Am Mon, 2003-04-21 um 19.41 schrieb Jeffrey Stedfast: > > In camel/camel-gpg-context.c (evo 1.3 cvs) there is a problem: > > > > In gpg_ctx_op_step the file descriptors stdout_fd, stderr_fd and > > status_fd are polled for input. > > > > But stdout_fd is not read when there is no gpg->ostream to get the data > > (if (FD_ISSET (gpg->stdout_fd, &rdset) && gpg->ostream)). > > > > So the end of file state cannot be detected and thus gpg->seen_eof1 > > won't be set. > > > > If that happens gpg_ctx_op_complete fails to detect when gpg has > > finished and the users of these functions run in an endless loop. > > When can this condition ever happen? When gpg_ctx_op_step is called with gpg->ostream being NULL. gpg_verify and gpg_import_keys don't set them (it actually happened to me when trying to verify a signature). There's even an explicit check if the ostream is set in this function, and this check is causing the problem. But removing the check would cause a null pointer dereference when gpg return some data (it normally doesn't, but you can never know). -- Christophe Saout <christophe saout de>
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil