gpgsm: Avoid double free when checking rsaPSS signatures.

* sm/certcheck.c (gpgsm_check_cms_signature): Do not free s_sig on error. Its owned and freed by the caller. -- This is part of GnuPG-bug-id: 7129 Signed-off-by: Jakub Jelen <[email protected]> Fixes-commit: 969abcf40cdfc65f3ee859c5e62889e1a8ccde91
author: Jakub Jelen <[email protected]> 2024-05-28 15:15:03 +0000
committer: Werner Koch <[email protected]> 2024-05-28 15:15:03 +0000
commit: dcb0b6fd4822107d68bcb046d4d0650d02c82522 (patch)
tree: 6e624cf4c5f1caecfd5fe450755af732bea12b5b /sm/certcheck.c
parent: gpgsm: Silence a lint warning (diff)
download: gnupg-dcb0b6fd4822107d68bcb046d4d0650d02c82522.tar.gz
gnupg-dcb0b6fd4822107d68bcb046d4d0650d02c82522.zip
1 files changed, 0 insertions, 2 deletions
diff --git a/sm/certcheck.c b/sm/certcheck.c
index f4db858c3..ef1b6ec54 100644
--- a/sm/certcheck.c
+++ b/sm/certcheck.c
@@ -630,13 +630,11 @@ gpgsm_check_cms_signature (ksba_cert_t cert, gcry_sexp_t s_sig,
       rc = extract_pss_params (s_sig, &algo, &saltlen);
       if (rc)
         {
-          gcry_sexp_release (s_sig);
           return rc;
         }
       if (algo != mdalgo)
         {
           log_error ("PSS hash algo mismatch (%d/%d)\n", mdalgo, algo);
-          gcry_sexp_release (s_sig);
           return gpg_error (GPG_ERR_DIGEST_ALGO);
         }
     }
author	Jakub Jelen <[email protected]>	2024-05-28 15:15:03 +0000
committer	Werner Koch <[email protected]>	2024-05-28 15:15:03 +0000
commit	dcb0b6fd4822107d68bcb046d4d0650d02c82522 (patch)
tree	6e624cf4c5f1caecfd5fe450755af732bea12b5b /sm/certcheck.c
parent	gpgsm: Silence a lint warning (diff)
download	gnupg-dcb0b6fd4822107d68bcb046d4d0650d02c82522.tar.gz gnupg-dcb0b6fd4822107d68bcb046d4d0650d02c82522.zip