[PATCH] * dirmngr/ldapserver.c (ldapserver_parse_one) return NULL on 'fail'.
Werner Koch
wk at gnupg.org
Mon Dec 22 12:19:39 CET 2014
On Sat, 20 Dec 2014 18:35, git at internot.info said:
> If something inside the ldapserver_parse_one function failed, 'server' would be freed, then returned, leading to a use-after-free.
>
> This code is likely copied from sm/gpgsm.c, which was also susceptible to this bug.
Ooops. Both fixed will push that soon. Thanks.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list