[Pkg-gnupg-maint] Bug#771263: Bug#771263: gnupg fails (buffer overflow detected) to encrypt archive when called from duplicity
NIIBE Yutaka
gniibe at fsij.org
Fri Nov 28 04:07:09 UTC 2014
On 11/28/2014 10:51 AM, Pandu Rao wrote:
> Package: gnupg
> Version: 1.4.18-4
> Severity: normal
[...]
> *** buffer overflow detected ***: gpg terminated
> ======= Backtrace: =========
> /lib/x86_64-linux-gnu/libc.so.6(+0x7303f)[0x7f581fd9d03f]
> /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f581fe20147]
> /lib/x86_64-linux-gnu/libc.so.6(+0xf4360)[0x7f581fe1e360]
> /lib/x86_64-linux-gnu/libc.so.6(+0xf60b7)[0x7f581fe200b7]
> gpg[0x4916c8]
Disassembling /usr/bin/gpg, it seems for me that it's __fdelt_chk
which caused this "buffer overflow":
4916c3: e8 e8 21 f7 ff callq 4038b0 <__fdelt_chk at plt>
4916c8: 8b 7c 24 28 mov 0x28(%rsp),%edi
One possibility is gnupg-1.4.x/cipher/rndlinux.c:rndlinux_gather_random.
When /dev/random (or /dev/urandom), is not accessible, for some
reason, I think that this buffer overflow is possible when FD_SET
(at line 125).
This is just a my theory. It's pretty unusual you don't have
/dev/random (or /dev/urandom), so, I must be wrong.
But, just in case, could you please check your environment if /dev/random
is normal or not?
--
More information about the Pkg-gnupg-maint
mailing list