scd: avoid memory leaks

* scd/app-p15.c (send_certinfo): free labelbuf (do_sign): goto leave instead of return * scd/app-piv.c (do_sign): goto leave instead of return, fix typo in variable name, avoid using uninitialized variables * scd/command.c (cmd_genkey): goto leave instead of return -- Signed-off-by: Jakub Jelen <jjelen@redhat.com> GnuPG-bug-id: 5393
2025-07-02 22:46:30 +02:00 · 2021-04-13 14:02:18 +02:00 · 2021-04-13 14:02:18 +02:00 · 27e7bde12e
commit 27e7bde12e
parent fc5fac83b7
3 changed files with 14 additions and 7 deletions
--- a/scd/app-piv.c
+++ b/scd/app-piv.c
@ -2175,7 +2175,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
  unsigned char oidbuf[64];
  size_t oidbuflen;
  unsigned char *outdata = NULL;
-  size_t outdatalen;
+  size_t outdatalen = 0;
  const unsigned char *s;
  size_t n;
  int keyref, mechanism;
@ -2357,7 +2357,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
  /* Now verify the Application PIN.  */
  err = verify_chv (app, ctrl, 0x80, force_verify, pincb, pincb_arg);
  if (err)
-    return err;
+    goto leave;

  /* Build the Dynamic Authentication Template.  */
  err = concat_tlv_list (0, &apdudata, &apdudatalen,
@ -2403,7 +2403,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
            goto bad_der;
          log_assert (n >= (rval-s)+rlen);
          sval = find_tlv (rval+rlen, n-((rval-s)+rlen), 0x02, &slen);
-          if (!rval)
+          if (!sval)
            goto bad_der;
          rlenx = slenx = 0;
          if (rlen > slen)