Bug#1132950: gcr-viewer-gtk4 crashes when opening files with private keys
John Scott
jscott at posteo.net
Wed Apr 8 03:27:21 BST 2026
Package: gcr4
Version: 4.4.0.1-3
Severity: normal
Tags: upstream
Forwarded: https://gitlab.gnome.org/GNOME/gcr/-/issues/134
Ahoy,
For the GTK 4 version only, I'm finding on Trixie that gcr-viewer terminates with SIGSEGV when one attempts to open a file that contains a private key, except possibly for PKCS#12 files—only because I think viewing all PKCS#12 files is broken in gcr-viewer-gtk4 for an unrelated reason (different issue) and thus can't test with one. This crash happens before any user interface is displayed just after the process starts.
It is a fortunate coincidence that an installed test in glib-networking-tests works well to demonstrate the problem:
(gdb) gcr-viewer-gtk4 /usr/libexec/installed-tests/glib-networking/files/client-and-key.pem
Thread 1 "gcr-viewer-gtk4" received signal SIGSEGV, Segmentation fault.
on_parser_parsed (parser=<optimized out>, user_data=0x7fffffffd500) at ../tools/viewer/viewer.c:46
46 *cert = gcr_simple_certificate_new (attr->value, attr->length);
Apparently, attr—as returned by gck_attributes_find() just prior—is NULL here. The Gck 4 docs say this is legitimate if the attribute isn't found, so it's wrong for Gcr to not check for this here.
#0 on_parser_parsed (parser=<optimized out>, user_data=0x7fffffffd530) at ../tools/viewer/viewer.c:46
#4 0x00007ffff7167663 in <emit signal 'parsed' on instance 0x55555575bb00 [GcrParser]> (instance=instance at entry=0x55555575bb00, signal_id=<optimized out>, detail=detail at entry=0) at ../../../gobject/gsignal.c:3597
#1 0x00007ffff714bb81 in _g_closure_invoke_va (closure=closure at entry=0x555555763d70, return_value=return_value at entry=0x0, instance=instance at entry=0x55555575bb00, args=args at entry=0x7fffffffd230, n_params=n_params at entry=0, param_types=param_types at entry=0x0) at ../../../gobject/gclosure.c:898
#2 0x00007ffff71618b8 in signal_emit_valist_unlocked (instance=instance at entry=0x55555575bb00, signal_id=signal_id at entry=126, detail=detail at entry=0, var_args=var_args at entry=0x7fffffffd230) at ../../../gobject/gsignal.c:3438
#3 0x00007ffff71675a6 in g_signal_emit_valist (instance=0x55555575bb00, signal_id=126, detail=0, var_args=0x7fffffffd230) at ../../../gobject/gsignal.c:3277
#5 0x00007ffff7f076f0 in _gcr_parser_fire_parsed (self=self at entry=0x55555575bb00 [GcrParser], parsed=parsed at entry=0x55555569efe0) at ../gcr/gcr-parser.c:484
#6 0x00007ffff7ef46d6 in _gcr_parser_parse_der_private_key_rsa (self=0x55555575bb00 [GcrParser], data=0x5555556bc800) at ../gcr/gcr-parser-libgcrypt.c:80
#7 0x00007ffff7f08329 in handle_pem_data (type=type at entry=1128, data=data at entry=0x5555556bc800, outer=outer at entry=0x55555569f640, headers=headers at entry=0x0, user_data=user_data at entry=0x7fffffffd470) at ../gcr/gcr-parser.c:1221
#8 0x00007ffff7f16fb7 in egg_armor_parse (data=data at entry=0x555555763c10, callback=callback at entry=0x7ffff7f081c0 <handle_pem_data>, user_data=user_data at entry=0x7fffffffd470) at ../egg/egg-armor.c:316
#9 0x00007ffff7f067f2 in handle_pem_format (self=<optimized out>, subformat=0, data=0x555555763c10) at ../gcr/gcr-parser.c:1245
#10 parse_pem (self=<optimized out>, data=0x555555763c10) at ../gcr/gcr-parser.c:1258
#11 0x00007ffff7f06bf2 in parser_format_foreach (key=key at entry=0x7ffff7f5be60 <parser_normal>, value=value at entry=0x7ffff7f5be60 <parser_normal>, data=data at entry=0x7fffffffd4c0) at ../gcr/gcr-parser.c:1516
