https://bugs.kde.org/show_bug.cgi?id=359464
Bug ID: 359464
Summary: QCA::SecureMessage provides incomplete instances of
public PGP keys when verifying signed messages
Product: qca
Version: Git
Platform: Other
OS: Linux
Status: UNCONFIRMED
Severity: crash
Priority: NOR
Component: general
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected]
Here's a TL;DR:
jkt@svist ~/work/prog/kde/qca/build[master*] $ echo 'hello world' >
my-plaintext
jkt@svist ~/work/prog/kde/qca/build[master*] $ gpg --sign --armor <
my-plaintext > my-signed
You need a passphrase to unlock the secret key for
user: "Jan Kundrát (jkt) <[email protected]>"
1024-bit DSA key, ID 44722517, created 2005-04-16
jkt@svist ~/work/prog/kde/qca/build[master*] $ qcatool-qt5 message verify pgp <
my-signed
hello world
IdentityResult: Valid
Segmentation fault
With a debug build, this is where the error is:
ASSERT: "!isEmpty()" in file /usr/include/qt5/QtCore/qlist.h, line 337
[...]
#5 0x00007ffff797dae3 in QList<QString>::first (this=0x60b0000110a8) at
/usr/include/qt5/QtCore/qlist.h:337
#6 0x00007ffff796eefd in QCA::PGPKey::primaryUserId (this=0x7fffffff6e20) at
../src/qca_cert.cpp:2713
#7 0x000000000052adc0 in smDisplaySignatures (signers=...) at
../tools/qcatool/main.cpp:2234
#8 0x0000000000514339 in main (argc=4) at ../tools/qcatool/main.cpp:4333
Poking through the qca-gpg plugin's source code, it turns out that the
GpgOp::Key::userIds is an empty list and no actual user-IDs are pushed in there
when doing verifications of signed PGP messages.
--
You are receiving this mail because:
You are watching all bug changes.
