[Pkg-gnupg-maint] Bug#771263: Bug#771263: gnupg buffer overflow

Frederik Himpe frederik at frehi.be
Mon Jan 19 09:18:14 UTC 2015 

On Mon, 2015-01-19 at 13:34 +0900, NIIBE Yutaka wrote:
> On 01/18/2015 07:19 PM, Frederik Himpe wrote:
> > It looks like I'm hitting exactly the same issue:
> > Jan 18 09:19:49 Error: ===== Begin GnuPG log =====
> > Jan 18 09:19:49 Error: *** buffer overflow detected ***: gpg terminated
> > Jan 18 09:19:49 Error: ======= Backtrace: =========
> 
> Thank you for your information.  I wonder if you have reproducible
> configuration which causes this error.

I think this was caused by the fact that I was constantly making
incremental back-ups, without making additional full backups. I had
about 3022 files in my remote backup directory when this happend, and
this bug occurred every time backupninja tried to make an additional
incremental backup.

In the end I could work around/fix it by modifying my backupninja config
to make a full backup from time to time.

In my 80.dup file I had this [dest] section:
[dest]
keep = 10
desturl = scp://backup@example.com/backup/

The keep setting was actually useless here as it could not remove the
old back-ups because newer incremental ones were always based on the old
backups.

I changed this to:
[dest]
increments = 10
keep = 30
desturl = scp://backup@example.com/backup/

So that it would always make a full back-up every 10 days.

The first time, it failed again, but all subsequent runs, where
successfully.

Here is a log extract with the debugging patch applied when it failed
the last time:

Jan 18 19:35:51 Info: >>>> starting action /etc/backup.d/80.dup (because of --now)
Jan 18 19:40:38 Info: Duplicity cleanup finished successfully.
Jan 18 19:44:59 Info: Duplicity remove-older-than finished successfully.
Jan 18 19:49:29 Error: Local and Remote metadata are synchronized, no sync needed.
Jan 18 19:49:29 Error: Last full backup date: Fri Dec 5 21:16:49 2014
Jan 18 19:49:29 Error: Reuse configured PASSPHRASE as SIGN_PASSPHRASE
Jan 18 19:49:29 Error: PIPE: 10
Jan 18 19:49:30 Error: PIPE: 13
Jan 18 19:49:30 Error: PIPE: 1019
Jan 18 19:49:30 Error: PIPE: 1021
Jan 18 19:49:30 Error: GPGError: GPG Failed, see log below:
Jan 18 19:49:30 Error: ===== Begin GnuPG log =====
Jan 18 19:49:30 Error: d some random file names of files in my home directory where listed here buffer overflow detected ***: gpg terminated

-- 
Frederik Himpe <frederik at frehi.be>

More information about the Pkg-gnupg-maint mailing list