bryson/pacman
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

libalpm: fix double free when importing key

Browse source 
Comit 5151de30 tried to fix leaking memory when importing a key. However
key_search_keyserver() writes to the key passed in, making the original
uid and fingerprint unreachable, causing the new uid and fingerprint to
double free.

Fixes FS#71107

Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
morganamilo 2021-06-03 19:45:22 +01:00 committed by Allan McRae
parent 238109760d
commit 542910d684
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lib/libalpm/signing.c
View file

@ -513,6 +513,10 @@ int _alpm_key_import(alpm_handle_t *handle, const char *uid, const char *fpr)
.key = &fetch_key
};
QUESTION(handle, &question);
free(fetch_key.uid);
free(fetch_key.fingerprint);
if(question.import) {
/* Try to import the key from a WKD first */
if(email_from_uid(uid, &email) == 0) {
@ -538,9 +542,6 @@ int _alpm_key_import(alpm_handle_t *handle, const char *uid, const char *fpr)
}
}
gpgme_key_unref(fetch_key.data);
free(fetch_key.uid);
free(fetch_key.fingerprint);
return ret;
}