Bug#1074127: marked as done (gnupg2: write_status_text_and_buffer fails to escape some non-printable characters)

[Debian Bug Tracking System]

Your message dated Wed, 3 Jul 2024 18:47:37 +0200
with message-id <zowaqv2_zjuze...@argenau.bebt.de>
and subject line Re: Bug#1074127: gnupg2: write_status_text_and_buffer fails to 
escape some non-printable characters
has caused the Debian Bug report #1074127,
regarding gnupg2: write_status_text_and_buffer fails to escape some 
non-printable characters
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1074127: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074127
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: gnupg2
Severity: important
Tags: patch upstream
X-Debbugs-Cc: lykn...@debian.org

Dear maintainer,

The check for escaping characters in `write_status_text_and_buffer` is
written in  `g10/cpr.c` as:

```c
333           if (*s == '%' || *(const byte*)s <= lower_limit
334               || *(const byte*)s == 127 )
```

Except `byte` is defined as an unsigned char, with non-printable values
exceeding 127.

Therefor the check should be `>= 127` and not `== 127`.

Practically, this means that some non-printable character are currently
not correctly escaped in a status output.

The following commands illustrate the bug:

```
mkdir -p /tmp/gpg
chmod 700 /tmp/gpg
echo test > /tmp/test.txt

cat << EOF > /tmp/key.txt
     Key-Type: RSA
     Key-Length: 4096
     Subkey-Type: RSA
     Subkey-Length: 4096
     Name-Real: Test key
     Name-Comment: comment
     Name-Email: t...@example.org
     Expire-Date: 0
     Passphrase: abc
     %commit
     %echo done
EOF
GNUPGHOME=/tmp/gpg gpg --batch --generate-key /tmp/key.txt

GNUPGHOME=/tmp/gpg gpg --set-notation \
  "t...@example.org=This is a non-printable char [$(printf "\x8c")]" \
  --clearsign /tmp/test.txt

GNUPGHOME=/tmp/gpg gpg --status-fd 1 --with-colons \
  --verify /tmp/test.txt.asc | cat -A
```

This outputs:

```
[GNUPG:] NOTATION_DATA This%20is%20a%20non-printable%20char%20[M-^L]$
```

While with the proposed patch, it encodes correctly to:

```
[GNUPG:] NOTATION_DATA This%20is%20a%20non-printable%20char%20[%8C]$
```

Best,

-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.8.11-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
(ignored: LC_ALL set to C.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information

-- 
Baptiste Beauplat


diff -Nru gnupg2-2.2.43/debian/patches/Escape-char-127-in-write_status_text_and_buffer.patch gnupg2-2.2.43/debian/patches/Escape-char-127-in-write_status_text_and_buffer.patch
--- gnupg2-2.2.43/debian/patches/Escape-char-127-in-write_status_text_and_buffer.patch	1970-01-01 01:00:00.000000000 +0100
+++ gnupg2-2.2.43/debian/patches/Escape-char-127-in-write_status_text_and_buffer.patch	2024-06-23 14:16:58.000000000 +0200
@@ -0,0 +1,21 @@
+From: Baptiste Beauplat <lykn...@debian.org>
+Date: Sun, 23 Jun 2024 14:16:44 +0200
+Subject: Escape char >= 127 in write_status_text_and_buffer
+
+---
+ g10/cpr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/g10/cpr.c b/g10/cpr.c
+index bc4b715..cd4301d 100644
+--- a/g10/cpr.c
++++ b/g10/cpr.c
+@@ -331,7 +331,7 @@ write_status_text_and_buffer (int no, const char *string,
+       for (esc=0, s=buffer, n=len; n; s++, n--)
+         {
+           if (*s == '%' || *(const byte*)s <= lower_limit
+-              || *(const byte*)s == 127 )
++              || *(const byte*)s >= 127 )
+             esc = 1;
+           if (wrap && ++count > wrap)
+             dowrap=1;
diff -Nru gnupg2-2.2.43/debian/patches/series gnupg2-2.2.43/debian/patches/series
--- gnupg2-2.2.43/debian/patches/series	2024-06-01 01:22:29.000000000 +0200
+++ gnupg2-2.2.43/debian/patches/series	2024-06-23 14:16:58.000000000 +0200
@@ -28,3 +28,4 @@
 restore-nl.po.patch
 from-upstream/scd-openpgp-Fix-PIN-pin2hash_if_kdf.patch
 from-master/gpg-Report-BEGIN_-status-before-examining-the-input.patch
+Escape-char-127-in-write_status_text_and_buffer.patch

signature.asc
Description: This is a digitally signed message part

--- End Message ---

--- Begin Message ---

On 2024-07-01 Baptiste Beauplat <lykn...@debian.org> wrote:
> On Fri, 2024-06-28 at 18:46 +0200, Andreas Metzler wrote:
[...] 
>> So I think the correct thing to do is to close this report. Could you
>> please take it directly to upstream if you want to argue for the design
>> change? I doubt adding me as a messenger in between will improve the
>> rationale.

> Agreed. Thank you for relaying the initial bug report.

Hello Baptiste,

Thanks, doing so.

cu Andreas

--- End Message ---