bug#34121: 26.1; elisp crashes on OpenPGP certificates with User IDs without an e-mail address

bug#34121: 26.1; elisp crashes on OpenPGP certificates with User IDs without an e-mail address

[Daniel Kahn Gillmor]

[-- Attachment #1.1: Type: text/plain, Size: 3780 bytes --]

Attached is an OpenPGP certificate (dkg@aclu.org.key) which has three
User IDs, one of which is "dkg@aclu.org" but another has no e-mail
address at all (it's just "Daniel Kahn Gillmor").

From a new, empty user account, i did the following:

    gpg --batch --import < dkg@aclu.org.key

Then, in a new emacs window, in *scratch*, i ran the following:

    (require 'mml)
    (mml-secure-find-usable-keys (epg-make-context 'OpenPGP) "<dkg@aclu.org>" 'encrypt)

it crashes with the following backtrace:

Debugger entered--Lisp error: (wrong-type-argument char-or-string-p nil)
  mml-secure-check-user-id(#s(epg-key :owner-trust ultimate :sub-key-list (#s(epg-sub-key :validity ultimate :capability (sign certify) :secret-p nil :algorithm 1 :length 3072 :id "138F5AB68615C560" :creation-time (23350 . 32581) :expiration-time (24312 . 58949) :fingerprint "888E6BEAC41959269EAA177F138F5AB68615C560") #s(epg-sub-key :validity ultimate :capability (encrypt) :secret-p nil :algorithm 1 :length 3072 :id "9ED30DE244D1D77F" :creation-time (23350 . 32581) :expiration-time nil :fingerprint "9E2D1F76B4070A6BD4919CEA9ED30DE244D1D77F")) :user-id-list (#s(epg-user-id :validity ultimate :string "Daniel Kahn Gillmor" :signature-list nil) #s(epg-user-id :validity ultimate :string "dkgillmor@aclu.org" :signature-list nil) #s(epg-user-id :validity ultimate :string "dkg@aclu.org" :signature-list nil))) "<dkg@aclu.org>")
  mml-secure-find-usable-keys(#s(epg-context :protocol OpenPGP :program "/usr/bin/gpg2" :home-directory nil :armor nil :textmode nil :include-certs nil :cipher-algorithm nil :digest-algorithm nil :compress-algorithm nil :passphrase-callback (epg-passphrase-callback-function) :progress-callback nil :edit-callback nil :signers nil :sig-notations nil :process nil :output-file nil :result nil :operation nil :pinentry-mode nil :error-output "" :error-buffer nil) "<dkg@aclu.org>" encrypt)
  eval((mml-secure-find-usable-keys (epg-make-context 'OpenPGP) "<dkg@aclu.org>" 'encrypt) nil)


This appears to be because mml-secure-check-user-id chokes on the User
ID without any e-mail address.

The attached patch appears to fix the issue.  please include it in
emacs!

(i previously reported this to debian as https://bugs.debian.org/919642)

       --dkg



Configured using:
 'configure --build x86_64-linux-gnu --prefix=/usr
 --sharedstatedir=/var/lib --libexecdir=/usr/lib
 --localstatedir=/var/lib --infodir=/usr/share/info
 --mandir=/usr/share/man --enable-libsystemd --with-pop=yes
 --enable-locallisppath=/etc/emacs:/usr/local/share/emacs/26.1/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/26.1/site-lisp:/usr/share/emacs/site-lisp
 --with-sound=alsa --without-gconf --with-mailutils --build
 x86_64-linux-gnu --prefix=/usr --sharedstatedir=/var/lib
 --libexecdir=/usr/lib --localstatedir=/var/lib
 --infodir=/usr/share/info --mandir=/usr/share/man --enable-libsystemd
 --with-pop=yes
 --enable-locallisppath=/etc/emacs:/usr/local/share/emacs/26.1/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/26.1/site-lisp:/usr/share/emacs/site-lisp
 --with-sound=alsa --without-gconf --with-mailutils --with-x=yes
 --with-x-toolkit=gtk3 --with-toolkit-scroll-bars 'CFLAGS=-g -O2
 -fdebug-prefix-map=/build/emacs-3ThesY/emacs-26.1+1=. -fstack-protector-strong
 -Wformat -Werror=format-security -Wall' 'CPPFLAGS=-Wdate-time
 -D_FORTIFY_SOURCE=2' LDFLAGS=-Wl,-z,relro'

Configured features:
XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND GPM DBUS GSETTINGS NOTIFY
ACL LIBSELINUX GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF XFT ZLIB
TOOLKIT_SCROLL_BARS GTK3 X11 THREADS LIBSYSTEMD LCMS2

Important settings:
  value of $LANG: en_US.UTF-8
  locale-coding-system: utf-8-unix

Major mode: Lisp Interaction


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0001-Avoid-elisp-crash-for-OpenPGP-User-IDs-with-no-e-mai.patch --]
[-- Type: text/x-diff, Size: 1087 bytes --]

From 856d4f2358df9c8977637a0ac007084d0b40b9f2 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 18 Jan 2019 03:12:07 -0500
Subject: [PATCH] Avoid elisp crash for OpenPGP User IDs with no e-mail address

* lisp/gnus/mml-sec.el: (mml-secure-check-user-id) verify that there
  is an e-mail address in the current User ID before trying to
  downcase it.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
 lisp/gnus/mml-sec.el | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el
index a6d989a45f..db7489fbf1 100644
--- a/lisp/gnus/mml-sec.el
+++ b/lisp/gnus/mml-sec.el
@@ -659,6 +659,8 @@ The passphrase is read and cached."
     (catch 'break
       (dolist (uid uids nil)
 	(if (and (stringp (epg-user-id-string uid))
+                 (car (mail-header-parse-address
+                       (epg-user-id-string uid)))
 		 (equal (downcase (car (mail-header-parse-address
 					(epg-user-id-string uid))))
 			(downcase (car (mail-header-parse-address
-- 
2.20.1


[-- Attachment #1.3: dkg@aclu.org.key --]
[-- Type: application/pgp-keys, Size: 3752 bytes --]

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]

bug#34121: 26.1; elisp crashes on OpenPGP certificates with User IDs without an e-mail address

[Eli Zaretskii]

> From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
> Date: Fri, 18 Jan 2019 03:18:48 -0500
> 
> This appears to be because mml-secure-check-user-id chokes on the User
> ID without any e-mail address.
> 
> The attached patch appears to fix the issue.  please include it in
> emacs!

Thanks, pushed to the emacs-26 branch.

Please in the future observe the rules set forth in CONTRIBUTE: there
should be no Signed-off-by: lines in the log message, and the log
message should be formatted as a ChangeLog entry (you can use Emacs
ChangeLog commands to create it).