[pkg-gnupg-maint] Bug#1074127: gnupg2: write_status_text_and_buffer fails to escape some non-printable characters
Baptiste Beauplat
lyknode at debian.org
Mon Jun 24 19:46:36 BST 2024
On Mon, 2024-06-24 at 18:43 +0200, Andreas Metzler wrote:
> Thank you, I have forwarded this to the upstream tracker.
Thanks a lot.
To give out a bit more context, we got an python Exception on
mentors.debian.net triggered by an upload, signed by sq (Sequoia).
The tool apparently adds a random binary salt to the signature as
notation data, which is then present in the status output.
We read the status output as utf-8 encoded data (perhaps wrongfully)
and python failed to decode the output because the salt was neither
escaped properly nor valid utf-8 output.
I do expect we will not be the only one affected by this issue.
I'd like to point out that other function in gpg seem to escape char
over 127 (such as in `print_hashline` from `g10/gpg.c`).
Best,
--
Baptiste Beauplat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/attachments/20240624/0a431606/attachment.sig>
More information about the pkg-gnupg-maint
mailing list