Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 4 product line. The current stable release is 4.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 510500

Summary: gpg invalid packet error decrypting certain files
Product: Red Hat Enterprise Linux 4 Reporter: Casey Dahlin <cdahlin>
Component: gnupgAssignee: Tomas Mraz <tmraz>
Status: CLOSED CURRENTRELEASE QA Contact: Ondrej Moriš <omoris>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 4.8CC: ebenes, jwest, ohudlick, omoris, tao, vanhoof
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
URL: https://bugs.g10code.com/gnupg/issue537
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 510503 (view as bug list) Environment:
Last Closed: 2012-06-14 20:58:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 510503    
Bug Blocks: 592845    
Attachments:
Description Flags
Reproducer (Top level of tar is NOT A DIRECTORY. Unpack carefully)
none
tweaked version of patch from https://bugs.g10code.com/gnupg/issue537 none

Description Casey Dahlin 2009-07-09 14:26:27 UTC 
Created attachment 351077 [details]
Reproducer (Top level of tar is NOT A DIRECTORY. Unpack carefully)

Description of problem:
Decrypting certain data (length of message seems to be the determining factor) causes this error message:

gpg: [don't know]: invalid packet (ctb=14)

This patch seems to fix it for the customer:
http://lists.gnupg.org/pipermail/gnupg-devel/2006-September/023180.html

Version-Release number of selected component (if applicable):
gnupg-1.2.6-9

How reproducible:
Always

Steps to Reproduce:
1. Unpack the attached tar in a new folder
2. Run:
echo foobar | gpg -d --passphrase-fd 0 --homedir dot.gnupg --yes -o 2019.dat 2019.dat.gpg
  
Actual results:
Error message

Expected results:
The file is decrypted

Additional info:
Customer claims this also reproduces on RHEL 3 and 5. In the case of RHEL 5, I will clone the bug if I can reproduce it myself.
Comment 1 Nalin Dahyabhai 2009-07-13 18:29:51 UTC 
The patch used in 1.4.6 ended up being a bit different; we should use that one instead.  Has a bit of overlap with changes to fix CVE-2006-6235, so needs a bit of adjusting.
Comment 2 Casey Dahlin 2009-07-22 14:24:27 UTC 
Could you point me to the actual patch? I'd like to get a test rpm to the customer.
Comment 3 Nalin Dahyabhai 2009-07-22 17:33:38 UTC 
Created attachment 354751 [details]
tweaked version of patch from https://bugs.g10code.com/gnupg/issue537

This is more or less the patch I was thinking of.  Except for the hunk which updates the copyright, which are different between 1.2.6 and 1.4.5, it should apply without trouble.
Comment 12 Tomas Mraz 2010-05-14 16:03:04 UTC 
Committed to the RHEL-4 trunk CVS.
Comment 14 Ondrej Moriš 2010-05-25 09:27:17 UTC 
RHTS test proposed (see QA whiteboard).
Comment 15 Ondrej Moriš 2010-05-25 09:30:47 UTC 
Before (gnupg-1.2.6-9):

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Test
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   FAIL   ] :: Running 'echo foobar | gpg -d --passphrase-fd 0 --homedir 
     dot.gnupg --yes -o 2019.dat 2019.dat.gpg 1>out 2>&1' (Expected 0, got 2)
:: [   FAIL   ] :: File 'out' should not contain 'invalid packet' 
:: [   LOG    ] :: Duration: 0s
:: [   LOG    ] :: Assertions: 0 good, 2 bad
:: [   FAIL   ] :: RESULT: Test

After (gnupg-1.2.6-9.el4_8.1)

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Test
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   PASS   ] :: Running 'echo foobar | gpg -d --passphrase-fd 0 --homedir 
                   dot.gnupg --yes -o 2019.dat 2019.dat.gpg 1>out 2>&1'
:: [   PASS   ] :: File 'out' should not contain 'invalid packet'
:: [   LOG    ] :: Duration: 0s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: Test