Memory leak in read_block
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	catenacyber
	Apr 18 2018, 9:36 AM

Description

Found using oss-fuzz

in file g10/import.c, function read_block, free_packet`is not called in every case, causing a memory leak

Patch should be so simple as

diff --git a/g10/import.c b/g10/import.c
index ed679d5c0..09ce7edfa 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -889,6 +889,9 @@ read_block( IOBUF a, int with_meta,
                   add_kbnode (root, new_kbnode (pkt));
                pkt = xmalloc (sizeof *pkt);
               }
+              else {
+                  free_packet (pkt, &parsectx);
+              }
            init_packet(pkt);
            break;
           }

Bug can be reproduced running
gpg --import leak-cdccb40d40858cf8fda0bbdc4d58635098bfa78c

leak-cdccb40d40858cf8fda0bbdc4d58635098bfa78c3 BDownload