Bug 376563 - Kleopatra crashes with segmentation fault on startup after importing PEM file
Summary: Kleopatra crashes with segmentation fault on startup after importing PEM file
Status: CONFIRMED
Alias: None
Product: kleopatra
Classification: Applications
Component: general (show other bugs)
Version: 2.3.0
Platform: Gentoo Packages Linux
: NOR crash
Target Milestone: ---
Assignee: Andre Heinecke
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-02-16 22:53 UTC by Guido Winkelmann
Modified: 2022-03-23 22:23 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
The pem file that caused the crash after it was imported (37.19 KB, text/plain)
2017-02-18 16:10 UTC, Guido Winkelmann 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Guido Winkelmann 2017-02-16 22:53:20 UTC 
Kleopatra crashes on startup after briefly showing its main window with "Loading certificate cache..." superimposed on it.

This happens reproducibly every time. No crash manager will appear.

This is the console output:
====
$ kleopatra 
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
'-xnack' is not a recognized feature for this target (ignoring feature)
QObject(0x0)
QObject(0x0)
QObject(0x0)
Segmentation fault
====

Running kleopatra in gdb produces a backtrace with 18421 frames. (Maybe an out of control recursive loop somewhere? 18000 stack frames seems a excessive, even for a complex C++ application...)
The start of that backtrace looks like this:

====
#0  QString::multiArg (this=this@entry=0x7fffff7ff430, numArgs=numArgs@entry=2, args=args@entry=0x7fffff7ff440) at tools/qstring.cpp:7956
#1  0x00007ffff791d594 in QString::arg (a2=..., a1=..., this=0x7fffff7ff430) at /usr/include/qt5/QtCore/qstring.h:931
#2  Kleo::Formatting::prettyName (proto=<optimized out>, id=id@entry=0x7fffc0031080 "Thilo Weber (SmartCard)", name_=name_@entry=0x7fffc0031098 "Thilo Weber", comment_=comment_@entry=0x7fffc00310a4 "SmartCard")
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/utils/formatting.cpp:69
#3  0x00007ffff79201bb in Kleo::Formatting::prettyName (uid=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/utils/formatting.cpp:170
#4  0x00007ffff79202ae in Kleo::Formatting::prettyName (key=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/utils/formatting.cpp:165
#5  0x00007ffff790376e in Kleo::AbstractKeyListModel::data (this=0xb7ddd0, index=..., role=<optimized out>) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:310
#6  0x00007ffff3d23ca5 in QSortFilterProxyModel::lessThan (this=<optimized out>, source_left=..., source_right=...) at itemmodels/qsortfilterproxymodel.cpp:2655
#7  0x00007ffff3d25364 in QSortFilterProxyModelPrivate::proxy_intervals_for_source_items_to_add (this=this@entry=0xd4e970, proxy_to_source=..., source_items=..., source_parent=..., orient=orient@entry=Qt::Vertical)
    at itemmodels/qsortfilterproxymodel.cpp:640
#8  0x00007ffff3d275af in QSortFilterProxyModelPrivate::insert_source_items (this=this@entry=0xd4e970, source_to_proxy=..., proxy_to_source=..., source_items=..., source_parent=..., orient=orient@entry=Qt::Vertical, emit_signal=true)
    at itemmodels/qsortfilterproxymodel.cpp:698
#9  0x00007ffff3d2b69f in QSortFilterProxyModelPrivate::source_items_inserted (this=this@entry=0xd4e970, source_parent=..., start=<optimized out>, end=<optimized out>, orient=orient@entry=Qt::Vertical) at itemmodels/qsortfilterproxymodel.cpp:832
#10 0x00007ffff3d2b9bf in QSortFilterProxyModelPrivate::_q_sourceRowsInserted (this=0xd4e970, source_parent=..., start=<optimized out>, end=<optimized out>) at itemmodels/qsortfilterproxymodel.cpp:1407
#11 0x00007ffff3d2daa9 in QSortFilterProxyModel::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:209
#12 0x00007ffff3d7a09f in QMetaObject::activate (sender=sender@entry=0xb7ddd0, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffff7ffb60) at kernel/qobject.cpp:3740
#13 0x00007ffff3d7aca7 in QMetaObject::activate (sender=sender@entry=0xb7ddd0, m=m@entry=0x7ffff3f8d3c0 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=10, argv=argv@entry=0x7fffff7ffb60) at kernel/qobject.cpp:3602
#14 0x00007ffff3de6f24 in QAbstractItemModel::rowsInserted (this=this@entry=0xb7ddd0, _t1=..., _t2=140, _t3=140) at .moc/moc_qabstractitemmodel.cpp:601
#15 0x00007ffff3d0abcd in QAbstractItemModel::endInsertRows (this=this@entry=0xb7ddd0) at itemmodels/qabstractitemmodel.cpp:2661
#16 0x00007ffff790274f in (anonymous namespace)::HierarchicalKeyListModel::addTopLevelKey (this=this@entry=0xb7ddd0, key=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:746
#17 0x00007ffff7906118 in (anonymous namespace)::HierarchicalKeyListModel::addKeyWithoutParent (key=..., issuer_fpr=<optimized out>, this=<optimized out>) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:728
#18 (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:856
#19 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#20 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
#21 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#22 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
#23 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#24 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
#25 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#26 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
#27 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#28 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
====

