From 0d28a696163677d6b34a802b6beddecd805d0fc7 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 5 Jun 2015 14:25:59 +0200
Subject: Fix segv for userids with a backslash.

* src/engine-gpg.c (gpg_keylist_preprocess): Increment SRC for a
backslash.
--

This bug is not exploitable because this bug fills up .data with
backslashes and thus causes the segv.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 src/engine-gpg.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/engine-gpg.c')

diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 57aea8b0..e14fd8dd 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -2194,6 +2194,7 @@ gpg_keylist_preprocess (char *line, char **r_line)
               {
                 *dst++ = '\\';
                 *dst++ = '\\';
+                src++;
               }
 	    else
 	      *(dst++) = *(src++);
-- 
cgit v1.2.3


From 08086dd6901740e155e4361212b4e9cff8a47296 Mon Sep 17 00:00:00 2001
From: Andre Heinecke <aheinecke@intevation.de>
Date: Thu, 2 Jul 2015 10:19:04 +0200
Subject: Add offline mode support for CMS keylisting

* doc/gpgme.texi: Document offline mode.
* src/context.h (gpgme_context): Add offline.
* src/engine-backend.h (keylist, keylist_ext): Add engine_flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
  (_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): New.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine-gpgsm.c (gpgsm_keylist): Handle engine_flags.
  (gpgsm_keylist_ext): Ditto.
* src/gpgme.c (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.def (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.h.in (gpgme_set_offline, gpgme_get_offline): New.
* src/libgpgme.vers (gpgme_set_offline, gpgme_get_offline): New.
* src/keylist.c (gpgme_op_keylist_start): Set offline flag.
  (gpgme_op_keylist_ext_start): Ditto.
* tests/run-keylist.c (show_usage, main): Add offline argument.

--
The offline engine option was introduced with gpgsm 2.1.6
it is mainly useful for a full keylisting that includes
the certificate validation but does not depend on external
information that could take an indefinite amount of time to
collect.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
---
 src/engine-gpg.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/engine-gpg.c')

diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index e14fd8dd..510dfd9d 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -2279,7 +2279,7 @@ gpg_keylist_build_options (engine_gpg_t gpg, int secret_only,
 
 static gpgme_error_t
 gpg_keylist (void *engine, const char *pattern, int secret_only,
-	     gpgme_keylist_mode_t mode)
+	     gpgme_keylist_mode_t mode, int engine_flags)
 {
   engine_gpg_t gpg = engine;
   gpgme_error_t err;
@@ -2298,7 +2298,7 @@ gpg_keylist (void *engine, const char *pattern, int secret_only,
 
 static gpgme_error_t
 gpg_keylist_ext (void *engine, const char *pattern[], int secret_only,
-		 int reserved, gpgme_keylist_mode_t mode)
+		 int reserved, gpgme_keylist_mode_t mode, int engine_flags)
 {
   engine_gpg_t gpg = engine;
   gpgme_error_t err;
-- 
cgit v1.2.3


From 8f28e3caf95d7bc99e9271bfc2b44080166af31f Mon Sep 17 00:00:00 2001
From: Ben Kibbey <bjk@luxsci.net>
Date: Mon, 10 Aug 2015 21:23:02 -0400
Subject: Check the return value when starting gpg.

* src/engine-gpg.c (gpg_decrypt, gpg_delete, gpg_passwd): Check return
value of start().
---
 src/engine-gpg.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/engine-gpg.c')

diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 510dfd9d..c3e36aeb 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -1456,7 +1456,7 @@ gpg_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain)
     err = add_data (gpg, ciph, -1, 0);
 
   if (!err)
-    start (gpg);
+    err = start (gpg);
   return err;
 }
 
@@ -1479,7 +1479,7 @@ gpg_delete (void *engine, gpgme_key_t key, int allow_secret)
     }
 
   if (!err)
-    start (gpg);
+    err = start (gpg);
   return err;
 }
 
@@ -1497,7 +1497,7 @@ gpg_passwd (void *engine, gpgme_key_t key, unsigned int flags)
   if (!err)
     err = add_arg (gpg, key->subkeys->fpr);
   if (!err)
-    start (gpg);
+    err = start (gpg);
   return err;
 }
 
-- 
cgit v1.2.3


From e07d38f5f9f3b94e403f1265ff7fd3d7009dd557 Mon Sep 17 00:00:00 2001
From: Ben Kibbey <bjk@luxsci.net>
Date: Wed, 12 Aug 2015 06:46:43 -0400
Subject: Also check the return code in gpg_sign().

* src/engine-gpg.c (gpg_sign): Check return value from start().
---
 src/engine-gpg.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/engine-gpg.c')

diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index c3e36aeb..d1385926 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -2364,7 +2364,7 @@ gpg_sign (void *engine, gpgme_data_t in, gpgme_data_t out,
     err = add_data (gpg, out, 1, 1);
 
   if (!err)
-    start (gpg);
+    err = start (gpg);
 
   return err;
 }
-- 
cgit v1.2.3