Blame SOURCES/gnupg-2.2.21-coverity.patch

b5a5d8
diff -up gnupg-2.2.21/common/server-help.c.coverity gnupg-2.2.21/common/server-help.c
b5a5d8
--- gnupg-2.2.21/common/server-help.c.coverity 2019-02-11 10:59:34.000000000 +0100
b5a5d8
+++ gnupg-2.2.21/common/server-help.c  2020-07-20 17:09:57.416148768 +0200
b5a5d8
@@ -156,7 +156,7 @@ get_option_value (char *line, const char
b5a5d8
   *pend = 0;
b5a5d8
   *r_value = xtrystrdup (p);
b5a5d8
   *pend = c;
b5a5d8
-  if (!p)
b5a5d8
+  if (!*r_value)
b5a5d8
     return my_error_from_syserror ();
b5a5d8
   return 0;
b5a5d8
 }
b5a5d8
b5a5d8
b5a5d8
From 912e77f07d8a42d7ad001eb3df76f6932ccfa857 Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Wed, 7 Apr 2021 17:37:51 +0200
b5a5d8
Subject: [PATCH GnuPG 01/19] agent: Avoid memory leaks
b5a5d8
b5a5d8
* agent/command.c (cmd_genkey): use goto leave instead of return
b5a5d8
* agent/cvt-openpgp.c (convert_from_openpgp_main): use goto leave
b5a5d8
  instead of return
b5a5d8
* agent/genkey.c (agent_ask_new_passphrase): fix typo to free correct
b5a5d8
  pointer
b5a5d8
  (agent_genkey): release memory
b5a5d8
* agent/gpg-agent.c (check_own_socket): free sockname
b5a5d8
* agent/protect-tool.c (read_key): free buf
b5a5d8
  (agent_askpin): free passphrase
b5a5d8
* agent/protect.c (merge_lists): free newlist
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 agent/command.c      |  2 +-
b5a5d8
 agent/cvt-openpgp.c  |  5 ++++-
b5a5d8
 agent/genkey.c       |  7 +++++--
b5a5d8
 agent/gpg-agent.c    | 10 ++++++++--
b5a5d8
 agent/protect-tool.c |  6 +++++-
b5a5d8
 agent/protect.c      |  5 ++++-
b5a5d8
 6 files changed, 27 insertions(+), 8 deletions(-)
b5a5d8
b5a5d8
diff --git a/agent/protect.c b/agent/protect.c
b5a5d8
index 76ead444b..50b10eb26 100644
b5a5d8
--- a/agent/protect.c
b5a5d8
+++ b/agent/protect.c
b5a5d8
@@ -949,7 +949,10 @@ merge_lists (const unsigned char *protectedkey,
b5a5d8
   /* Copy the cleartext.  */
b5a5d8
   s = cleartext;
b5a5d8
   if (*s != '(' && s[1] != '(')
b5a5d8
-    return gpg_error (GPG_ERR_BUG);  /*we already checked this */
b5a5d8
+    {
b5a5d8
+      xfree (newlist);
b5a5d8
+      return gpg_error (GPG_ERR_BUG);  /*we already checked this */
b5a5d8
+    }
b5a5d8
   s += 2;
b5a5d8
   startpos = s;
b5a5d8
   while ( *s == '(' )
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8
b5a5d8
b5a5d8
From 7a707a3eff1c3fbe17a74337776871f408377cee Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Fri, 9 Apr 2021 16:13:07 +0200
b5a5d8
Subject: [PATCH GnuPG 03/19] g10: Fix memory leaks
b5a5d8
b5a5d8
* g10/card-util.c (change_pin): free answer on errors
b5a5d8
  (ask_card_keyattr): free answer on error
b5a5d8
* g10/cpr.c (do_get_from_fd): free string
b5a5d8
* g10/gpg.c (check_permissions): free dir on weird error
b5a5d8
* g10/import.c (append_new_uid): release knode
b5a5d8
* g10/keyedit.c (menu_set_keyserver_url): free answer
b5a5d8
  (menu_set_keyserver_url): free user
b5a5d8
* g10/keygen.c (print_status_key_not_created): move allocation after
b5a5d8
  sanity check
b5a5d8
  (ask_expire_interval): free answer
b5a5d8
  (card_store_key_with_backup): goto leave instaed of return
b5a5d8
* g10/keyserver.c (parse_keyserver_uri): goto fail instead of return
b5a5d8
* g10/revoke.c (gen_desig_revoke): release kdbhd
b5a5d8
  (gen_desig_revoke): free answer
b5a5d8
* g10/tofu.c (ask_about_binding): free sqerr and response
b5a5d8
* g10/trustdb.c (ask_ownertrust): free pk
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 g10/card-util.c | 14 +++++++++++---
b5a5d8
 g10/cpr.c       |  6 +++++-
b5a5d8
 g10/gpg.c       |  1 +
b5a5d8
 g10/import.c    |  5 ++++-
b5a5d8
 g10/keyedit.c   |  8 +++++++-
b5a5d8
 g10/keygen.c    | 15 +++++++++++----
b5a5d8
 g10/keyserver.c |  2 +-
b5a5d8
 g10/revoke.c    |  6 +++++-
b5a5d8
 g10/tofu.c      |  4 ++++
b5a5d8
 g10/trustdb.c   |  1 +
b5a5d8
 10 files changed, 50 insertions(+), 12 deletions(-)
b5a5d8
b5a5d8
diff --git a/g10/card-util.c b/g10/card-util.c
b5a5d8
index 36f096f06..c7df8380d 100644
b5a5d8
--- a/g10/card-util.c
b5a5d8
+++ b/g10/card-util.c
b5a5d8
@@ -127,7 +127,7 @@ change_pin (int unblock_v2, int allow_admin)
b5a5d8
   else
b5a5d8
     for (;;)
b5a5d8
       {
b5a5d8
-	char *answer;
b5a5d8
+	char *answer = NULL;
b5a5d8
 
