From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sat, 31 Dec 2016 02:17:22 +0000 (-0500)
Subject: Attempt to fix a leak in OpenPGP cert parsing.
X-Git-Tag: gnutls_3_6_0~1134
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=85196de6840796b88cfd71274b980a7aad681f82;p=thirdparty%2Fgnutls.git

Attempt to fix a leak in OpenPGP cert parsing.
---

diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
index a7575bf85f..faee419bc2 100644
--- a/lib/opencdk/read-packet.c
+++ b/lib/opencdk/read-packet.c
@@ -509,8 +509,10 @@ read_attribute(cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t attr,
 	p++;
 	len--;
 
-	if (len >= pktlen)
+	if (len >= pktlen) {
+		cdk_free(buf);
 		return CDK_Inv_Packet;
+	}
 	attr->attrib_img = cdk_calloc(1, len);
 	if (!attr->attrib_img) {
 		cdk_free(buf);
diff --git a/tests/cert-tests/data/attribute-leak-1.pub b/tests/cert-tests/data/attribute-leak-1.pub
new file mode 100644
index 0000000000..6ab4334e3c
Binary files /dev/null and b/tests/cert-tests/data/attribute-leak-1.pub differ
diff --git a/tests/cert-tests/openpgp-cert-parser b/tests/cert-tests/openpgp-cert-parser
index 9545fa0c6c..c12e1be8d6 100755
--- a/tests/cert-tests/openpgp-cert-parser
+++ b/tests/cert-tests/openpgp-cert-parser
@@ -38,4 +38,8 @@ echo "Checking OpenPGP certificate parsing"
 	| grep "^import error: Error in parsing" > /dev/null) || \
 	fail "Parsing should have errored"
 
+("${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/attribute-leak-1.pub" 2>&1 \
+	| grep "^import error:" > /dev/null) || \
+	fail "Parsing should have errored"
+
 exit ${RETCODE:-0}