[PATCH] avoid double-free on error condition in scd

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat Dec 20 00:07:55 CET 2014


* scd/command.c: (cmd_readkey) avoid double-free of cert

--

When ksba_cert_new() fails, cert will be double-freed.

Debian-Bug-Id: 773471
---
 scd/command.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scd/command.c b/scd/command.c
index dd4191f..5fa8c5d 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -806,6 +806,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
   if (rc)
     {
       xfree (cert);
+      cert = NULL;
       goto leave;
     }
   rc = ksba_cert_init_from_mem (kc, cert, ncert);
-- 
2.1.3




More information about the Gnupg-devel mailing list