The end of that backtrace looks like this:

====

#18377 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#18378 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
#18379 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#18380 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
#18381 0x00007ffff790414d in Kleo::AbstractKeyListModel::addKeys (this=this@entry=0xb7ddd0, keys=std::vector of length 1, capacity 1 = {...}) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:248
#18382 0x00007ffff79062d7 in (anonymous namespace)::HierarchicalKeyListModel::doAddKeys (this=<optimized out>, keys=std::vector of length 1, capacity 1 = {...})
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:869
#18383 0x00007ffff7901d56 in Kleo::AbstractKeyListModel::addKey (this=0xb7ddd0, key=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keylistmodel.cpp:227
#18384 0x000000000047f91c in Kleo::KeyListController::Private::slotAddKey (this=0xb2f120, key=...) at /var/tmp/portage/kde-apps/kleopatra-16.12.2/work/kleopatra-16.12.2/src/view/keylistcontroller.cpp:212
#18385 0x000000000048631d in Kleo::KeyListController::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
    at /var/tmp/portage/kde-apps/kleopatra-16.12.2/work/kleopatra-16.12.2_build/src/moc_keylistcontroller.cpp:168
#18386 0x00007ffff3d7a09f in QMetaObject::activate (sender=sender@entry=0xa2ea30, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7fffffffc8c0) at kernel/qobject.cpp:3740
#18387 0x00007ffff3d7aca7 in QMetaObject::activate (sender=sender@entry=0xa2ea30, m=m@entry=0x7ffff7b83940 <Kleo::KeyCache::staticMetaObject>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7fffffffc8c0) at kernel/qobject.cpp:3602
#18388 0x00007ffff78e8805 in Kleo::KeyCache::added (this=this@entry=0xa2ea30, _t1=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2_build/src/moc_keycache.cpp:201
#18389 0x00007ffff78ef694 in Kleo::KeyCache::insert (this=0xa2ea30, keys=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keycache.cpp:932
#18390 0x00007ffff78ef822 in Kleo::KeyCache::refresh (this=<optimized out>, keys=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keycache.cpp:788
#18391 0x00007ffff78f2c2d in Kleo::KeyCache::RefreshKeysJob::Private::updateKeyCache (this=this@entry=0xafc130) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keycache.cpp:1071
#18392 0x00007ffff78f32f8 in Kleo::KeyCache::RefreshKeysJob::Private::jobDone (this=0xafc130, result=...) at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keycache.cpp:1008
#18393 0x00007ffff78f342c in Kleo::KeyCache::RefreshKeysJob::Private::listAllKeysJobDone (nextKeys=std::vector of length 281, capacity 281 = {...}, res=..., this=0xafc130)
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keycache.cpp:968
#18394 Kleo::KeyCache::RefreshKeysJob::Private::<lambda(const GpgME::KeyListResult&, const std::vector<GpgME::Key, std::allocator<GpgME::Key> >&)>::operator() (keys=std::vector of length 281, capacity 281 = {...}, res=..., __closure=<optimized out>)
