gpg: Fix memory leak in the error case of signature creation.

* g10/sign.c (write_signature_packets): Free SIG. Also replace xcalloc by xtrycalloc. -- If do_sign fails SIG was not released. Note that in the good case SIG is transferred to PKT and freed by free_packet. Reported-by: Stephan Müller Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-10 17:16:07 +01:00 · 2017-02-10 17:16:07 +01:00 · 5996c7bf99
parent 8810314e37
commit 5996c7bf99
1 changed files with 9 additions and 2 deletions
--- a/g10/sign.c
+++ b/g10/sign.c
@ -686,7 +686,10 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
      pk = sk_rover->pk;

      /* Build the signature packet.  */
-      sig = xmalloc_clear (sizeof *sig);
+      sig = xtrycalloc (1, sizeof *sig);
+      if (!sig)
+        return gpg_error_from_syserror ();
+
      if (duration || opt.sig_policy_url
          || opt.sig_notations || opt.sig_keyserver_url)
        sig->version = 4;
@ -731,8 +734,12 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
            print_status_sig_created (pk, sig, status_letter);
          free_packet (&pkt);
          if (rc)
-            log_error ("build signature packet failed: %s\n", gpg_strerror (rc));
+            log_error ("build signature packet failed: %s\n",
+                       gpg_strerror (rc));
 	}
+      else
+        xfree (sig);
+
      if (rc)
        return rc;
    }