From 7bf24e8146116a30c4c9d7b6dbf8bbb27fc35971 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 30 Mar 2017 16:01:52 +0200 Subject: gpg: Fix actual leak and possible leaks in the packet parser. * g10/packet.h (struct parse_packet_ctx_s): Change LAST_PKT deom a pointer to its struct. (init_parse_packet): Adjust for LAST_PKT not being a pointer. * g10/parse-packet.c (parse): Ditto. Free the last packet before storing a new one in case of a deep link. (parse_ring_trust): Adjust for LAST_PKT not being a pointer. * g10/free-packet.c (free_packet): Ditto. * g10/t-keydb-get-keyblock.c (do_test): Release keyblock. -- Fixes-commit: afa86809087909a8ba2f9356588bf90cc923529c Signed-off-by: Werner Koch --- g10/free-packet.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'g10/free-packet.c') diff --git a/g10/free-packet.c b/g10/free-packet.c index c14424660..cd222a2d6 100644 --- a/g10/free-packet.c +++ b/g10/free-packet.c @@ -409,14 +409,15 @@ free_packet (PACKET *pkt, parse_packet_ctx_t parsectx) { if (!pkt || !pkt->pkt.generic) { - if (parsectx && parsectx->last_pkt) + if (parsectx && parsectx->last_pkt.pkt.generic) { if (parsectx->free_last_pkt) { - free_packet (parsectx->last_pkt, NULL); + free_packet (&parsectx->last_pkt, NULL); parsectx->free_last_pkt = 0; } - parsectx->last_pkt = NULL; + parsectx->last_pkt.pkttype = 0; + parsectx->last_pkt.pkt.generic = NULL; } return; } @@ -427,8 +428,11 @@ free_packet (PACKET *pkt, parse_packet_ctx_t parsectx) /* If we have a parser context holding PKT then do not free the * packet but set a flag that the packet in the parser context is * now a deep copy. */ - if (parsectx && parsectx->last_pkt == pkt && !parsectx->free_last_pkt) + if (parsectx && !parsectx->free_last_pkt + && parsectx->last_pkt.pkttype == pkt->pkttype + && parsectx->last_pkt.pkt.generic == pkt->pkt.generic) { + parsectx->last_pkt = *pkt; parsectx->free_last_pkt = 1; pkt->pkt.generic = NULL; return; -- cgit v1.2.3