mirror of
git://git.gnupg.org/gnupg.git
synced 2024-10-29 19:48:43 +01:00
gpgsm: Avoid double free when checking rsaPSS signatures.
* sm/certcheck.c (gpgsm_check_cms_signature): Do not free s_sig on error. Its owned and freed by the caller. -- This is part of GnuPG-bug-id: 7129 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Fixes-commit:969abcf40c
(cherry picked from commitdcb0b6fd48
)
This commit is contained in:
parent
a1f85fdc40
commit
bc43812358
@ -528,13 +528,11 @@ gpgsm_check_cms_signature (ksba_cert_t cert, gcry_sexp_t s_sig,
|
||||
rc = extract_pss_params (s_sig, &algo, &saltlen);
|
||||
if (rc)
|
||||
{
|
||||
gcry_sexp_release (s_sig);
|
||||
return rc;
|
||||
}
|
||||
if (algo != mdalgo)
|
||||
{
|
||||
log_error ("PSS hash algo mismatch (%d/%d)\n", mdalgo, algo);
|
||||
gcry_sexp_release (s_sig);
|
||||
return gpg_error (GPG_ERR_DIGEST_ALGO);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user