x86_64.pkg.tar.zst debug: sig data: iHUEABYIAB0WIQSAJH2Z6r06TR46GDboW4aD60i8lQUCYevutQAKCRDoW4aD60i8lRDmAP9K/bFU4Ac/p45ke9v6aD67WLcDP4ANlI4XWsyu9rQikgEA37aFW4FaU4fyAYHf30ZsR8Iu6dSOHcUXYVlDK0VeFg8= debug: checking signature for /var/cache/pacman/pkg/avisynthplus-3.7.1.a-1-x86_64.pkg.tar.zst debug: 1 signatures returned debug: fingerprint: 80247D99EABD3A4D1E3A1836E85B8683EB48BC95 debug: summary: key missing debug: status: No public key debug: timestamp: 1642852021 debug: exp_timestamp: 0 debug: validity: unknown; reason: Success debug: key lookup failed, unknown key debug: signature is not valid debug: looking up key 80247D99EABD3A4D1E3A1836E85B8683EB48BC95 locally debug: key lookup failed, unknown key error: avisynthplus: key "80247D99EABD3A4D1E3A1836E85B8683EB48BC95" is unknown :: Import PGP key 80247D99EABD3A4D1E3A1836E85B8683EB48BC95? [Y/n] debug: looking up key 80247D99EABD3A4D1E3A1836E85B8683EB48BC95 remotely error: segmentation fault Please submit a full bug report with --debug if appropriate. (full log is attached) GDB: >>> bt #0 key_search_keyserver (handle=0x555555583fd0, fpr=0x5555555c3d70 "80247D99EABD3A4D1E3A1836E85B8683EB48BC95", pgpkey=0x7fffffffdeb0) at ../lib/libalpm/signing.c:356 #1 0x00007ffff7f4fca7 in _alpm_key_import (handle=0x555555583fd0, uid=0x0, fpr=0x5555555c3d70 "80247D99EABD3A4D1E3A1836E85B8683EB48BC95") at ../lib/libalpm/signing.c:529 #2 0x00007ffff7f51186 in _alpm_process_siglist (handle=0x555555583fd0, identifier=0x555555e15f10 "avisynthplus", siglist=0x5555575a2f70, optional=0, marginal=0, unknown=0) at ../lib/libalpm/signing.c:970 #3 0x00007ffff7f5597d in check_validity (handle=0x555555583fd0, total=1, total_bytes=1475983) at ../lib/libalpm/sync.c:1025 #4 0x00007ffff7f5606a in _alpm_sync_load (handle=0x555555583fd0, data=0x7fffffffe108) at ../lib/libalpm/sync.c:1173 #5 0x00007ffff7f56e58 in alpm_trans_commit (handle=0x555555583fd0, data=0x7fffffffe108) at ../lib/libalpm/trans.c:188 #6 0x000055555556cc1e in sync_prepare_execute () at ../src/pacman/sync.c:829 #7 0x000055555556c771 in sync_trans (targets=0x555555583ba0) at ../src/pacman/sync.c:728 #8 0x000055555556d0ef in pacman_sync (targets=0x555555583ba0) at ../src/pacman/sync.c:958 #9 0x000055555556875d in main (argc=3, argv=0x7fffffffe348) at ../src/pacman/pacman.c:1258 >>> print gpg_err_code(gpg_err) $3 = GPG_ERR_NO_ERROR >>> list 356,356 356 pgpkey->uid = key->uids->uid; >>> print key->uids $1 = (gpgme_user_id_t) 0x0 |
This task depends upon
Closed by Allan McRae (Allan)
Tuesday, 08 March 2022, 00:03 GMT
Reason for closing: Fixed
Additional comments about closing: git commit 6b37d9943183f662cbd9be9031e5e7ba6fd6bea1
Tuesday, 08 March 2022, 00:03 GMT
Reason for closing: Fixed
Additional comments about closing: git commit 6b37d9943183f662cbd9be9031e5e7ba6fd6bea1
https://lists.archlinux.org/pipermail/pacman-dev/2022-March/025539.html
I'm sure this is progress!