From de441cb9cc87089ce7ca72bf45bee82a697bf68e Mon Sep 17 00:00:00 2001
From: Ineiev <ineiev@gnu.org>
Date: Thu, 14 Apr 2016 15:42:25 +0000
Subject: [PATCH] g10: Fix secmem leak.

* g10/keygen.c (proc_parameter_file): Fix secmem leak.

--

proc_parameter_file() adds certain parameters to the list in the para
argument; however, these new entries are leaked because they
are added to head, while the para list is released by the caller
of proc_parameter_file.

GnuPG-bug-id:  1371
---
 g10/keygen.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/g10/keygen.c b/g10/keygen.c
index 268fce56f..dc6696a99 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2329,8 +2329,8 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
       r = xmalloc_clear(sizeof(*r));
       r->key = pKEYUSAGE;
       r->u.usage = openpgp_pk_algo_usage(algo);
-      r->next = para;
-      para = r;
+      r->next = para->next;
+      para->next = r;
     }
   else if (err == -1)
     return -1;
@@ -2363,8 +2363,8 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
 	  r = xmalloc_clear (sizeof(*r));
 	  r->key = pSUBKEYUSAGE;
 	  r->u.usage = openpgp_pk_algo_usage (algo);
-	  r->next = para;
-	  para = r;
+	  r->next = para->next;
+	  para->next = r;
 	}
       else if (err == -1)
 	return -1;
@@ -2400,8 +2400,8 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
 	    p = stpcpy(stpcpy(stpcpy(p," ("), s2 ),")");
 	  if( s3 )
 	    p = stpcpy(stpcpy(stpcpy(p," <"), s3 ),">");
-	  r->next = para;
-	  para = r;
+	  r->next = para->next;
+	  para->next = r;
 	  have_user_id=1;
 	}
     }
@@ -2460,13 +2460,13 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
     r = xmalloc_clear( sizeof *r );
     r->key = pPASSPHRASE_S2K;
     r->u.s2k = s2k;
-    r->next = para;
-    para = r;
+    r->next = para->next;
+    para->next = r;
     r = xmalloc_clear( sizeof *r );
     r->key = pPASSPHRASE_DEK;
     r->u.dek = dek;
-    r->next = para;
-    para = r;
+    r->next = para->next;
+    para->next = r;
   }
 
   /* Make KEYCREATIONDATE from Creation-Date.  */
@@ -2504,8 +2504,8 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
       r = xmalloc_clear( sizeof *r + 20 );
       r->key = pSUBKEYEXPIRE;
       r->u.expire = seconds;
-      r->next = para;
-      para = r;
+      r->next = para->next;
+      para->next = r;
     }
 
   if( !!outctrl->pub.newfname ^ !!outctrl->sec.newfname ) {