[Pkg-gnupg-commit] r103 - in /gnupg/branches/lenny/debian: changelog control patches/00list patches/101_172115_fix_keyring_memory_leak.dpatch
dleidert-guest at users.alioth.debian.org
dleidert-guest at users.alioth.debian.org
Fri May 22 14:16:30 UTC 2009
Author: dleidert-guest
Date: Fri May 22 14:16:30 2009
New Revision: 103
URL: http://svn.debian.org/wsvn/pkg-gnupg/?sc=1&rev=103
Log:
* debian/control (Vcs-Svn): Adjusted for Lenny.
* debian/patches/101_172115_fix_keyring_memory_leak.dpatch: Added.
- g10/keyring.c (keyring_get_keyblock): Fix a memory leak due to
ring_trust packets, which slowed down import of large keyrings
leading to potential DoS (#172115, #345911).
Added:
gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch
Modified:
gnupg/branches/lenny/debian/changelog
gnupg/branches/lenny/debian/control
gnupg/branches/lenny/debian/patches/00list
Modified: gnupg/branches/lenny/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/lenny/debian/changelog?rev=103&op=diff
==============================================================================
--- gnupg/branches/lenny/debian/changelog (original)
+++ gnupg/branches/lenny/debian/changelog Fri May 22 14:16:30 2009
@@ -1,6 +1,9 @@
gnupg (1.4.9-3+lenny1) UNRELEASED; urgency=low
- *
+ * debian/patches/101_172115_fix_keyring_memory_leak.dpatch: Added.
+ - g10/keyring.c (keyring_get_keyblock): Fix a memory leak due to
+ ring_trust packets, which slowed down import of large keyrings
+ leading to potential DoS (#172115, #345911).
-- Daniel Leidert (dale) <daniel.leidert at wgdd.de> Fri, 22 May 2009 16:03:39 +0200
Modified: gnupg/branches/lenny/debian/control
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/lenny/debian/control?rev=103&op=diff
==============================================================================
--- gnupg/branches/lenny/debian/control (original)
+++ gnupg/branches/lenny/debian/control Fri May 22 14:16:30 2009
@@ -12,7 +12,7 @@
libreadline5-dev, file, gettext, dpatch, dpkg-dev (>= 1.13.12)
Homepage: http://www.gnupg.org
Vcs-Browser: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/
-Vcs-Svn: svn://svn.debian.org/svn/pkg-gnupg/gnupg/trunk/
+Vcs-Svn: svn://svn.debian.org/svn/pkg-gnupg/gnupg/branches/lenny/
Package: gnupg
Architecture: any
Modified: gnupg/branches/lenny/debian/patches/00list
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/lenny/debian/patches/00list?rev=103&op=diff
==============================================================================
--- gnupg/branches/lenny/debian/patches/00list (original)
+++ gnupg/branches/lenny/debian/patches/00list Fri May 22 14:16:30 2009
@@ -5,3 +5,4 @@
25_it.po_fixes
25_fr.po_fixes
99_yat2m_fix_samp_handling
+101_172115_fix_keyring_memory_leak
Added: gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch?rev=103&op=file
==============================================================================
--- gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch (added)
+++ gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch Fri May 22 14:16:30 2009
@@ -1,0 +1,68 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 101_172115_fix_keyring_memory_leak.dpatch by Daniel Leidert (dale) <daniel.leidert at wgdd.de>
+## taken from Werner Kock (SVN upstream revision 4883)
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: * g10/keyring.c (keyring_get_keyblock): Fix a memory leak due to
+## DP: ring_trust packets.
+## DP:
+## DP: <URL:http://bugs.debian.org/172115>
+## DP: <URL:http://bugs.debian.org/345911>
+## DP: <URL:https://bugs.g10code.com/gnupg/issue1034>
+## DP: <URL:http://lists.gnupg.org/pipermail/gnupg-commits/2009-May/008225.html>
+
+ at DPATCH@
+diff -urNad lenny~/g10/keyring.c lenny/g10/keyring.c
+--- lenny~/g10/keyring.c 2007-10-23 09:50:34.000000000 +0200
++++ lenny/g10/keyring.c 2009-05-22 16:00:10.000000000 +0200
+@@ -430,27 +430,31 @@
+ /* reset lastnode, so that we set the cache status only from
+ * the ring trust packet immediately folling a signature */
+ lastnode = NULL;
+- }
+- else {
+- node = lastnode = new_kbnode (pkt);
+- if (!keyblock)
+- keyblock = node;
+- else
+- add_kbnode (keyblock, node);
+-
+- if ( pkt->pkttype == PKT_PUBLIC_KEY
+- || pkt->pkttype == PKT_PUBLIC_SUBKEY
+- || pkt->pkttype == PKT_SECRET_KEY
+- || pkt->pkttype == PKT_SECRET_SUBKEY) {
+- if (++pk_no == hd->found.pk_no)
+- node->flag |= 1;
+- }
+- else if ( pkt->pkttype == PKT_USER_ID) {
+- if (++uid_no == hd->found.uid_no)
+- node->flag |= 2;
+- }
++ free_packet(pkt);
++ init_packet(pkt);
++ continue;
+ }
+
++ node = lastnode = new_kbnode (pkt);
++ if (!keyblock)
++ keyblock = node;
++ else
++ add_kbnode (keyblock, node);
++
++ if ( pkt->pkttype == PKT_PUBLIC_KEY
++ || pkt->pkttype == PKT_PUBLIC_SUBKEY
++ || pkt->pkttype == PKT_SECRET_KEY
++ || pkt->pkttype == PKT_SECRET_SUBKEY)
++ {
++ if (++pk_no == hd->found.pk_no)
++ node->flag |= 1;
++ }
++ else if ( pkt->pkttype == PKT_USER_ID)
++ {
++ if (++uid_no == hd->found.uid_no)
++ node->flag |= 2;
++ }
++
+ pkt = xmalloc (sizeof *pkt);
+ init_packet(pkt);
+ }
More information about the Pkg-gnupg-commit
mailing list