Group :: Text tools
RPM: gnupg2
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: 0010-scd-Avoid-memory-leaks-and-uninitialized-memory.patch
Download
Download
From 0c6fd026e1860ff050d43523926771c9a7d1dcbc Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 13 Apr 2021 16:34:40 +0200
Subject: scd: Avoid memory leaks and uninitialized memory
* scd/app-piv.c (do_decipher): goto leave, initialize outdatalen
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
scd/app-piv.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/scd/app-piv.c b/scd/app-piv.c
index c8ef7b43a..691706f13 100644
--- a/scd/app-piv.c
+++ b/scd/app-piv.c
@@ -2483,7 +2483,7 @@ do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
gpg_error_t err;
data_object_t dobj;
unsigned char *outdata = NULL;
- size_t outdatalen;
+ size_t outdatalen = 0;
const unsigned char *s;
size_t n;
int keyref, mechanism;
@@ -2582,7 +2582,7 @@ do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
/* Now verify the Application PIN. */
err = verify_chv (app, ctrl, 0x80, 0, pincb, pincb_arg);
if (err)
- return err;
+ goto leave;
/* Build the Dynamic Authentication Template. */
err = concat_tlv_list (0, &apdudata, &apdudatalen,
--
2.25.4