Attempt to fix a leak in OpenPGP cert parsing.

diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
index a7575bf85f1cb63390d9dc93f5e4623a01a89cc8..faee419bc21a1fdd2c7a5d5ec90fd2533a3bfe87 100644 (file)
--- a/lib/opencdk/read-packet.c
+++ b/lib/opencdk/read-packet.c
@@ -509,8 +509,10 @@ read_attribute(cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t attr,
        p++;
        len--;
 
-       if (len >= pktlen)
+       if (len >= pktlen) {
+               cdk_free(buf);
                return CDK_Inv_Packet;
+       }
        attr->attrib_img = cdk_calloc(1, len);
        if (!attr->attrib_img) {
                cdk_free(buf);

diff --git a/tests/cert-tests/data/attribute-leak-1.pub b/tests/cert-tests/data/attribute-leak-1.pub
new file mode 100644 (file)
index 0000000..6ab4334
Binary files /dev/null and b/tests/cert-tests/data/attribute-leak-1.pub differ

diff --git a/tests/cert-tests/openpgp-cert-parser b/tests/cert-tests/openpgp-cert-parser
index 9545fa0c6c5dc1bf076965758c6fc8c9dabee2e2..c12e1be8d64fa7f1f3892b3a4fdcb8e6ebeb333a 100755 (executable)
--- a/tests/cert-tests/openpgp-cert-parser
+++ b/tests/cert-tests/openpgp-cert-parser
@@ -38,4 +38,8 @@ echo "Checking OpenPGP certificate parsing"
        | grep "^import error: Error in parsing" > /dev/null) || \
        fail "Parsing should have errored"
 
+("${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/attribute-leak-1.pub" 2>&1 \
+       | grep "^import error:" > /dev/null) || \
+       fail "Parsing should have errored"
+
 exit ${RETCODE:-0}