[git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-108-ge606d5f
by Werner Koch
cvs at cvs.gnupg.org
Thu Aug 21 14:15:58 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via e606d5f1bada1f2d21faeedd3fa2cf2dca7b274c (commit)
from f850add813d783f31ca6a60459dea25ef71bce7e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e606d5f1bada1f2d21faeedd3fa2cf2dca7b274c
Author: Werner Koch <wk at gnupg.org>
Date: Thu Aug 21 14:12:55 2014 +0200
sexp: Check args of gcry_sexp_build.
* src/sexp.c (do_vsexp_sscan): Return error for invalid args.
--
This helps to avoid usage errors by passing NULL for the return
variable and the format string.
diff --git a/src/sexp.c b/src/sexp.c
index 0e4af52..9bc13ca 100644
--- a/src/sexp.c
+++ b/src/sexp.c
@@ -1119,6 +1119,13 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
int arg_counter = 0;
int level = 0;
+ if (!retsexp)
+ return GPG_ERR_INV_ARG;
+ *retsexp = NULL;
+
+ if (!buffer)
+ return GPG_ERR_INV_ARG;
+
if (!erroff)
erroff = &dummy_erroff;
@@ -1160,7 +1167,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
the provided one. However, we add space for one extra datalen so
that the code which does the ST_CLOSE can use MAKE_SPACE */
c.allocated = length + sizeof(DATALEN);
- if (buffer && length && _gcry_is_secure (buffer))
+ if (length && _gcry_is_secure (buffer))
c.sexp = xtrymalloc_secure (sizeof *c.sexp + c.allocated - 1);
else
c.sexp = xtrymalloc (sizeof *c.sexp + c.allocated - 1);
@@ -1682,8 +1689,6 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1);
xfree (c.sexp);
}
- /* This might be expected by existing code... */
- *retsexp = NULL;
}
else
*retsexp = normalize (c.sexp);
-----------------------------------------------------------------------
Summary of changes:
src/sexp.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list