[Pkg-gnupg-commit] [gnupg2] 80/160: g10: Fix keybox-related memory leaks.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Jul 15 09:36:38 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch upstream
in repository gnupg2.
commit 29beea6462cca32d3278b0f7f9364ff4342327b8
Author: Justus Winter <justus at g10code.com>
Date: Thu Jun 30 17:09:59 2016 +0200
g10: Fix keybox-related memory leaks.
* g10/keydb.c (keydb_release): Clear keyblock cache.
(keydb_get_keyblock): Revert previous change.
* kbx/keybox-blob.c (create_blob_finish): Free previous buffer, free
fixups after applying them.
(_keybox_release_blob): Free buffer. Currently, the buffer has been
extracted before the keybox is released, but this is the right thing
to do here.
Fixes-commit: c57501cc
Signed-off-by: Justus Winter <justus at g10code.com>
---
g10/keydb.c | 8 ++++++--
kbx/keybox-blob.c | 24 +++++++++++++++++++-----
2 files changed, 25 insertions(+), 7 deletions(-)
diff --git a/g10/keydb.c b/g10/keydb.c
index c483bb1..e49e25f 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -937,6 +937,7 @@ keydb_release (KEYDB_HANDLE hd)
}
}
+ keyblock_cache_clear (hd);
xfree (hd);
}
@@ -1387,8 +1388,11 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
hd->keyblock_cache.pk_no = pk_no;
hd->keyblock_cache.uid_no = uid_no;
}
- xfree (sigstatus);
- iobuf_close (iobuf);
+ else
+ {
+ xfree (sigstatus);
+ iobuf_close (iobuf);
+ }
}
}
break;
diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c
index 556605a..896f137 100644
--- a/kbx/keybox-blob.c
+++ b/kbx/keybox-blob.c
@@ -661,18 +661,24 @@ create_blob_finish (KEYBOXBLOB blob)
/* do the fixups */
if (blob->fixup_out_of_core)
- return gpg_error (GPG_ERR_ENOMEM);
+ {
+ xfree (p);
+ return gpg_error (GPG_ERR_ENOMEM);
+ }
{
- struct fixup_list *fl;
- for (fl = blob->fixups; fl; fl = fl->next)
+ struct fixup_list *fl, *next;
+ for (fl = blob->fixups; fl; fl = next)
{
assert (fl->off+4 <= n);
p[fl->off+0] = fl->val >> 24;
p[fl->off+1] = fl->val >> 16;
p[fl->off+2] = fl->val >> 8;
p[fl->off+3] = fl->val;
+ next = fl->next;
+ xfree (fl);
}
+ blob->fixups = NULL;
}
/* Compute and store the SHA-1 checksum. */
@@ -680,8 +686,12 @@ create_blob_finish (KEYBOXBLOB blob)
pp = xtrymalloc (n);
if ( !pp )
- return gpg_error_from_syserror ();
+ {
+ xfree (p);
+ return gpg_error_from_syserror ();
+ }
memcpy (pp , p, n);
+ xfree (p);
blob->blob = pp;
blob->bloblen = n;
@@ -1000,7 +1010,11 @@ _keybox_release_blob (KEYBOXBLOB blob)
int i;
if (!blob)
return;
- /* hmmm: release membuf here?*/
+ if (blob->buf)
+ {
+ size_t len;
+ xfree (get_membuf (blob->buf, &len));
+ }
xfree (blob->keys );
xfree (blob->serialbuf);
for (i=0; i < blob->nuids; i++)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list