[git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-426-g9a37470

by Werner Koch cvs at cvs.gnupg.org
Mon Dec 9 20:30:07 CET 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  9a37470c50ee9966cb2652617a404ddd54a9c096 (commit)
      from  2516f0b660b1a7181ad38c44310c627f4f498595 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9a37470c50ee9966cb2652617a404ddd54a9c096
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Oct 22 14:26:53 2013 +0200

    Fix one-off memory leak when build with Linux capability support.
    
    * src/secmem.c (lock_pool, secmem_init): Use cap_free.  Reported by
    Mike Crowe <mac at mcrowe.com>.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/src/secmem.c b/src/secmem.c
index c350bc9..fd2cdf4 100644
--- a/src/secmem.c
+++ b/src/secmem.c
@@ -243,11 +243,20 @@ lock_pool (void *p, size_t n)
 #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
   int err;
 
-  cap_set_proc (cap_from_text ("cap_ipc_lock+ep"));
-  err = no_mlock? 0 : mlock (p, n);
-  if (err && errno)
-    err = errno;
-  cap_set_proc (cap_from_text ("cap_ipc_lock+p"));
+  {
+    cap_t cap;
+
+    cap = cap_from_text ("cap_ipc_lock+ep");
+    cap_set_proc (cap);
+    cap_free (cap);
+    err = no_mlock? 0 : mlock (p, n);
+    if (err && errno)
+      err = errno;
+    cap_set_proc (cap_from_text ("cap_ipc_lock+p"));
+    cap = cap_from_text ("cap_ipc_lock+p");
+    cap_set_proc (cap);
+    cap_free(cap);
+  }
 
   if (err)
     {
@@ -474,7 +483,13 @@ secmem_init (size_t n)
     {
 #ifdef USE_CAPABILITIES
       /* drop all capabilities */
-      cap_set_proc (cap_from_text ("all-eip"));
+      {
+        cap_t cap;
+
+        cap = cap_from_text ("all-eip");
+        cap_set_proc (cap);
+        cap_free (cap);
+      }
 
 #elif !defined(HAVE_DOSISH_SYSTEM)
       uid_t uid;

-----------------------------------------------------------------------

Summary of changes:
 src/secmem.c |   27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org


_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits

More information about the Gcrypt-devel mailing list