[kleopatra] [Bug 376563] Kleopatra crashes with segmentation fault on startup after importing PEM file
Guido Winkelmann
bugzilla_noreply at kde.org
Sat Feb 18 16:09:18 GMT 2017
https://bugs.kde.org/show_bug.cgi?id=376563
--- Comment #3 from Guido Winkelmann <guido-kdebugs at unknownsite.de> ---
I just had another look into the PEM file I imported, and I noticed something
that could potentially, without having actually looked at the code, explain the
out of control recursion:
The Comodo CA certificate is signed by AddTrust External CA Root, which itself
is cross signed by UTN - DATACorp SGC, meaning UTN - DATACorp SGC is itself
again signed by AddTrust.
This cross-signing thing is a fairly obscure feature of X.509 certificates
that, until recently, was very rarely seen in the wild. If a programmer is not
aware of this possibility, and didn't think to check X.509 trust paths for
loops or at least limit the length of support trust chains, then trying to
build a trust path for a certificate with such a cross-signed CA in there
somewhere will usually lead to endless recursion.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Kdepim-bugs
mailing list