On 2026-04-19T13:48:35+0800, Kevin J. McCarthy wrote: > Inside show_one_sig_status(), if the error code is GPG_ERR_NO_PUBKEY, > key is NULL. However, show_sig_summary() doesn't check for a NULL key > before dereferencing for the "key expired" case. > > Thanks to [email protected] for the security report. > > Thanks to Alejandro Colomar for his review and suggestion to keep the > ternary operator.
Reviewed-by: Alejandro Colomar <[email protected]> > --- > This is 1 in the list evilrabbit sent. > > crypt-gpgme.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/crypt-gpgme.c b/crypt-gpgme.c > index 5313d6f2..b30632b8 100644 > --- a/crypt-gpgme.c > +++ b/crypt-gpgme.c > @@ -1425,7 +1425,7 @@ static int show_sig_summary (unsigned long sum, > > if ((sum & GPGME_SIGSUM_KEY_EXPIRED)) > { > - time_t at = key->subkeys->expires ? key->subkeys->expires : 0; > + time_t at = (key && key->subkeys) ? key->subkeys->expires : 0; > if (at) > { > state_puts (_("Warning: The key used to create the " > -- > 2.53.0 > -- <https://www.alejandro-colomar.es>
signature.asc
Description: PGP signature
