Package: gpg-agent
Severity: serious
Version: 2.2.12-1
Control: found -1 2.2.13-1
Control: found -1 2.2.14-1
Control: found -1 2.2.15-1
Control: affects -1 src:monkeysphere
Control: tags -1 patch upstream
Control: forwarded -1

On sparc64, powerpc64, and s390x (debian's three 64-bit big-endian
platforms), gpg is unable to create a new OpenPGP certificate from some
secret keys that it already knows about.

In particular, "gpg --batch --generate" from a Key-Grip: line that
refers to a key file in private-keys-v1.d/ that contains a comment
sublist will fail with "Invalid S-expression" on those platforms.

This is due to a buggy invocation of gcry_sexp_build_array that is only
tickled when int is smaller than size_t and the platform is big-endian,
which causes the comment string to be set to zero length, which itself
is interpreted as an error of GPG_ERR_SEXP_ZERO_PREFIX.

However, this failure causes necessary functionality for
"monkeysphere-host import-key" as of monkeysphere version 0.43-3 to
break on these platforms, making monkeysphere FTBFS because the failure
is caught by its test suite.

The attached patch resolves the issue when i test it on (s390x), and should also work on the other two


From e4a158faacd67e15e87183fb48e8bd0cc70f90a8 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <>
Date: Tue, 14 May 2019 00:05:42 -0400
Subject: [PATCH] agent: correct length for uri and comment on 64-bit
 big-endian platforms

* agent/findkey.c (agent_public_key_from_file): pass size_t as int to
gcry_sexp_build_array's %b.


This is only a problem on big-endian systems where size_t is not the
same size as an int.  It was causing failures on debian's s390x,
powerpc64, and sparc64 platforms.

There may well be other failures with %b on those platforms in the
codebase, and it probably needs an audit.

Once you have a key in private-keys-v1.d/$KEYGRIP.key with a comment
or a uri of reasonable length associated with it, this fix can be
tested with:

   gpg-agent --server <<<"READKEY $KEYGRIP"

On the failing platforms, the printed comment will be of length 0.

Gnupg-bug-id: 4501
Signed-off-by: Daniel Kahn Gillmor <>
 agent/findkey.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/agent/findkey.c b/agent/findkey.c
index 755a90be1..20c9dc56a 100644
--- a/agent/findkey.c
+++ b/agent/findkey.c
@@ -1366,6 +1366,7 @@ agent_public_key_from_file (ctrl_t ctrl,
   gcry_sexp_t uri_sexp, comment_sexp;
   const char *uri, *comment;
   size_t uri_length, comment_length;
+  int uri_intlen, comment_intlen;
   char *format, *p;
   void *args[2+7+2+2+1]; /* Size is 2 + max. # of elements + 2 for uri + 2
                             for comment + end-of-list.  */
@@ -1447,14 +1448,16 @@ agent_public_key_from_file (ctrl_t ctrl,
       p = stpcpy (p, "(uri %b)");
       assert (argidx+1 < DIM (args));
-      args[argidx++] = (void *)&uri_length;
+      uri_intlen = (int)uri_length;
+      args[argidx++] = (void *)&uri_intlen;
       args[argidx++] = (void *)&uri;
   if (comment)
       p = stpcpy (p, "(comment %b)");
       assert (argidx+1 < DIM (args));
-      args[argidx++] = (void *)&comment_length;
+      comment_intlen = (int)comment_length;
+      args[argidx++] = (void *)&comment_intlen;
       args[argidx++] = (void*)&comment;
   *p++ = ')';

Attachment: signature.asc
Description: PGP signature

Reply via email to