From bc43812358ede31e2ef089e97740af6ae9754f62 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Tue, 28 May 2024 17:15:03 +0200 Subject: [PATCH] gpgsm: Avoid double free when checking rsaPSS signatures. * sm/certcheck.c (gpgsm_check_cms_signature): Do not free s_sig on error. Its owned and freed by the caller. -- This is part of GnuPG-bug-id: 7129 Signed-off-by: Jakub Jelen Fixes-commit: 969abcf40cdfc65f3ee859c5e62889e1a8ccde91 (cherry picked from commit dcb0b6fd4822107d68bcb046d4d0650d02c82522) --- sm/certcheck.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/sm/certcheck.c b/sm/certcheck.c index 534f47c1b..eeaeceae9 100644 --- a/sm/certcheck.c +++ b/sm/certcheck.c @@ -528,13 +528,11 @@ gpgsm_check_cms_signature (ksba_cert_t cert, gcry_sexp_t s_sig, rc = extract_pss_params (s_sig, &algo, &saltlen); if (rc) { - gcry_sexp_release (s_sig); return rc; } if (algo != mdalgo) { log_error ("PSS hash algo mismatch (%d/%d)\n", mdalgo, algo); - gcry_sexp_release (s_sig); return gpg_error (GPG_ERR_DIGEST_ALGO); } }