[Pkg-gnupg-commit] [gnupg2] 04/102: gpg: Fix buglet in the check_all_keysigs function.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit 693838f0125d5d0c963fa3771b1bd117702af697
Author: Werner Koch <wk at gnupg.org>
Date:   Mon May 9 21:07:40 2016 +0200

    gpg: Fix buglet in the check_all_keysigs function.
    
    * g10/keyedit.c (sig_comparison): Actually compare the pubkey
    algorithms.
    --
    
    This fixes two bugs: The first was a typo which led to us comparing A
    with A.  The second problem was the use of an assert at a place where
    this can't be asserted: Two signature may have different algorithms;
    they won't verify but after all it is about corrupted signatures.
    
    Reported-by: Guilhem Moulin <guilhem at fripost.org>
    GnuPG-bug-id: 2236
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 g10/keyedit.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/g10/keyedit.c b/g10/keyedit.c
index 7ddf342..200a1ab 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -350,8 +350,9 @@ sig_comparison (const void *av, const void *bv)
     return 1;
 
   ndataa = pubkey_get_nsig (a->pubkey_algo);
-  ndatab = pubkey_get_nsig (a->pubkey_algo);
-  log_assert (ndataa == ndatab);
+  ndatab = pubkey_get_nsig (b->pubkey_algo);
+  if (ndataa != ndatab)
+    return (ndataa < ndatab)? -1 : 1;
 
   for (i = 0; i < ndataa; i ++)
     {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git