From fa0771f609b5fcb104c64a11aefc501b7a91696d Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 12 Apr 2021 20:05:48 +0200
Subject: [PATCH] g10: Avoid memory leaks

* g10/call-agent.c (card_keyinfo_cb): free keyinfo.  Restructure to
avoid backward gotos.
* g10/keyedit.c (menu_set_keyserver_url): properly enclose the block
* g10/keygen.c (gen_card_key): free pk and pkt

--

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
GnuPG-bug-id: 5393

Additional changes:
- Restructure to avoid backward gotos.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g10/call-agent.c | 28 +++++++++++++++-------------
 g10/keyedit.c    |  8 +++++---
 g10/keygen.c     | 12 ++++++++++--
 3 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/g10/call-agent.c b/g10/call-agent.c
index 782631c0d..8f4e44b32 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -1709,6 +1709,7 @@ card_keyinfo_cb (void *opaque, const char *line)
   struct card_keyinfo_parm_s *parm = opaque;
   const char *keyword = line;
   int keywordlen;
+  keypair_info_t keyinfo = NULL;
 
   for (keywordlen=0; *line && !spacep (line); line++, keywordlen++)
     ;
@@ -1719,7 +1720,6 @@ card_keyinfo_cb (void *opaque, const char *line)
     {
       const char *s;
       int n;
-      keypair_info_t keyinfo;
       keypair_info_t *l_p = &parm->list;
 
       while ((*l_p))
@@ -1727,23 +1727,13 @@ card_keyinfo_cb (void *opaque, const char *line)
 
       keyinfo = xtrycalloc (1, sizeof *keyinfo);
       if (!keyinfo)
-        {
-        alloc_error:
-          if (!parm->error)
-            parm->error = gpg_error_from_syserror ();
-          return 0;
-        }
+        goto alloc_error;
 
       for (n=0,s=line; hexdigitp (s); s++, n++)
         ;
 
       if (n != 40)
-        {
-        parm_error:
-          if (!parm->error)
-            parm->error = gpg_error (GPG_ERR_ASS_PARAMETER);
-          return 0;
-        }
+        goto parm_error;
 
       memcpy (keyinfo->keygrip, line, 40);
       keyinfo->keygrip[40] = 0;
@@ -1797,6 +1787,18 @@ card_keyinfo_cb (void *opaque, const char *line)
     }
 
   return err;
+
+ alloc_error:
+  xfree (keyinfo);
+  if (!parm->error)
+    parm->error = gpg_error_from_syserror ();
+  return 0;
+
+ parm_error:
+  xfree (keyinfo);
+  if (!parm->error)
+    parm->error = gpg_error (GPG_ERR_ASS_PARAMETER);
+  return 0;
 }
 
 
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 7255676e7..122548df5 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -5382,14 +5382,16 @@ menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock)
                            uri
                            ? _("Are you sure you want to replace it? (y/N) ")
                            : _("Are you sure you want to delete it? (y/N) ")))
-	                xfree (user);
-			continue;
+		        {
+			  xfree (user);
+			  continue;
+		        }
 		    }
 		  else if (uri == NULL)
 		    {
 		      /* There is no current keyserver URL, so there
 		         is no point in trying to un-set it. */
-	              xfree (user);
+                      xfree (user);
 		      continue;
 		    }
 
diff --git a/g10/keygen.c b/g10/keygen.c
index f1e4d3638..82f6bb880 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -6140,12 +6140,20 @@ gen_card_key (int keyno, int algo, int is_primary, kbnode_t pub_root,
      the self-signatures. */
   err = agent_readkey (NULL, 1, keyid, &public);
   if (err)
-    return err;
+    {
+      xfree (pkt);
+      xfree (pk);
+      return err;
+    }
   err = gcry_sexp_sscan (&s_key, NULL, public,
                          gcry_sexp_canon_len (public, 0, NULL, NULL));
   xfree (public);
   if (err)
-    return err;
+    {
+      xfree (pkt);
+      xfree (pk);
+      return err;
+    }
 
   if (algo == PUBKEY_ALGO_RSA)
     err = key_from_sexp (pk->pkey, s_key, "public-key", "ne");