gpg: Fix possible double free of the card serialno.
e888f7af6571
Actions

Description

gpg: Fix possible double free of the card serialno.

* g10/free-packet.c (copy_public_key): Copy fields serialno and
updateurl.

The PK->serialno is used to get the version of the card to decide
whether it does support other algorithms than SHA-1. This value is
cached but no deep copy was done when calling copy_public_key.

Bug detected by importing some public keys and then importing a secret
key which led to a double free.

Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

• werner

Authored on Jul 21 2017, 5:48 PM

Parents

rG5818ff0ae314: gpg: Use macros to check the signature class.

Branches

Unknown

Tags

Unknown

Event Timeline

• werner committed rGe888f7af6571: gpg: Fix possible double free of the card serialno. (authored by • werner).Jul 21 2017, 5:49 PM

Changes (1)

Path

Size

g10/

free-packet.c

rGe888f7af6571

View Options