1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00

gpg: Avoid a double free on error in the key generation.

* g10/keygen.c (card_store_key_with_backup): Avoid double free and
simplify error handling.
--

This is part of
GnuPG-bug-id: 7129
Co-authored-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Werner Koch 2024-05-28 13:46:36 +02:00
parent d631c8198c
commit bcc002cd45
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -5846,11 +5846,10 @@ static gpg_error_t
card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk, card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
const char *backup_dir) const char *backup_dir)
{ {
gpg_error_t err;
PKT_public_key *sk; PKT_public_key *sk;
gnupg_isotime_t timestamp; gnupg_isotime_t timestamp;
gpg_error_t err; char *hexgrip = NULL;
char *hexgrip;
int rc;
struct agent_card_info_s info; struct agent_card_info_s info;
gcry_cipher_hd_t cipherhd = NULL; gcry_cipher_hd_t cipherhd = NULL;
char *cache_nonce = NULL; char *cache_nonce = NULL;
@ -5858,9 +5857,14 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
size_t keklen; size_t keklen;
char *ecdh_param_str = NULL; char *ecdh_param_str = NULL;
memset (&info, 0, sizeof (info));
sk = copy_public_key (NULL, sub_psk); sk = copy_public_key (NULL, sub_psk);
if (!sk) if (!sk)
return gpg_error_from_syserror (); {
err = gpg_error_from_syserror ();
goto leave;
}
epoch2isotime (timestamp, (time_t)sk->timestamp); epoch2isotime (timestamp, (time_t)sk->timestamp);
if (sk->pubkey_algo == PUBKEY_ALGO_ECDH) if (sk->pubkey_algo == PUBKEY_ALGO_ECDH)
@ -5868,37 +5872,23 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
ecdh_param_str = ecdh_param_str_from_pk (sk); ecdh_param_str = ecdh_param_str_from_pk (sk);
if (!ecdh_param_str) if (!ecdh_param_str)
{ {
free_public_key (sk); err = gpg_error_from_syserror ();
return gpg_error_from_syserror (); goto leave;
} }
} }
err = hexkeygrip_from_pk (sk, &hexgrip); err = hexkeygrip_from_pk (sk, &hexgrip);
if (err) if (err)
{
xfree (ecdh_param_str);
free_public_key (sk);
goto leave; goto leave;
}
memset(&info, 0, sizeof (info)); err = agent_scd_getattr ("SERIALNO", &info);
rc = agent_scd_getattr ("SERIALNO", &info); if (err)
if (rc)
{
xfree (ecdh_param_str);
free_public_key (sk);
err = (gpg_error_t)rc;
goto leave; goto leave;
}
rc = agent_keytocard (hexgrip, 2, 1, info.serialno, err = agent_keytocard (hexgrip, 2, 1, info.serialno,
timestamp, ecdh_param_str); timestamp, ecdh_param_str);
xfree (info.serialno); if (err)
if (rc)
{
err = (gpg_error_t)rc;
goto leave; goto leave;
}
err = agent_keywrap_key (ctrl, 1, &kek, &keklen); err = agent_keywrap_key (ctrl, 1, &kek, &keklen);
if (err) if (err)
@ -5931,10 +5921,13 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
if (err) if (err)
log_error ("writing card key to backup file: %s\n", gpg_strerror (err)); log_error ("writing card key to backup file: %s\n", gpg_strerror (err));
else else
{
/* Remove secret key data in agent side. */ /* Remove secret key data in agent side. */
agent_scd_learn (NULL, 1); agent_scd_learn (NULL, 1);
}
leave: leave:
xfree (info.serialno);
xfree (ecdh_param_str); xfree (ecdh_param_str);
xfree (cache_nonce); xfree (cache_nonce);
gcry_cipher_close (cipherhd); gcry_cipher_close (cipherhd);