    at /var/tmp/portage/kde-apps/libkleo-16.12.2/work/libkleo-16.12.2/src/models/keycache.cpp:1086
#18395 QtPrivate::FunctorCall<QtPrivate::IndexesList<0, 1>, QtPrivate::List<const GpgME::KeyListResult&, const std::vector<GpgME::Key, std::allocator<GpgME::Key> >&>, void, Kleo::KeyCache::RefreshKeysJob::Private::startKeyListing(GpgME::Protocol)::<lambda(const GpgME::KeyListResult&, const std::vector<GpgME::Key, std::allocator<GpgME::Key> >&)> >::call (arg=<optimized out>, f=...) at /usr/include/qt5/QtCore/qobjectdefs_impl.h:135
#18396 QtPrivate::Functor<Kleo::KeyCache::RefreshKeysJob::Private::startKeyListing(GpgME::Protocol)::<lambda(const GpgME::KeyListResult&, const std::vector<GpgME::Key, std::allocator<GpgME::Key> >&)>, 2>::call<QtPrivate::List<GpgME::KeyListResult const&, std::vector<GpgME::Key, std::allocator<GpgME::Key> > const&>, void> (arg=<optimized out>, f=...) at /usr/include/qt5/QtCore/qobjectdefs_impl.h:192
#18397 QtPrivate::QFunctorSlotObject<Kleo::KeyCache::RefreshKeysJob::Private::startKeyListing(GpgME::Protocol)::<lambda(const GpgME::KeyListResult&, const std::vector<GpgME::Key, std::allocator<GpgME::Key> >&)>, 2, QtPrivate::List<const GpgME::KeyListResult&, const std::vector<GpgME::Key, std::allocator<GpgME::Key> >&>, void>::impl(int, QtPrivate::QSlotObjectBase *, QObject *, void **, bool *) (which=<optimized out>, this_=<optimized out>, r=<optimized out>, a=<optimized out>, ret=<optimized out>)
    at /usr/include/qt5/QtCore/qobject_impl.h:169
#18398 0x00007ffff3d7a72a in QtPrivate::QSlotObjectBase::call (a=0x7fffffffcd80, r=0xa2a100, this=0xd70740) at ../../include/QtCore/../../src/corelib/kernel/qobject_impl.h:101

#18399 QMetaObject::activate (sender=sender@entry=0xb70b30, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffcd80) at kernel/qobject.cpp:3723
#18400 0x00007ffff3d7aca7 in QMetaObject::activate (sender=sender@entry=0xb70b30, m=m@entry=0x7ffff5f1f0a0 <QGpgME::ListAllKeysJob::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffcd80)
    at kernel/qobject.cpp:3602


#18401 0x00007ffff5c79e34 in QGpgME::ListAllKeysJob::result (this=this@entry=0xb70b30, _t1=..., _t2=std::vector of length 281, capacity 281 = {...}, _t3=std::vector of length 4, capacity 4 = {...}, _t4=..., _t5=...) at listallkeysjob.moc:147
#18402 0x00007ffff5cba782 in QGpgME::_detail::ThreadedJobMixin<QGpgME::ListAllKeysJob, std::tuple<GpgME::KeyListResult, std::vector<GpgME::Key, std::allocator<GpgME::Key> >, std::vector<GpgME::Key, std::allocator<GpgME::Key> >, QString, GpgME::Error> >::doEmitResult<GpgME::KeyListResult, std::vector<GpgME::Key>, std::vector<GpgME::Key>, QString, GpgME::Error> (tuple=std::tuple containing = {...}, this=0xb70b30) at threadedjobmixin.h:267
#18403 QGpgME::_detail::ThreadedJobMixin<QGpgME::ListAllKeysJob, std::tuple<GpgME::KeyListResult, std::vector<GpgME::Key, std::allocator<GpgME::Key> >, std::vector<GpgME::Key, std::allocator<GpgME::Key> >, QString, GpgME::Error> >::slotFinished (
    this=0xb70b30) at threadedjobmixin.h:216


