!82 Fix double free of internal data

From: @yixiangzhike Reviewed-by: @zcfsite Signed-off-by: @zcfsite
2025-03-21 06:22:53 +00:00 · 2025-03-21 06:22:53 +00:00 · 4d733ed2ef
commit 4d733ed2ef
parent 8254eb1b76 0939804794
2 changed files with 37 additions and 1 deletions
--- a/backport-gpg-Fix-double-free-of-internal-data.patch
+++ b/backport-gpg-Fix-double-free-of-internal-data.patch
@ -0,0 +1,32 @@
+From 4be25979a6b3e2a79d7c9667b07db8b09fb046e9 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Thu, 13 Mar 2025 11:35:34 +0100
+Subject: [PATCH] gpg: Fix double free of internal data.
+
+* g10/sig-check.c (check_signature_over_key_or_uid): Do not free in
+no-sig-cache mode if allocated by caller.
+--
+
+GnuPG-bug-id: 7547
+Fixes-commit: 44cdb9d73f1a0b7d2c8483a119b9c4d6caabc1ec
+---
+ g10/sig-check.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/g10/sig-check.c b/g10/sig-check.c
+index 456c29320..ed83c23f9 100644
+--- a/g10/sig-check.c
+++ b/g10/sig-check.c
+@@ -1007,7 +1007,8 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
+               rc = get_pubkey_for_sig (ctrl, signer, sig, NULL);
+               if (rc)
+                 {
+-                  xfree (signer);
+                  if (signer_alloced != 1)
+                    xfree (signer);
+                   signer = NULL;
+                   signer_alloced = 0;
+                   goto leave;
+-- 
+2.33.0
+
--- a/gnupg2.spec
+++ b/gnupg2.spec
@ -1,6 +1,6 @@
 Name: gnupg2
 Version: 2.4.3
-Release: 4
+Release: 5
 Summary: Utility for secure communication and data storage

 License: GPLv3+
@ -20,6 +20,7 @@ Patch9:  gnupg2-revert-rfc4880bis.patch
 Patch10: backport-dirmngr-Enable-the-call-of-ks_ldap_help_variables-wh.patch
 Patch11: backport-gpg-Make-no-literal-work-again-for-c-and-store.patch
 Patch12: backport-gpg-Fix-minor-memory-leak-during-certain-smartcard-o.patch
+Patch13: backport-gpg-Fix-double-free-of-internal-data.patch

 BuildRequires: gcc
 BuildRequires: zlib-devel, npth-devel, texinfo
@ -121,6 +122,9 @@ make check


 %changelog
+* Fri Mar 21 2025 yixiangzhike <yixiangzhike007@163.com> - 2.4.3-5
+- backport upstream patch to fix double free
+
 * Mon Sep 30 2024 yixiangzhike <yixiangzhike007@163.com> - 2.4.3-4
 - backport upstream patch to fix minor memory leak