Package: gnupg2 / 2.0.26-6+deb8u2

0034-gpgsm-Return-NULL-on-fail.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
From 907a9a1e986b8c8266f4f01e8ed82acfc636a519 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 22 Dec 2014 12:16:46 +0100
Subject: [PATCH 34/56] gpgsm: Return NULL on fail

* sm/gpgsm.c (parse_keyserver_line): Set SERVER to NULL.

--

Cherry-pick of abd5f6752d693b7f313c19604f0723ecec4d39a6.

Reported-by: Joshua Rogers <git@internot.info>

  "If something inside the ldapserver_parse_one function failed,
   'server' would be freed, then returned, leading to a
   use-after-free.  This code is likely copied from sm/gpgsm.c, which
   was also susceptible to this bug."

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 sm/gpgsm.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 97ec4bb..855de83 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -840,6 +840,7 @@ parse_keyserver_line (char *line,
     {
       log_info (_("%s:%u: skipping this line\n"), filename, lineno);
       keyserver_list_free (server);
+      server = NULL;
     }
 
   return server;
-- 
2.1.4