Bug 510503 - gpg invalid packet error decrypting certain files
gpg invalid packet error decrypting certain files
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: gnupg (Show other bugs)
5.3
All Linux
urgent Severity urgent
: rc
: ---
Assigned To: Tomas Mraz
Ondrej Moriš
https://bugs.g10code.com/gnupg/issue537
: ZStream
Depends On:
Blocks: 510500 602669
  Show dependency treegraph
 
Reported: 2009-07-09 10:31 EDT by Casey Dahlin
Modified: 2014-06-18 04:46 EDT (History)
4 users (show)

See Also:
Fixed In Version: gnupg-1.4.5-15
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 510500
Environment:
Last Closed: 2013-09-23 07:03:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Reproducer (Top level of tar is NOT A DIRECTORY. Unpack carefully) (12.04 KB, application/x-gzip)
2009-07-09 10:31 EDT, Casey Dahlin
no flags Details

  None (edit)
Description Casey Dahlin 2009-07-09 10:31:54 EDT
Created attachment 351079 [details]
Reproducer (Top level of tar is NOT A DIRECTORY. Unpack carefully)

Confirmed for RHEL 5 as well.

+++ This bug was initially created as a clone of Bug #510500 +++

Created an attachment (id=351077)
Reproducer (Top level of tar is NOT A DIRECTORY. Unpack carefully)

Description of problem:
Decrypting certain data (length of message seems to be the determining factor) causes this error message:

gpg: [don't know]: invalid packet (ctb=14)

This patch seems to fix it for the customer:
http://lists.gnupg.org/pipermail/gnupg-devel/2006-September/023180.html

Version-Release number of selected component (if applicable):
gnupg-1.2.6-9

How reproducible:
Always

Steps to Reproduce:
1. Unpack the attached tar in a new folder
2. Run:
echo foobar | gpg -d --passphrase-fd 0 --homedir dot.gnupg --yes -o 2019.dat 2019.dat.gpg
  
Actual results:
Error message

Expected results:
The file is decrypted

Additional info:
Customer claims this also reproduces on RHEL 3 and 5. In the case of RHEL 5, I will clone the bug if I can reproduce it myself.
Comment 1 Nalin Dahyabhai 2009-07-13 14:29:55 EDT
The patch used in 1.4.6 ended up being a bit different; we should use that one instead.  Has a bit of overlap with changes to fix CVE-2006-6235, so needs a bit of adjusting.
Comment 7 Tomas Mraz 2010-05-05 14:29:28 EDT
Patch is here:
https://bugzilla.redhat.com/show_bug.cgi?id=510500#c3

Note You need to log in before you can comment on or make changes to this bug.