[STABLE-BRANCH-1-4 PATCH] g10: secmem leak

Ineiev ineiev at gnu.org
Thu Apr 14 18:18:17 CEST 2016


I attach a patch for GnuPG-bug 1371. in short, secure memory
is leaked because proc_parameter_file() adds new entries
to the head of the list of parameters, and these entries
aren't accessible to the caller that releases the list.

When multiple keys are generated in a batch, the secure
memory is fragmented very soon, so more keys can't be generated.

The patch adds the new parameters next to the head
of the list instead, so they can be released in the caller.

BTW, the 2-0 branch is also affected and can be fixed
in a similar way; the 2-1 branch is not affected, because
the new parameters are appended to the tail of the list
with append_to_parameter().

Thank you!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-g10-Fix-secmem-leak.patch
Type: text/x-diff
Size: 2525 bytes
Desc: not available
URL: </pipermail/attachments/20160414/cc0de306/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: </pipermail/attachments/20160414/cc0de306/attachment.sig>

More information about the Gnupg-devel mailing list