#12 0x00007ffff7f07b1e in gcr_parser_parse_bytes (self=self at entry=0x55555575bb00 [GcrParser], data=data at entry=0x555555763c10, error=error at entry=0x7fffffffd528) at ../gcr/gcr-parser.c:1777
#13 0x0000555555558b45 in simple_certificate_new_from_file (cancellable=0x0, file=0x555555764800, error=0x7fffffffd528) at ../tools/viewer/viewer.c:69
#14 simple_certificate_new_from_commandline_arg (cancellable=0x0, arg=<optimized out>, error=0x7fffffffd528) at ../tools/viewer/viewer.c:94
#15 activate (app=<optimized out>, user_data=<optimized out>) at ../tools/viewer/viewer.c:127
#20 0x00007ffff7167663 in <emit signal 'activate' on instance 0x555555580280 [GtkApplication]> (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at ../../../gobject/gsignal.c:3597
#16 0x00007ffff714b950 in g_closure_invoke (closure=0x555555582390, return_value=0x0, n_param_values=n_param_values at entry=1, param_values=param_values at entry=0x7fffffffd750, invocation_hint=invocation_hint at entry=0x7fffffffd6a0) at ../../../gobject/gclosure.c:835
#17 0x00007ffff715fd43 in signal_emit_unlocked_R (node=node at entry=0x7fffffffd810, detail=detail at entry=0, instance=instance at entry=0x555555580280, emission_return=emission_return at entry=0x0, instance_and_params=instance_and_params at entry=0x7fffffffd750) at ../../../gobject/gsignal.c:3902
#18 0x00007ffff7161769 in signal_emit_valist_unlocked (instance=instance at entry=0x555555580280, signal_id=signal_id at entry=8, detail=detail at entry=0, var_args=var_args at entry=0x7fffffffd970) at ../../../gobject/gsignal.c:3534
#19 0x00007ffff71675a6 in g_signal_emit_valist (instance=0x555555580280, signal_id=8, detail=0, var_args=0x7fffffffd970) at ../../../gobject/gsignal.c:3277
#21 0x00007ffff7281ca0 in g_application_real_local_command_line (application=0x555555580280 [GtkApplication], arguments=0x7fffffffdac8, exit_status=0x7fffffffdac4) at ../../../gio/gapplication.c:1188
#22 0x00007ffff7281e38 in g_application_run (application=application at entry=0x555555580280 [GtkApplication], argc=argc at entry=2, argv=argv at entry=0x7fffffffdc38) at ../../../gio/gapplication.c:2684
#23 0x0000555555557758 in main (argc=2, argv=0x7fffffffdc38) at ../tools/viewer/viewer.c:152
I'm curious why _gcr_parser_parse_der_private_key_rsa gets invoked even when all input data is PEM-encoded. Let me know if you can't reproduce; I have an esoteric PKCS#11 setup and maybe that influences Gck somehow.
Apparently I reported (almost) this same issue upstream a few months ago, but that was in regards to handling illegitimate data. Not being able to import private keys, apparently at all, is a much greater problem.
-- System Information:
Debian Release: 13.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.74+deb13+1-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gcr4 depends on:
ii dbus-user-session [default-dbus-session-bus] 1.16.2-2
ii gcr 3.41.2-3
ii init-system-helpers 1.69~deb13u1
ii libc6 2.41-12+deb13u2
ii libgck-2-2 4.4.0.1-3
ii libgcr-4-4 4.4.0.1-3
ii libglib2.0-0t64 2.84.4-3~deb13u2
ii libgtk-4-1 4.18.6+ds-2
ii libpango-1.0-0 1.56.3-1
ii libsecret-1-0 0.21.7-1
ii libsystemd0 257.9-1~deb13u1
gcr4 recommends no packages.
gcr4 suggests no packages.
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: client-and-key.pem
Type: application/x-x509-ca-cert
Size: 2904 bytes
Desc: test case copied from glib-networking-tests
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20260408/e9fb8f4f/attachment-0001.crt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 411 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20260408/e9fb8f4f/attachment-0001.sig>
More information about the pkg-gnome-maintainers
mailing list