security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

kbx: Avoid uninitialized read

Browse source 
* kbx/kbx-client-util.c (datastream_thread): Initialize pointer
* kbx/keybox-dump.c (_keybox_dump_cut_records): free blob
* kbx/kbxserver.c (kbxd_start_command_handler): do not free passed ctrl
* kbx/keyboxd.c (check_own_socket): free sockname

--

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
GnuPG-bug-id: 5393
This commit is contained in:
Jakub Jelen 2021-04-12 21:59:17 +02:00 committed by Werner Koch
parent fa0771f609
commit fc5fac83b7
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
4 changed files with 9 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
kbx/keybox-dump.c
View file

@ -881,7 +881,7 @@ _keybox_dump_cut_records (const char *filename, unsigned long from,
unsigned long to, FILE *outfp)
{
estream_t fp;
KEYBOXBLOB blob;
KEYBOXBLOB blob = NULL;
int rc;
unsigned long recno = 0;
@ -902,6 +902,7 @@ _keybox_dump_cut_records (const char *filename, unsigned long from,
}
}
_keybox_release_blob (blob);
blob = NULL;
recno++;
}
if (rc == -1)
@ -909,6 +910,7 @@ _keybox_dump_cut_records (const char *filename, unsigned long from,
if (rc)
fprintf (stderr, "error reading '%s': %s\n", filename, gpg_strerror (rc));
leave:
_keybox_release_blob (blob);
if (fp != es_stdin)
es_fclose (fp);
return rc;