sup

A curses threads-with-tags style email client

sup.git

git clone https://supmua.dev/git/sup/ 
commit 0d768032d39ab8e4b36ed8b06fd4742a1f6acace
parent 300d2bea679f153c64c585129849c0a8af947afe
Author: Gaudenz Steinlin <gaudenz@soziologie.ch>
Date:   Thu, 17 Feb 2011 15:13:31 +0100

Check for ArgumentError on signature verification

Broken signatures can cause a NULL pointer which results in an
ArguementError when calling ctx.verify_result even if the previous call
to ctx.verify does not raise an exception.

The underling cause is probably a bug in GPGME.

Signed-off-by: Hamish Downer 

Diffstat:
M lib/sup/crypto.rb | 12 ++++++++++-- 
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/lib/sup/crypto.rb b/lib/sup/crypto.rb
@@ -232,7 +232,11 @@ EOS
     rescue GPGME::Error => exc
       return unknown_status [gpgme_exc_msg(exc.message)]
     end
-    self.verified_ok? ctx.verify_result
+    begin
+      self.verified_ok? ctx.verify_result
+    rescue ArgumentError => exc
+      return unknown_status [gpgme_exc_msg(exc.message)]
+    end
   end
 
   ## returns decrypted_message, status, desc, lines
@@ -250,7 +254,11 @@ EOS
     rescue GPGME::Error => exc
       return Chunk::CryptoNotice.new(:invalid, "This message could not be decrypted", gpgme_exc_msg(exc.message))
     end
-    sig = self.verified_ok? ctx.verify_result
+    begin
+      sig = self.verified_ok? ctx.verify_result
+    rescue ArgumentError => exc
+      sig = unknown_status [gpgme_exc_msg(exc.message)]
+    end
     plain_data.seek(0, IO::SEEK_SET)
     output = plain_data.read
     output.force_encoding Encoding::ASCII_8BIT if output.respond_to? :force_encoding