[gnutls-dev] Re: OpenCDK double free bug

[Simon Josefsson]

"Adam Langley" <agl at imperialviolet.org> writes:

> (I hope opencdk is on topic for this list)

Yes.

> Line numbers from opencdk-0.5.9
>
> in keylist.c:cdk_pklist_encrypt:287
>
> This call to cdk_pklist_encrypt also causes enc to be free'ed, however
> the pointer here isn't NULLed out so it's double free'ed at line 294
>
> Suggested (e.g. it works for me): set enc to NULL after cdk_pklist_encrypt

I assume you meant after cdk_pkt_write?  That would make more sense.

I'll be releasing opencdk 0.5.10 later today, so if you, or anyone
else, have time, please check if CVS works fine.

/Simon