Package: gnupg2 / 2.0.26-6+deb8u2

0039-sm-Avoid-double-free-on-iconv-failure.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
From ced689e12a5037c6aeca62e9eaebdc098bd9c14e Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 19 Dec 2014 18:53:34 -0500
Subject: [PATCH 39/56] sm: Avoid double-free on iconv failure

* sm/minip12.c: (p12_build) if jnlib_iconv_open fails, avoid
double-free of pwbuf.

--

Observed by Joshua Rogers <honey@internot.info>, who proposed a
slightly different fix.

Debian-Bug-Id: 773472

Added fix at a second place - wk.
---
 agent/minip12.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/agent/minip12.c b/agent/minip12.c
index 2471717..0bcab5f 100644
--- a/agent/minip12.c
+++ b/agent/minip12.c
@@ -2182,6 +2182,7 @@ p12_build (gcry_mpi_t *kparms, unsigned char *cert, size_t certlen,
                      " requested charset `%s': %s\n",
                      charset, strerror (errno));
           gcry_free (pwbuf);
+          pwbuf = NULL;
           goto failure;
         }
 
@@ -2196,6 +2197,7 @@ p12_build (gcry_mpi_t *kparms, unsigned char *cert, size_t certlen,
                      " requested charset `%s': %s\n",
                      charset, strerror (errno));
           gcry_free (pwbuf);
+          pwbuf = NULL;
           jnlib_iconv_close (cd);
           goto failure;
         }
-- 
2.1.4