gpg: Fix NULL de-ref for ambiguous key check in --export-ssh-keys.

* g10/getkey.c: Allow arg RET_KEYBLOCK to be NULL. -- This change adds the expected behavior for the getkey_next function to fix this NULL de-ref. GnuPG-bug-id: 2212 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-11 10:59:13 +01:00 · 2016-01-11 10:59:13 +01:00 · b280aa6423
parent eb9c021631
commit b280aa6423
2 changed files with 10 additions and 1 deletions
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -3059,6 +3059,9 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
  KBNODE keyblock = NULL;
  KBNODE found_key = NULL;

+  if (ret_keyblock)
+    *ret_keyblock = NULL;
+
  for (;;)
    {
      rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems, NULL);
@ -3113,7 +3116,8 @@ found:

  if (!rc)
    {
-      *ret_keyblock = keyblock; /* Return the keyblock.  */
+      if (ret_keyblock)
+        *ret_keyblock = keyblock; /* Return the keyblock.  */
      keyblock = NULL;
    }
  else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND && no_suitable_key)
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -750,6 +750,11 @@ gpg_error_t getkey_byname (ctrl_t ctrl,
   can use free_public_key, which calls release_public_key_parts(PK)
   and then xfree(PK)).

+   RET_KEYBLOCK can be given as NULL; if it is not NULL it the entire
+   found keyblock wis retruned hich must be released with
+   release_kbnode.  If the function returns an error NULL is stored at
+   RET_KEYBLOCK.
+
   The self-signed data has already been merged into the public key
   using merge_selfsigs.  */
 gpg_error_t getkey_next (getkey_ctx_t ctx, PKT_public_key *pk,