1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Fix possible double free of the card serialno.

* g10/free-packet.c (copy_public_key): Copy fields serialno and
updateurl.
--

The PK->serialno is used to get the version of the card to decide
whether it does support other algorithms than SHA-1.  This value is
cached but no deep copy was done when calling copy_public_key.

Bug detected by importing some public keys and then importing a secret
key which led to a double free.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-07-21 17:48:40 +02:00
parent 5818ff0ae3
commit e888f7af65
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -224,6 +224,12 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s)
}
else
d->revkey = NULL;
if (s->serialno)
d->serialno = xstrdup (s->serialno);
if (s->updateurl)
d->updateurl = xstrdup (s->updateurl);
return d;
}