Page MenuHome GnuPG

Memory leak in read_block
Closed, ResolvedPublic

Description

Found using oss-fuzz

in file g10/import.c, function read_block, free_packet`is not called in every case, causing a memory leak

Patch should be so simple as

diff --git a/g10/import.c b/g10/import.c
index ed679d5c0..09ce7edfa 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -889,6 +889,9 @@ read_block( IOBUF a, int with_meta,
                   add_kbnode (root, new_kbnode (pkt));
                pkt = xmalloc (sizeof *pkt);
               }
+              else {
+                  free_packet (pkt, &parsectx);
+              }
            init_packet(pkt);
            break;
           }

Bug can be reproduced running
gpg --import leak-cdccb40d40858cf8fda0bbdc4d58635098bfa78c

Revisions and Commits

Event Timeline

werner added a project: gnupg.
gniibe claimed this task.
gniibe added a subscriber: gniibe.

Thanks for your report. Applied.

Note that this can be only happened when the packet is somehow wrong.