Inside show_one_sig_status(), if the error code is GPG_ERR_NO_PUBKEY, key is NULL. However, show_sig_summary() doesn't check for a NULL key before dereferencing for the "key expired" case.
Thanks to [email protected] for the security report. Thanks to Alejandro Colomar for his review and suggestion to keep the ternary operator. --- This is 1 in the list evilrabbit sent. crypt-gpgme.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypt-gpgme.c b/crypt-gpgme.c index 5313d6f2..b30632b8 100644 --- a/crypt-gpgme.c +++ b/crypt-gpgme.c @@ -1425,7 +1425,7 @@ static int show_sig_summary (unsigned long sum, if ((sum & GPGME_SIGSUM_KEY_EXPIRED)) { - time_t at = key->subkeys->expires ? key->subkeys->expires : 0; + time_t at = (key && key->subkeys) ? key->subkeys->expires : 0; if (at) { state_puts (_("Warning: The key used to create the " -- 2.53.0
