dirmngr: Fix double free of a hash context in the error case.

* dirmngr/crlcache.c: Clearly document that this fucntions takes ownership of MD. (abort_sig_check): Allow NULL for MD. (crl_parse_insert): Immediately set MD to NULL. Remove check for md before a calling abort_sig_check. -- GnuPG-bug-id: 3510 Signed-off-by: Werner Koch <[email protected]>
author: Werner Koch <[email protected]> 2017-11-17 09:34:40 +0000
committer: Werner Koch <[email protected]> 2017-11-17 09:38:46 +0000
commit: 2aa106d6a4e2b09c257e8d769895d93ebb7f7edf (patch)
tree: 38d84cac9a1113fde376c0e0586d60b0e6f826f4
parent: w32: Fix default registry path (diff)
download: gnupg-2aa106d6a4e2b09c257e8d769895d93ebb7f7edf.tar.gz
gnupg-2aa106d6a4e2b09c257e8d769895d93ebb7f7edf.zip
1 files changed, 6 insertions, 6 deletions
diff --git a/dirmngr/crlcache.c b/dirmngr/crlcache.c
index 248ad9ad4..6eeeb8dd3 100644
--- a/dirmngr/crlcache.c
+++ b/dirmngr/crlcache.c
@@ -1562,7 +1562,7 @@ start_sig_check (ksba_crl_t crl, gcry_md_hd_t *md, int *algo)
    should return 0 on a good signature, GPG_ERR_BAD_SIGNATURE if the
    signature does not verify or any other error code. CRL is the CRL
    object we are working on, MD the hash context and ISSUER_CERT the
-   certificate of the CRL issuer.  This function closes MD.  */
+   certificate of the CRL issuer.  This function takes ownership of MD.  */
 static gpg_error_t
 finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
                   ksba_cert_t issuer_cert)
@@ -1646,12 +1646,13 @@ finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
 
 
 /* Call this to match a start_sig_check that can not be completed
-   normally.  */
+   normally.  Takes ownership of MD if MD is not NULL.  */
 static void
 abort_sig_check (ksba_crl_t crl, gcry_md_hd_t md)
 {
   (void)crl;
-  gcry_md_close (md);
+  if (md)
+    gcry_md_close (md);
 }
 
 
@@ -1842,13 +1843,13 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
               }
 
             err = finish_sig_check (crl, md, algo, crlissuer_cert);
+            md = NULL; /* Closed.  */
             if (err)
               {
                 log_error (_("CRL signature verification failed: %s\n"),
                            gpg_strerror (err));
                 goto failure;
               }
-	    md = NULL;
 
             err = validate_cert_chain (ctrl, crlissuer_cert, NULL,
                                        (VALIDATE_FLAG_TRUST_CONFIG
@@ -1877,8 +1878,7 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
 
 
  failure:
-  if (md)
-    abort_sig_check (crl, md);
+  abort_sig_check (crl, md);
   ksba_cert_release (crlissuer_cert);
   return err;
 }
author	Werner Koch <[email protected]>	2017-11-17 09:34:40 +0000
committer	Werner Koch <[email protected]>	2017-11-17 09:38:46 +0000
commit	2aa106d6a4e2b09c257e8d769895d93ebb7f7edf (patch)
tree	38d84cac9a1113fde376c0e0586d60b0e6f826f4
parent	w32: Fix default registry path (diff)
download	gnupg-2aa106d6a4e2b09c257e8d769895d93ebb7f7edf.tar.gz gnupg-2aa106d6a4e2b09c257e8d769895d93ebb7f7edf.zip