Use-after-free in t-edit-sign test
Closed, ResolvedPublic
Actions

Edit Task
Edit Related Tasks...
Create Subtask
Edit Parent Tasks
Edit Subtasks
Merge Duplicates In
Close As Duplicate
Edit Related Objects...
Edit Commits
Edit Mocks
Edit Revisions
Mute Notifications
Award Token

Assigned To

Authored By

	atsampson
	Jun 25 2021, 5:07 PM

Description

The new t-edit-sign test in gpgme 1.16.0 crashes on Linux ia32 with GCC 11.1.0 - the "signed_uid" pointer has a garbage value.

I think "signed_uid = key->uids;" on line 171 of t-edit-sign.c should be "signed_uid = signed_key->uids;", as key has already been freed at that point?

Details

Version: 1.16.0

Revisions and Commits

rM GPGME
	rM81a33ea5e1b8 core: Fix use-after-free issue in test

Event Timeline

atsampson created this task.Jun 25 2021, 5:07 PM

Thanks for the report.

ikloecker added a commit: rM81a33ea5e1b8: core: Fix use-after-free issue in test.Jun 26 2021, 6:05 PM

Thanks for the report. Fixed.

Use-after-free in t-edit-sign testClosed, ResolvedPublicActions

Description

Details

Revisions and Commits

Event Timeline

Use-after-free in t-edit-sign test
Closed, ResolvedPublic
Actions