mirror of git://git.gnupg.org/gnupg.git
dirmngr,gpgsm: Return NULL on fail
* dirmngr/ldapserver.c (ldapserver_parse_one): Set SERVER to NULL. * sm/gpgsm.c (parse_keyserver_line): Ditto. -- Reported-by: Joshua Rogers <git@internot.info> "If something inside the ldapserver_parse_one function failed, 'server' would be freed, then returned, leading to a use-after-free. This code is likely copied from sm/gpgsm.c, which was also susceptible to this bug." Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
bdc8efbdd1
commit
abd5f6752d
|
|
@ -125,6 +125,7 @@ ldapserver_parse_one (char *line,
|
|||
{
|
||||
log_info (_("%s:%u: skipping this line\n"), filename, lineno);
|
||||
ldapserver_list_free (server);
|
||||
server = NULL;
|
||||
}
|
||||
|
||||
return server;
|
||||
|
|
|
|||
|
|
@ -862,6 +862,7 @@ parse_keyserver_line (char *line,
|
|||
{
|
||||
log_info (_("%s:%u: skipping this line\n"), filename, lineno);
|
||||
keyserver_list_free (server);
|
||||
server = NULL;
|
||||
}
|
||||
|
||||
return server;
|
||||
|
|
|
|||
Loading…
Reference in New Issue