#18404 0x00007ffff3d7b68a in QObject::event (this=0xb70b30, e=<optimized out>) at kernel/qobject.cpp:1263

#18405 0x00007ffff4594dfc in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0xb70b30, e=0x7fffc005cd60) at kernel/qapplication.cpp:3799

#18406 0x00007ffff459c2e0 in QApplication::notify (this=0x7fffffffd8b0, receiver=0xb70b30, e=0x7fffc005cd60) at kernel/qapplication.cpp:3556
#18407 0x00007ffff3d540e0 in QCoreApplication::notifyInternal2 (receiver=0xb70b30, event=event@entry=0x7fffc005cd60) at kernel/qcoreapplication.cpp:988
#18408 0x00007ffff3d56463 in QCoreApplication::sendEvent (event=0x7fffc005cd60, receiver=<optimized out>) at kernel/qcoreapplication.h:231

#18409 QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x90a510) at kernel/qcoreapplication.cpp:1649
#18410 0x00007ffff3d569c8 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1503
---Type <return> to continue, or q <return> to quit---

#18411 0x00007ffff3d9f633 in postEventSourceDispatch (s=0x96e1b0) at kernel/qeventdispatcher_glib.cpp:276
#18412 0x00007fffee68cd5d in g_main_dispatch (context=0x7fffe00016f0) at /var/tmp/portage/dev-libs/glib-2.48.2/work/glib-2.48.2/glib/gmain.c:3154
#18413 g_main_context_dispatch (context=context@entry=0x7fffe00016f0) at /var/tmp/portage/dev-libs/glib-2.48.2/work/glib-2.48.2/glib/gmain.c:3769
#18414 0x00007fffee68d040 in g_main_context_iterate (context=context@entry=0x7fffe00016f0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at /var/tmp/portage/dev-libs/glib-2.48.2/work/glib-2.48.2/glib/gmain.c:3840
#18415 0x00007fffee68d0ec in g_main_context_iteration (context=0x7fffe00016f0, may_block=1) at /var/tmp/portage/dev-libs/glib-2.48.2/work/glib-2.48.2/glib/gmain.c:3901
#18416 0x00007ffff3d9f6a7 in QEventDispatcherGlib::processEvents (this=0x98a740, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#18417 0x00007ffff3d52dba in QEventLoop::exec (this=this@entry=0x7fffffffd3a0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#18418 0x00007ffff3d5a8ec in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1261
#18419 0x00007ffff408113c in QGuiApplication::exec () at kernel/qguiapplication.cpp:1633
#18420 0x00007ffff4594d55 in QApplication::exec () at kernel/qapplication.cpp:2975
#18421 0x00000000004479c8 in main (argc=1, argv=<optimized out>) at /var/tmp/portage/kde-apps/kleopatra-16.12.2/work/kleopatra-16.12.2/src/main.cpp:247
====

I have not included the middle of the backtrace, since it would be excessively large and seemingly all lines in there look exactly like #27 and #28 anyway.

This problem started immediately after importing a PEM-file with a free S/MIME certificate by Comodo. (Without the private key. Importing the certificate with the private key was not possible either because of various errors, but since Kleopatra now won't start up successfully for me anymore, I cannot reproduce these problems at the moment.) Kleopatra crashed immediately after importing the PEM file (i.e. not just after a manual restart).

gpgme is at version 1.8.0
gpgmepp is at version 16.08.3
qt is at version 5.7.1
gpg is at version 2.1.15
Comment 1 Andre Heinecke 2017-02-17 08:45:16 UTC 
Thank you for your detailed report.

