mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpgsm: Avoid double free when checking rsaPSS signatures.
* sm/certcheck.c (gpgsm_check_cms_signature): Do not free s_sig on error. Its owned and freed by the caller. -- This is part of GnuPG-bug-id: 7129 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Fixes-commit: 969abcf40cdfc65f3ee859c5e62889e1a8ccde91
This commit is contained in:
parent
28c705a3be
commit
dcb0b6fd48
@ -630,13 +630,11 @@ gpgsm_check_cms_signature (ksba_cert_t cert, gcry_sexp_t s_sig,
|
||||
rc = extract_pss_params (s_sig, &algo, &saltlen);
|
||||
if (rc)
|
||||
{
|
||||
gcry_sexp_release (s_sig);
|
||||
return rc;
|
||||
}
|
||||
if (algo != mdalgo)
|
||||
{
|
||||
log_error ("PSS hash algo mismatch (%d/%d)\n", mdalgo, algo);
|
||||
gcry_sexp_release (s_sig);
|
||||
return gpg_error (GPG_ERR_DIGEST_ALGO);
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user