* hkp.c (parse_hkp_index): Don't leak memory when failing out of a bad HKP

keyserver.

* g10.c (add_notation_data): Relax slightly the rules as to what can go
into a notation name - 2440 allows "@", for example.

3 files changed, 18 insertions, 20 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index c631f788d..ac1c06a9b 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,11 @@
+2002-06-19  David Shaw  <[email protected]>
+
+	* hkp.c (parse_hkp_index): Don't leak memory when failing out of a
+	bad HKP keyserver.
+
+	* g10.c (add_notation_data): Relax slightly the rules as to what
+	can go into a notation name - 2440 allows "@", for example.
+
 2002-06-17  David Shaw  <[email protected]>
 
 	* import.c (clean_subkeys, import_one): Only allow at most 1
diff --git a/g10/g10.c b/g10/g10.c
index 6d6d78897..f56cb619a 100644
--- a/g10/g10.c
+++ b/g10/g10.c
@@ -2460,7 +2460,6 @@ static void
 add_notation_data( const char *string, int which )
 {
     const char *s;
-    const char *s2;
     STRLIST sl,*notation_data;
     int critical=0;
     int highbit=0;
@@ -2474,26 +2473,15 @@ add_notation_data( const char *string, int which )
 	critical = 1;
 	string++;
     }
-    s = string;
 
-    if( !*s || (*s & 0x80) || (!isalpha(*s) && *s != '_') ) {
-	log_error(_("the first character of a notation name "
-		    "must be a letter or an underscore\n") );
-	return;
-    }
-    for(s++; *s != '='; s++ ) {
-	if( !*s || (*s & 0x80) || (!isalnum(*s) && *s != '_' && *s != '.' ) ) {
-	    log_error(_("a notation name must have only letters, "
-			"digits, dots or underscores and end with an '='\n") );
+    for( s=string ; *s != '='; s++ ) {
+	if( !*s || (*s & 0x80) || (!isgraph(*s) && !isspace(*s)) ) {
+	    log_error(_("a notation name must have only printable characters "
+			"or spaces, and end with an '='\n") );
 	    return;
 	}
     }
-    if( s[-1] == '.' || ((s2=strstr(string, "..")) && s2 < s ) ) {
-	log_error(_("dots in a notation name must be surrounded "
-		    "by other characters\n") );
-	return;
-    }
-    /* we do only support printabe text - therefore we enforce the use
+    /* we only support printable text - therefore we enforce the use
      * of only printable characters (an empty value is valid) */
     for( s++; *s ; s++ ) {
 	if( iscntrl(*s) ) {
diff --git a/g10/hkp.c b/g10/hkp.c
index e2f5bed1a..7b96570cd 100644
--- a/g10/hkp.c
+++ b/g10/hkp.c
@@ -260,11 +260,11 @@ static int
 parse_hkp_index(IOBUF buffer,char *line)
 {
   static int open=0,revoked=0;
-  static char *key;
+  static char *key=NULL;
 #ifdef __riscos__
-  static char *uid;
+  static char *uid=NULL;
 #else
-  static unsigned char *uid;
+  static unsigned char *uid=NULL;
 #endif
   static u32 bits,createtime;
   int ret=0;
@@ -278,6 +278,8 @@ parse_hkp_index(IOBUF buffer,char *line)
      ascii_memcasecmp(line,"pub  ",5)!=0 &&
      ascii_memcasecmp(line,"     ",5)!=0)
     {
+      m_free(key);
+      m_free(uid);
       log_error(_("this keyserver is not fully HKP compatible\n"));
       return -1;
     }