|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #59290 gnupg_verify() segfault on 64bit OS
Submitted: 2010-07-02 04:38 UTC Modified: 2010-07-20 15:27 UTC
From: viktors at ok dot lv Assigned:
Status: Closed Package: gnupg (PECL)
PHP Version: 5.3.2 OS: linux 64bit
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
44 - 1 = ?
Subscribe to this entry?

 [2010-07-02 04:38 UTC] viktors at ok dot lv
In gnupg_verify() gets called:
char * gpgme_data_release_and_get_mem (gpgme_data_t dh, size_t *length), where second argument should be pointer to size_t type variable. However, gpg_plain_len variable is defined as int which on 64bit OS is 4 bytes, but size_t on 64bit OS is 8 bytes. Memory gets corrupted.
Here is the patch that fixes it:
--- gnupg.c.orig	2010-07-02 10:44:22.000000000 +0300
+++ gnupg.c	2010-07-02 11:37:40.000000000 +0300
@@ -1096,7 +1096,7 @@
 	zval	*plain_text		=	NULL; /* signed_text without the signature if its not a detached sig */
 	char	*gpg_plain;
-	int		gpg_plain_len;
+	size_t		gpg_plain_len;


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-07-20 15:27 UTC]
This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on

In case this was a website problem, the change will show
up on the website in short time.
Thank you for the report, and for helping us make PECL better.

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Feb 25 13:01:27 2024 UTC