security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Code Activity

gpgsm: Avoid double free when checking rsaPSS signatures.

Browse Source 
* sm/certcheck.c (gpgsm_check_cms_signature): Do not free s_sig on
error. Its owned and freed by the caller.

--
This is part of
GnuPG-bug-id: 7129
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Fixes-commit: 969abcf40c
(cherry picked from commit dcb0b6fd48)
This commit is contained in:
Jakub Jelen 2024-05-28 17:15:03 +02:00 committed by Werner Koch
parent 524e3a9345
commit ece154562f
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sm/certcheck.c
View File

@ -630,13 +630,11 @@ gpgsm_check_cms_signature (ksba_cert_t cert, gcry_sexp_t s_sig,
rc = extract_pss_params (s_sig, &algo, &saltlen); rc = extract_pss_params (s_sig, &algo, &saltlen);
if (rc) if (rc)
{ {
gcry_sexp_release (s_sig);
return rc; return rc;
} }
if (algo != mdalgo) if (algo != mdalgo)
{ {
log_error ("PSS hash algo mismatch (%d/%d)\n", mdalgo, algo); log_error ("PSS hash algo mismatch (%d/%d)\n", mdalgo, algo);
gcry_sexp_release (s_sig);
return gpg_error (GPG_ERR_DIGEST_ALGO); return gpg_error (GPG_ERR_DIGEST_ALGO);
} }
} }