security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00
Code Activity

scd: avoid memory leaks

Browse Source 
* scd/app-p15.c (send_certinfo): free labelbuf
  (do_sign): goto leave instead of return
* scd/app-piv.c (do_sign): goto leave instead of return, fix typo in
  variable name, avoid using uninitialized variables
* scd/command.c (cmd_genkey): goto leave instead of return

--

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
GnuPG-bug-id: 5393
This commit is contained in:
Jakub Jelen 2021-04-13 14:02:18 +02:00 committed by Werner Koch
parent fc5fac83b7
commit 27e7bde12e
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
scd/app-p15.c
View File

@ -3851,6 +3851,7 @@ send_certinfo (app_t app, ctrl_t ctrl, const char *certtype,
labelbuf, strlen (labelbuf), labelbuf, strlen (labelbuf),
NULL, (size_t)0); NULL, (size_t)0);
xfree (buf); xfree (buf);
xfree (labelbuf);
} }
return 0; return 0;
} }
@ -5461,7 +5462,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
if (err) if (err)
{ {
log_error ("p15: MSE failed: %s\n", gpg_strerror (err)); log_error ("p15: MSE failed: %s\n", gpg_strerror (err));
return err; goto leave;
} }
/* Now that we have all the information available run the actual PIN /* Now that we have all the information available run the actual PIN
@ -5500,7 +5501,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
if (err) if (err)
{ {
log_error ("p15: MSE failed: %s\n", gpg_strerror (err)); log_error ("p15: MSE failed: %s\n", gpg_strerror (err));
return err; goto leave;
} }
if (prkdf->keyalgo == GCRY_PK_RSA && prkdf->keynbits > 2048) if (prkdf->keyalgo == GCRY_PK_RSA && prkdf->keynbits > 2048)

6
scd/app-piv.c
View File

@ -2175,7 +2175,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
unsigned char oidbuf[64]; unsigned char oidbuf[64];
size_t oidbuflen; size_t oidbuflen;
unsigned char *outdata = NULL; unsigned char *outdata = NULL;
size_t outdatalen; size_t outdatalen = 0;
const unsigned char *s; const unsigned char *s;
size_t n; size_t n;
int keyref, mechanism; int keyref, mechanism;
@ -2357,7 +2357,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
/* Now verify the Application PIN. */ /* Now verify the Application PIN. */
err = verify_chv (app, ctrl, 0x80, force_verify, pincb, pincb_arg); err = verify_chv (app, ctrl, 0x80, force_verify, pincb, pincb_arg);
if (err) if (err)
return err; goto leave;
/* Build the Dynamic Authentication Template. */ /* Build the Dynamic Authentication Template. */
err = concat_tlv_list (0, &apdudata, &apdudatalen, err = concat_tlv_list (0, &apdudata, &apdudatalen,
@ -2403,7 +2403,7 @@ do_sign (app_t app, ctrl_t ctrl, const char *keyidstr, int hashalgo,
goto bad_der; goto bad_der;
log_assert (n >= (rval-s)+rlen); log_assert (n >= (rval-s)+rlen);
sval = find_tlv (rval+rlen, n-((rval-s)+rlen), 0x02, &slen); sval = find_tlv (rval+rlen, n-((rval-s)+rlen), 0x02, &slen);
if (!rval) if (!sval)
goto bad_der; goto bad_der;
rlenx = slenx = 0; rlenx = slenx = 0;
if (rlen > slen) if (rlen > slen)

10
scd/command.c
View File

@ -1438,7 +1438,10 @@ cmd_genkey (assuan_context_t ctx, char *line)
line = skip_options (line); line = skip_options (line);
if (!*line) if (!*line)
return set_error (GPG_ERR_ASS_PARAMETER, "no key number given"); {
err = set_error (GPG_ERR_ASS_PARAMETER, "no key number given");
goto leave;
}
keyref = line; keyref = line;
while (*line && !spacep (line)) while (*line && !spacep (line))
line++; line++;
@ -1448,7 +1451,10 @@ cmd_genkey (assuan_context_t ctx, char *line)
goto leave; goto leave;
if (!ctrl->card_ctx) if (!ctrl->card_ctx)
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); {
err = gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
goto leave;
}
keyref = keyref_buffer = xtrystrdup (keyref); keyref = keyref_buffer = xtrystrdup (keyref);
if (!keyref) if (!keyref)