From 5e7ea643052bd4b42da4e45ed2007ca2263760c5 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 28 May 2024 16:44:18 +0200
Subject: agent: Avoid double free of empty string in the PIN caching.

* agent/call-scd.c (handle_pincache_get): Set PIN to NULL.  Also add
DBG_CACHE conditionals and don't return the pin in the debug output.
--

This is part of
GnuPG-bug-id: 7129
Co-authored-by: Jakub Jelen <jjelen@redhat.com>

(cherry picked from commit bdbf5cee2ff5bc0773011abde4074003ef9dac70)
---
 agent/call-scd.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/agent/call-scd.c b/agent/call-scd.c
index 91e28e68c..ecc3150f3 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -196,7 +196,8 @@ handle_pincache_get (const char *args, assuan_context_t ctx)
   const char *key;
   char *pin = NULL;
 
-  log_debug ("%s: enter '%s'\n", __func__, args);
+  if (DBG_CACHE)
+    log_debug ("%s: enter '%s'\n", __func__, args);
   key = args;
   if (strlen (key) < 5)
     {
@@ -210,11 +211,14 @@ handle_pincache_get (const char *args, assuan_context_t ctx)
   if (!pin || !*pin)
     {
       xfree (pin);
+      pin = NULL;
       err = 0;  /* Not found is indicated by sending no data back.  */
-      log_debug ("%s: not cached\n", __func__);
+      if (DBG_CACHE)
+        log_debug ("%s: not cached\n", __func__);
       goto leave;
     }
-  log_debug ("%s: cache returned '%s'\n", __func__, pin);
+  if (DBG_CACHE)
+    log_debug ("%s: cache returned '%s'\n", __func__, "[hidden]"/*pin*/);
   err = assuan_send_data (ctx, pin, strlen (pin));
 
  leave:
-- 
cgit v1.2.3