security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: Fix memory leaking for long inputs via --command-fd.

Browse Source 
* g10/cpr.c (do_get_from_fd): Free the old buffer.
--

If the received input is longer than 200 characters we used to leak
the previous allocated buffer.

GnuPG-bug-id: 3528
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-11-22 20:54:07 +01:00
parent 0bb7fd0cab
commit ea28ea18f3
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
g10/cpr.c
View File

@ -425,11 +425,17 @@ do_get_from_fd ( const char *keyword, int hidden, int getbool )
{ {
if (i >= len-1 ) if (i >= len-1 )
{ {
/* On the first iteration allocate a new buffer. If that
* buffer is too short at further iterations do a poor man's
* realloc. */
char *save = string; char *save = string;
len += 100; len += 100;
string = hidden? xmalloc_secure ( len ) : xmalloc ( len ); string = hidden? xmalloc_secure ( len ) : xmalloc ( len );
if (save) if (save)
memcpy (string, save, i ); {
memcpy (string, save, i);
xfree (save);
}
else else
i = 0; i = 0;
} }