From: Junio C Hamano <gitster@pobox•com>
To: Rolf Eike Beer <eb@emlix•com>
Cc: git@vger•kernel.org
Subject: Re: gpg-related crash with custom formatter (BUG: gpg-interface.c:915: invalid trust level requested -1)
Date: Tue, 18 Apr 2023 09:17:21 -0700 [thread overview]
Message-ID: <xmqq354xf9m6.fsf@gitster.g> (raw)
In-Reply-To: <5926995.lOV4Wx5bFT@devpool47.emlix.com> (Rolf Eike Beer's message of "Tue, 18 Apr 2023 08:12:03 +0200")
Rolf Eike Beer <eb@emlix•com> writes:
> I use this one:
>
> [format]
> pretty = %C(yellow)commit %H%C(auto)%d%Creset%nAuthor: %an <%ae>
> %C(yellow)% GK %GS %C(auto)[%GT% G?]%Creset%nDate: %ad%n%n%w(0,4,4)%s%n%w(0,
> 4,4)%+b
>
> When I now run "git log" in a repository that contains commits signed by
> people not in my keyring (e.g. the Gentoo git) I get this backtrace:
Thanks for a clearly described report. GPG reports something like
[GNUPG:] NEWSIG
[GNUPG:] ERRSIG B0B5E88696AFE6CB 1 8 00 1681831898 9 E1F036B1FEE7221FC778ECEFB0B5E88696AFE6CB
[GNUPG:] NO_PUBKEY B0B5E88696AFE6CB
but parse_gpg_output() that is responsible for setting the
trust_level member of sigc structure never responds to this report
because none among NEWSIG, ERRSIG, and NO_PUBKEY begins with
"TRUST_" that triggers a call to parse_gpg_trust_level() to set the
member.
The caller of parse_gpg_output() initializes the member to -1 and
that is left intact. Of course, it is not one of the values that
gpg_trust_level_to_str() knows about.
The absolute minimum fix is to initialize the member to TRUST_NEVER
which is one of the values gpg_trust_level_to_str() knows about. It
seems that SSH based signature verification codepath uses the same
approach.
gpg-interface.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git c/gpg-interface.c w/gpg-interface.c
index aceeb08336..2044e00205 100644
--- c/gpg-interface.c
+++ w/gpg-interface.c
@@ -650,7 +650,7 @@ int check_signature(struct signature_check *sigc,
gpg_interface_lazy_init();
sigc->result = 'N';
- sigc->trust_level = -1;
+ sigc->trust_level = TRUST_NEVER;
fmt = get_format_by_sig(signature);
if (!fmt)
prev parent reply other threads:[~2023-04-18 16:17 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-18 6:12 gpg-related crash with custom formatter (BUG: gpg-interface.c:915: invalid trust level requested -1) Rolf Eike Beer
2023-04-18 6:48 ` Jeff King
2023-04-18 15:16 ` Jaydeep Das
2023-04-18 16:24 ` Junio C Hamano
2023-04-19 1:29 ` [PATCH] gpg-interface: set trust level of missing key to "undefined" Jeff King
2023-04-19 15:30 ` Junio C Hamano
2023-04-22 10:47 ` Jeff King
2023-04-24 16:22 ` Junio C Hamano
2023-04-18 16:17 ` Junio C Hamano [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq354xf9m6.fsf@gitster.g \
--to=gitster@pobox$(echo .)com \
--cc=eb@emlix$(echo .)com \
--cc=git@vger$(echo .)kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox