[PATCH] crypto: gracefully handle gmime errors
Jan Malakhovski
oxij at oxij.org
Thu Aug 31 08:17:02 PDT 2017
David Bremner <david at tethera.net> writes:
> Oh, by the way, I think this was reported already in
> id:qf5d17wzq90.fsf at google.com, but we don't have a test case.
Yep. Seems to be the same bug. Added to References.
> So if you have (or can make) a message that triggers these segfaults,
> and that you can share, that would be helpful.
The test suite has such a message already. "signature verification
(notmuch CLI)" test fails with a SIGSEGV when built with gmime-2.6.23.
T355-smime: Testing S/MIME signature verification and decryption
gpgsm: keybox '/tmp/nix-build-notmuch-0.25.drv-0/notmuch-test-8789.qe2sRf/gnupg/pubring.kbx' created
PASS emacs delivery of S/MIME signed message
PASS emacs delivery of S/MIME encrypted + signed message
PASS Signature verification (openssl)
FAIL signature verification (notmuch CLI)
--- T355-smime.4.expected 2017-08-31 14:57:24.145052329 +0000
+++ T355-smime.4.output 2017-08-31 14:57:24.145052329 +0000
@@ -1,56 +1 @@
-[
- [
- [
- {
- "body": [
- {
- "content": [
- {
- "content": "This is a test signed message.\n",
- "content-type": "text/plain",
- "id": 2
- },
- {
- "content-disposition": "attachment",
- "content-length": "NONZERO",
- "content-transfer-encoding": "base64",
- "content-type": "application/x-pkcs7-signature",
- "filename": "smime.p7s",
- "id": 3
- }
- ],
- "content-type": "multipart/signed",
- "id": 1,
- "sigstatus": [
- {
- "created": 946728000,
- "expires": 424242424,
- "fingerprint": "616F46CD73834C63847756AF0DFB64A6E0972A47",
- "status": "good"
- }
- ]
- }
- ],
- "date_relative": "2000-01-01",
- "excluded": false,
- "filename": [
- "YYYYY"
- ],
- "headers": {
- "Date": "Sat, 01 Jan 2000 12:00:00 +0000",
- "From": "Notmuch Test Suite <test_suite at notmuchmail.org>",
- "Subject": "test signed message 001",
- "To": "test_suite at notmuchmail.org"
- },
- "id": "XXXXX",
- "match": true,
- "tags": [
- "inbox",
- "signed"
- ],
- "timestamp": 946728000
- },
- []
- ]
- ]
-]
+
Failed to construct pkcs7 context.
No JSON object could be decoded
PASS Decryption and signature verification (openssl)
Cheers,
Jan
More information about the notmuch
mailing list