[Users] pgpcore causes segfault when checking S/MIME signature of special mail

Marco Moock mm at dorfdsl.de
Tue Jul 2 17:54:28 UTC 2024


Hello!

I am currently experimenting with S/MIME certificates from Sectigo that
have an empty subject. According to the standards this is allowed and
some bugs were already fixed in libksba which is being used by gpgsm.

Although, it makes Claws crash:

Thread 9 "pool-claws-mail" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe98006c0 (LWP 14264)]
0x00007ffff1e348f7 in sgpgme_sigstat_info_short ()
   from /usr/lib/x86_64-linux-gnu/claws-mail/plugins/pgpcore.so

I have attach the email that causes this.
Be ware: You need to run  libksba8:amd64 1.6.7-2
Older versions don't create that crash, they simply say that signature
couldn't be verified.

I assume the real bug is still in gpgsm or its libs, but I think Claws
shouldn't segfault here and should print a proper error message.

-- 
kind regards
Marco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SMIME-TEst
Type: application/octet-stream
Size: 10045 bytes
Desc: not available
URL: <http://lists.claws-mail.org/pipermail/users/attachments/20240702/6a617ac6/attachment.obj>


More information about the Users mailing list