Page MenuHome GnuPG

Memory leak in read_block
Closed, ResolvedPublic


Found using oss-fuzz

in file g10/import.c, function read_block, compress filter is allocated even when it is not pushed.
same as

Patch should be so simple as

diff --git a/g10/import.c b/g10/import.c
index 09ce7edfa..eb0445ea5 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -852,7 +852,7 @@ read_block( IOBUF a, int with_meta,
                rc = GPG_ERR_COMPR_ALGO;
                goto ready;{F294155}
-           else
+           else if (pkt->pkt.compressed->algorithm)
                compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
                pkt->pkt.compressed->buf = NULL;

Bug can be reproduced running
gpg --import leak-86e4fce3a0271254786e43e281e3ea52da5a9b7c