[Pkg-gnutls-commits] r229 - in /packages/opencdk8/trunk/debian: changelog patches/02-keylist-doublefree.patch

ametzler at users.alioth.debian.org ametzler at users.alioth.debian.org
Sun Oct 22 16:24:57 UTC 2006 

Author: ametzler
Date: Sun Oct 22 16:24:56 2006
New Revision: 229

URL: http://svn.debian.org/wsvn/pkg-gnutls/?sc=1&rev=229
Log:
0.5.9-2: Pulled from 0.5.10: Fix doublefree in keylist.c.

Added:
    packages/opencdk8/trunk/debian/patches/02-keylist-doublefree.patch
Modified:
    packages/opencdk8/trunk/debian/changelog

Modified: packages/opencdk8/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/opencdk8/trunk/debian/changelog?rev=229&op=diff
==============================================================================
--- packages/opencdk8/trunk/debian/changelog (original)
+++ packages/opencdk8/trunk/debian/changelog Sun Oct 22 16:24:56 2006
@@ -1,10 +1,10 @@
-opencdk8 (0.5.9-2) UNRELEASED; urgency=low
-
-  * NOT RELEASED YET
+opencdk8 (0.5.9-2) unstable; urgency=low
+
   [ Andreas Metzler ]
   * Add a watchfile.
-
- -- Andreas Metzler <ametzler at debian.org>  Tue,  8 Aug 2006 19:34:05 +0200
+  * Pulled from 0.5.10: Fix doublefree in keylist.c.
+
+ -- Andreas Metzler <ametzler at debian.org>  Sat, 21 Oct 2006 13:32:46 +0200
 
 opencdk8 (0.5.9-1) unstable; urgency=low
 

Added: packages/opencdk8/trunk/debian/patches/02-keylist-doublefree.patch
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/opencdk8/trunk/debian/patches/02-keylist-doublefree.patch?rev=229&op=file
==============================================================================
--- packages/opencdk8/trunk/debian/patches/02-keylist-doublefree.patch (added)
+++ packages/opencdk8/trunk/debian/patches/02-keylist-doublefree.patch Sun Oct 22 16:24:56 2006
@@ -1,0 +1,32 @@
+ http://lists.gnupg.org/pipermail/gnutls-dev/2006-October/001248.html
+ "Adam Langley" <agl at imperialviolet.org> writes:
+
+ > (I hope opencdk is on topic for this list)
+ 
+ Yes.
+ 
+ > Line numbers from opencdk-0.5.9
+ >
+ > in keylist.c:cdk_pklist_encrypt:287
+ >
+ > This call to cdk_pklist_encrypt also causes enc to be free'ed, however
+ > the pointer here isn't NULLed out so it's double free'ed at line 294
+ >
+ > Suggested (e.g. it works for me): set enc to NULL after cdk_pklist_encrypt
+ 
+ I assume you meant after cdk_pkt_write?  That would make more sense.
+ 
+ I'll be releasing opencdk 0.5.10 later today, so if you, or anyone
+ else, have time, please check if CVS works fine.
+ 
+ /Simon
+--- opencdk-0.5.9/src/keylist.c	2006-08-06 15:13:07.000000000 +0200
++++ opencdk-0.5.10/src/keylist.c	2006-10-11 16:07:42.000000000 +0200
+@@ -285,6 +285,7 @@
+             pkt->pkt.pubkey_enc = enc;
+             rc = cdk_pkt_write( outp, pkt );
+             cdk_pkt_free( pkt );
++	    enc = NULL; /* free'd by cdk_pkt_free() */
+             if( rc )
+                 break;
+ 	}

More information about the Pkg-gnutls-commits mailing list