agent: Avoid double free of empty string in the PIN caching.

* agent/call-scd.c (handle_pincache_get): Set PIN to NULL.  Also add
DBG_CACHE conditionals and don't return the pin in the debug output.
--

This is part of
GnuPG-bug-id: 7129
Co-authored-by: Jakub Jelen <[email protected]>

(cherry picked from commit bdbf5cee2ff5bc0773011abde4074003ef9dac70)

1 files changed, 7 insertions, 3 deletions

diff --git a/agent/call-scd.c b/agent/call-scd.c
index 91e28e68c..ecc3150f3 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -196,7 +196,8 @@ handle_pincache_get (const char *args, assuan_context_t ctx)
   const char *key;
   char *pin = NULL;
 
-  log_debug ("%s: enter '%s'\n", __func__, args);
+  if (DBG_CACHE)
+    log_debug ("%s: enter '%s'\n", __func__, args);
   key = args;
   if (strlen (key) < 5)
     {
@@ -210,11 +211,14 @@ handle_pincache_get (const char *args, assuan_context_t ctx)
   if (!pin || !*pin)
     {
       xfree (pin);
+      pin = NULL;
       err = 0;  /* Not found is indicated by sending no data back.  */
-      log_debug ("%s: not cached\n", __func__);
+      if (DBG_CACHE)
+        log_debug ("%s: not cached\n", __func__);
       goto leave;
     }
-  log_debug ("%s: cache returned '%s'\n", __func__, pin);
+  if (DBG_CACHE)
+    log_debug ("%s: cache returned '%s'\n", __func__, "[hidden]"/*pin*/);
   err = assuan_send_data (ctx, pin, strlen (pin));
 
  leave: