[git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-79-g6f86ee8

by Werner Koch cvs at cvs.gnupg.org
Fri Jul 22 10:09:51 CEST 2011 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  6f86ee812fa5b063f8feb79f9e3e59eaa59e0209 (commit)
      from  2d0ca28a226773b9779a93c39bba9bace13232fe (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 6f86ee812fa5b063f8feb79f9e3e59eaa59e0209
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Jul 22 09:29:40 2011 +0200

    Fix crash while reading unsupported ssh keys.
    
    This bug was found by n-roeser at gmx.net
    (gnupg-devel@, msgid 4DFC7298.4040509 at gmx.net).

diff --git a/agent/ChangeLog b/agent/ChangeLog
index 95609cb..e1becac 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,3 +1,8 @@
+2011-07-22  Werner Koch  <wk at g10code.com>
+
+	* command-ssh.c (ssh_receive_key): Do not init comment to an empty
+	static string; in the error case it would be freed.
+
 2011-07-20  Werner Koch  <wk at g10code.com>
 
 	* command.c (do_one_keyinfo, cmd_keyinfo): Support option --ssh-fpr.
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 3fef83e..ae193ec 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -1409,18 +1409,13 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret,
                  int read_comment, ssh_key_type_spec_t *key_spec)
 {
   gpg_error_t err;
-  char *key_type;
-  char *comment;
-  gcry_sexp_t key;
+  char *key_type = NULL;
+  char *comment = NULL;
+  gcry_sexp_t key = NULL;
   ssh_key_type_spec_t spec;
-  gcry_mpi_t *mpi_list;
+  gcry_mpi_t *mpi_list = NULL;
   const char *elems;
 
-  mpi_list = NULL;
-  key_type = NULL;
-  comment = "";
-  key = NULL;
-
   err = stream_read_cstring (stream, &key_type);
   if (err)
     goto out;
@@ -1452,7 +1447,7 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret,
 	goto out;
     }
 
-  err = sexp_key_construct (&key, spec, secret, mpi_list, comment);
+  err = sexp_key_construct (&key, spec, secret, mpi_list, comment? comment:"");
   if (err)
     goto out;
 
@@ -1464,8 +1459,7 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret,
 
   mpint_list_free (mpi_list);
   xfree (key_type);
-  if (read_comment)
-    xfree (comment);
+  xfree (comment);
 
   return err;
 }

-----------------------------------------------------------------------

Summary of changes:
 agent/ChangeLog     |    5 +++++
 agent/command-ssh.c |   18 ++++++------------
 2 files changed, 11 insertions(+), 12 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list