I've had a brief look at the code and don't see an obvious recursion possiblity.

As you write that this happens after importing a specific certificate could you attach that certificate here or send it to aheinecke@intevation.de

Additionally it would be great if you could check with "gpgsm -k" if the output looks fishy already. (e.g. one certificate is repeated a lot)
Comment 2 Guido Winkelmann 2017-02-18 15:54:49 UTC 
gpgsm -k looks like it's working fine here and doesn't show anything that looks fishy to me.
Comment 3 Guido Winkelmann 2017-02-18 16:09:18 UTC 
I just had another look into the PEM file I imported, and I noticed something that could potentially, without having actually looked at the code, explain the out of control recursion:

The Comodo CA certificate is signed by AddTrust External CA Root, which itself is cross signed by UTN - DATACorp SGC, meaning UTN - DATACorp SGC is itself again signed by AddTrust.

This cross-signing thing is a fairly obscure feature of X.509 certificates that, until recently, was very rarely seen in the wild. If a programmer is not aware of this possibility, and didn't think to check X.509 trust paths for loops or at least limit the length of support trust chains, then trying to build a trust path for a certificate with such a cross-signed CA in there somewhere will usually lead to endless recursion.
Comment 4 Guido Winkelmann 2017-02-18 16:10:31 UTC 
Created attachment 104098 [details]
The pem file that caused the crash after it was imported
Comment 5 Andre Heinecke 2017-02-20 09:08:20 UTC 
Thank you very much. I can reproduce the problem with this certificate and I agree about the likely cause.

But there is also an underlying problem in GpgSM. It does not handle the certificate well either. When importing it I got warnings about "Certificate chain too long" and while gpgsm -k looks ok if you do a 
"gpgsm -k --with-validation" causing it to check the certificate chain it takes a while and then shows:
  [checking the CRL failed: Bad certificate chain]
  [certificate is bad: Bad certificate chain]
Comment 6 Denis Kurz 2018-01-31 16:08:42 UTC 
You might want to consider if this was caused by a Qt bug that was resolved fixed in 5.8, as described in Bug 361895, Comment 1.
Comment 7 Andre Heinecke 2018-01-31 17:22:05 UTC 
No it's a bug in GpgSM / Kleopatra. This special certificate is not handled by GpgSM correctly and Kleopatra can't cope with it. I'm not sure if this is only an upstream bug without further analysis. At least Kleopatra should handle this.

I'll try to look at it soon.
Comment 8 Arnold Meißner 2019-08-01 12:29:24 UTC 
User certificates from KIT seem to suffer from this bug as well.
They are cross signed by an old chain with root-CA "Deutsche Telekom Root CA 2"
and a new one with root-CA "T-TeleSec GlobalRoot Class 2".
User certificates are available here (this is mine)
https://search.ca.kit.edu/pubdownload/pem/10311245368690295726648917385
Installing the new root-CA by hand from
https://pki.pca.dfn.de/kit-ca/cgi-bin/pub/pki?cmd=getStaticPage;name=index;id=2&RA_ID=0
seems to enforce the new chain and solve the invalid old root.

Nevertheless the valid path should be found without manual intervention.
Comment 9 Guido Winkelmann 2022-03-23 22:20:21 UTC 
As of 2022-03-23, the bug is still present in the released version 21.08.3, but does appear to be fixed in the newest git version.
Comment 10 Guido Winkelmann 2022-03-23 22:23:17 UTC 
(In reply to Guido Winkelmann from comment #9)
> As of 2022-03-23, the bug is still present in the released version 21.08.3,
> but does appear to be fixed in the newest git version.

Does anybody happen to know which commit fixed it, and whether it was in kleopatra itself or in libkleo?