[git] GnuPG - branch, master, updated. gnupg-2.1.9-152-g6b14df5

by Justus Winter cvs at cvs.gnupg.org
Thu Nov 19 17:58:09 CET 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  6b14df5525777ee0330a34a7b335359f562616a4 (commit)
       via  b223cde311e4e02f7983e33fe3d7214287dfb678 (commit)
       via  a1650b1edf80c2526c0576547b3a574e8d30f1fa (commit)
       via  eb957ffc4797fb019c505510295af244baf5be38 (commit)
       via  52f7f195b119dc01bdf3ae200fdc8e04a0bb9bcb (commit)
       via  6a37b45a7f13cf5d2ae7d6c9cd796a4bd197b80d (commit)
      from  f596f8defa5add33d2b4f381c317e1a006cda1fb (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 6b14df5525777ee0330a34a7b335359f562616a4
Author: Justus Winter <justus at g10code.com>
Date:   Thu Nov 19 17:37:32 2015 +0100

    dirmngr: Improve error handling.
    
    * dirmngr/crlcache.c (crl_cache_cert_isvalid): Add missing break.
    --
    Found using the Clang Static Analyzer.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/dirmngr/crlcache.c b/dirmngr/crlcache.c
index 6d3f8ce..13d8a26 100644
--- a/dirmngr/crlcache.c
+++ b/dirmngr/crlcache.c
@@ -1512,6 +1512,7 @@ crl_cache_cert_isvalid (ctrl_t ctrl, ksba_cert_t cert,
       break;
     case CRL_CACHE_DONTKNOW:
       err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
+      break;
     case CRL_CACHE_CANTUSE:
       err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
       break;

commit b223cde311e4e02f7983e33fe3d7214287dfb678
Author: Justus Winter <justus at g10code.com>
Date:   Thu Nov 19 16:45:09 2015 +0100

    dirmngr: Fix memory leak.
    
    * dirmngr/ldap.c (start_cert_fetch_ldap): Avoid leaking all malloc'ed
    arguments.
    --
    Found using the Clang Static Analyzer.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/dirmngr/ldap.c b/dirmngr/ldap.c
index 8a543a4..1fe8a81 100644
--- a/dirmngr/ldap.c
+++ b/dirmngr/ldap.c
@@ -525,8 +525,9 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
   const char *user;
   const char *pass;
   const char *base;
-  const char *argv[50];
+  char *argv[50];
   int argc;
+  int argc_malloced;
   char portbuf[30], timeoutbuf[30];
 
 
@@ -583,6 +584,8 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
       argv[argc++] = user;
     }
 
+  /* All entries in argv from this index on are malloc'ed.  */
+  argc_malloced = argc;
 
   for (; patterns; patterns = patterns->next)
     {
@@ -602,8 +605,8 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
         {
           log_error (_("start_cert_fetch: invalid pattern '%s'\n"),
                      patterns->d);
-          /* fixme: cleanup argv.  */
-          return gpg_error (GPG_ERR_INV_USER_ID);
+          err = gpg_error (GPG_ERR_INV_USER_ID);
+          goto leave;
         }
       if ((sl->flags & 1))
         err = make_url (&url, sl->d, "objectClass=*");
@@ -611,17 +614,17 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
         err = make_url (&url, base, sl->d);
       free_strlist (sl);
       if (err)
-        {
-          /* fixme: cleanup argv. */
-          return err;
-        }
+        goto leave;
       argv[argc++] = url;
     }
   argv[argc] = NULL;
 
   *context = xtrycalloc (1, sizeof **context);
   if (!*context)
-    return gpg_error_from_errno (errno);
+    {
+      err = gpg_error_from_errno (errno);
+      goto leave;
+    }
 
   err = ldap_wrapper (ctrl, &(*context)->reader, argv);
 
@@ -631,6 +634,9 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
       *context = NULL;
     }
 
+ leave:
+  for (; argc_malloced < argc; argc_malloced++)
+    xfree (argv[argc_malloced]);
   return err;
 }
 

commit a1650b1edf80c2526c0576547b3a574e8d30f1fa
Author: Justus Winter <justus at g10code.com>
Date:   Thu Nov 19 16:18:20 2015 +0100

    agent: Improve error handling.
    
    * agent/trustlist.c (istrusted_internal): Initialize 'err'.
    --
    There is a plausible path of execution so that a branch condition uses
    the uninitialized value.
    
    Found using the Clang Static Analyzer.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/agent/trustlist.c b/agent/trustlist.c
index 175ebe4..af5f645 100644
--- a/agent/trustlist.c
+++ b/agent/trustlist.c
@@ -398,7 +398,7 @@ static gpg_error_t
 istrusted_internal (ctrl_t ctrl, const char *fpr, int *r_disabled,
                     int already_locked)
 {
-  gpg_error_t err;
+  gpg_error_t err = 0;
   int locked = already_locked;
   trustitem_t *ti;
   size_t len;

commit eb957ffc4797fb019c505510295af244baf5be38
Author: Justus Winter <justus at g10code.com>
Date:   Thu Nov 19 16:13:55 2015 +0100

    common: Avoid undefined behavior.
    
    * common/iobuf.c (iobuf_esopen): Initialize 'len' as 'file_es_filter'
    will make use of it.
    --
    Found using the Clang Static Analyzer.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/common/iobuf.c b/common/iobuf.c
index 12affcb..d49de96 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -1391,7 +1391,7 @@ iobuf_esopen (estream_t estream, const char *mode, int keep_open)
 {
   iobuf_t a;
   file_es_filter_ctx_t *fcx;
-  size_t len;
+  size_t len = 0;
 
   a = iobuf_alloc (strchr (mode, 'w') ? IOBUF_OUTPUT : IOBUF_INPUT,
 		   IOBUF_BUFFER_SIZE);

commit 52f7f195b119dc01bdf3ae200fdc8e04a0bb9bcb
Author: Justus Winter <justus at g10code.com>
Date:   Thu Nov 19 15:48:01 2015 +0100

    g10: Avoid undefined behavior.
    
    * g10/trust.c (clean_one_uid): Avoid a computation involving an
    uninitialized value.
    --
    Found using the Clang Static Analyzer.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/g10/trust.c b/g10/trust.c
index a89b0e5..f46aeea 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -704,7 +704,7 @@ void
 clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
                int *uids_cleaned, int *sigs_cleaned)
 {
-  int dummy;
+  int dummy = 0;
 
   assert (keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
   assert (uidnode->pkt->pkttype==PKT_USER_ID);

commit 6a37b45a7f13cf5d2ae7d6c9cd796a4bd197b80d
Author: Justus Winter <justus at g10code.com>
Date:   Tue Nov 17 18:05:51 2015 +0100

    scd: Improve error handling.
    
    * scd/app-openpgp.c (get_public_key): Improve error handling.
    --
    Found using the Clang Static Analyzer.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index a7601b8..0fcfffe 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -1468,7 +1468,7 @@ get_public_key (app_t app, int keyno)
   xfree (buffer);
   xfree (mbuf);
   xfree (ebuf);
-  return 0;
+  return err;
 }
 #endif /* GNUPG_MAJOR_VERSION > 1 */
 

-----------------------------------------------------------------------

Summary of changes:
 agent/trustlist.c  |  2 +-
 common/iobuf.c     |  2 +-
 dirmngr/crlcache.c |  1 +
 dirmngr/ldap.c     | 22 ++++++++++++++--------
 g10/trust.c        |  2 +-
 scd/app-openpgp.c  |  2 +-
 6 files changed, 19 insertions(+), 12 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list