aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2019-03-15 07:55:06 +0000
committerWerner Koch <[email protected]>2019-03-15 07:55:06 +0000
commit3e1f3df6183b2ed2cadf2af2383063891e2c53bd (patch)
tree28c9b16914258f3fda5e827a54162cc376228440
parentkbx: Unify the fingerprint search modes. (diff)
downloadgnupg-3e1f3df6183b2ed2cadf2af2383063891e2c53bd.tar.gz
gnupg-3e1f3df6183b2ed2cadf2af2383063891e2c53bd.zip
gpg: Fix recently introduced use after free.
* g10/mainproc.c (proc_plaintext): Do not use freed memory. -- GnuPG-bug-id: 4407 Signed-off-by: Werner Koch <[email protected]>
Diffstat
-rw-r--r--g10/mainproc.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 6fa30e0d4..7acf67b1e 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -946,9 +946,6 @@ proc_plaintext( CTX c, PACKET *pkt )
if (rc)
log_error ("handle plaintext failed: %s\n", gpg_strerror (rc));
- free_packet (pkt, NULL);
- c->last_was_session_key = 0;
-
/* We add a marker control packet instead of the plaintext packet.
* This is so that we can later detect invalid packet sequences.
* The apcket is further used to convey extra data from the
@@ -974,6 +971,9 @@ proc_plaintext( CTX c, PACKET *pkt )
extrahash[extrahashlen++] = pt->timestamp ;
}
+ free_packet (pkt, NULL);
+ c->last_was_session_key = 0;
+
n = new_kbnode (create_gpg_control (CTRLPKT_PLAINTEXT_MARK,
extrahash, extrahashlen));
xfree (extrahash);
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 07:27:24 +0000