[Mutt] #3881: GPGME returns success even if it fails to invoke gpg2

Mutt Thu, 29 Sep 2016 01:26:38 -0700

#3881: GPGME returns success even if it fails to invoke gpg2
--------------------+----------------------
 Reporter:  tamo    |      Owner:  mutt-dev
     Type:  defect  |     Status:  new
 Priority:  major   |  Milestone:
Component:  crypto  |    Version:  1.7.0
 Keywords:  gpgme   |
--------------------+----------------------
 Playing around with #3876, I've found that mutt claims "verified
 successfully" on bogus signatures when gpg2 is not on my $PATH.


 https://dev.mutt.org/trac/browser/crypt-gpgme.c#L1578
 {{{
 1571          for(idx=0; (res = show_one_sig_status (ctx, idx, s)) != -1;
 idx++)
 1572            {
 1573              if (res == 1)
 1574                anybad = 1;
 1575              else if (res == 2)
 1576                anywarn = 2;
 1577            }
 1578          if (!anybad)
 1579            badsig = 0;
 }}}

 Here, badsig will be 0 if the first run of show_one_sig_status() returns
 -1.

 So "if (!anybad)" should be "if (idx > 0 && !anybad)", IMO.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3881>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

[Mutt] #3881: GPGME returns success even if it fails to invoke gpg2

Reply via email to