[gnutls-dev] Re: OpenCDK double free bug

Simon Josefsson jas at extundo.com
Wed Oct 11 16:24:39 CEST 2006


"Adam Langley" <agl at imperialviolet.org> writes:

> (I hope opencdk is on topic for this list)

Yes.

> Line numbers from opencdk-0.5.9
>
> in keylist.c:cdk_pklist_encrypt:287
>
> This call to cdk_pklist_encrypt also causes enc to be free'ed, however
> the pointer here isn't NULLed out so it's double free'ed at line 294
>
> Suggested (e.g. it works for me): set enc to NULL after cdk_pklist_encrypt

I assume you meant after cdk_pkt_write?  That would make more sense.

I'll be releasing opencdk 0.5.10 later today, so if you, or anyone
else, have time, please check if CVS works fine.

/Simon



More information about the Gnutls-dev mailing list