b5a5d8
 	tty_printf ("\n");
b5a5d8
 	tty_printf ("1 - change PIN\n"
b5a5d8
diff --git a/g10/tofu.c b/g10/tofu.c
b5a5d8
index f49083844..83786a08d 100644
b5a5d8
--- a/g10/tofu.c
b5a5d8
+++ b/g10/tofu.c
b5a5d8
@@ -1687,6 +1687,8 @@ ask_about_binding (ctrl_t ctrl,
b5a5d8
          GPGSQL_ARG_END);
b5a5d8
       if (rc)
b5a5d8
         {
b5a5d8
+          sqlite3_free (sqerr);
b5a5d8
+          sqerr = NULL;
b5a5d8
           rc = gpg_error (GPG_ERR_GENERAL);
b5a5d8
           break;
b5a5d8
         }
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8
b5a5d8
From febbe77870b51e4e1158ae9efeaa0f3aad69a495 Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Mon, 12 Apr 2021 14:48:59 +0200
b5a5d8
Subject: [PATCH GnuPG 05/19] tools: Avoid memory leak sfrom gpgspilt
b5a5d8
b5a5d8
* tools/gpgsplit.c (write_part): free blob
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 tools/gpgsplit.c | 1 +
b5a5d8
 1 file changed, 1 insertion(+)
b5a5d8
b5a5d8
diff --git a/tools/gpgsplit.c b/tools/gpgsplit.c
b5a5d8
index cc7bf8ef5..93458068c 100644
b5a5d8
--- a/tools/gpgsplit.c
b5a5d8
+++ b/tools/gpgsplit.c
b5a5d8
@@ -620,6 +620,7 @@ write_part (FILE *fpin, unsigned long pktlen,
b5a5d8
             }
b5a5d8
         }
b5a5d8
 
b5a5d8
+      xfree (blob);
b5a5d8
       goto ready;
b5a5d8
     }
b5a5d8
 
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8
b5a5d8
b5a5d8
From 7c8048b686a6e811d0b24febf3c5e2528e7881f1 Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Tue, 13 Apr 2021 16:23:31 +0200
b5a5d8
Subject: [PATCH GnuPG 14/19] dirmgr: Avoid memory leaks
b5a5d8
b5a5d8
* dirmngr/domaininfo.c (insert_or_update): free di_new
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 dirmngr/domaininfo.c | 1 +
b5a5d8
 1 file changed, 1 insertion(+)
b5a5d8
b5a5d8
diff --git a/dirmngr/domaininfo.c b/dirmngr/domaininfo.c
b5a5d8
index b41aef366..87782b4b1 100644
b5a5d8
--- a/dirmngr/domaininfo.c
b5a5d8
+++ b/dirmngr/domaininfo.c
b5a5d8
@@ -193,6 +193,7 @@ insert_or_update (const char *domain,
b5a5d8
           log_error ("domaininfo: error allocating helper array: %s\n",
b5a5d8
                      gpg_strerror (gpg_err_code_from_syserror ()));
b5a5d8
           drop_extra = bucket;
b5a5d8
+          xfree (di_new);
b5a5d8
           goto leave;
b5a5d8
         }
b5a5d8
       narray = 0;
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8
b5a5d8
b5a5d8
From ab3b8c53993b3305088efde756a44bac6e6492d4 Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Tue, 13 Apr 2021 16:34:40 +0200
b5a5d8
Subject: [PATCH GnuPG 15/19] scd: Avoid memory leaks and uninitialized memory
b5a5d8
b5a5d8
* scd/app-piv.c (do_decipher): goto leave, initialize outdatalen
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 scd/app-piv.c | 4 ++--
b5a5d8
 1 file changed, 2 insertions(+), 2 deletions(-)
b5a5d8
b5a5d8
diff --git a/scd/app-piv.c b/scd/app-piv.c
b5a5d8
index 143cc047a..94257f0ee 100644
b5a5d8
--- a/scd/app-piv.c
b5a5d8
+++ b/scd/app-piv.c
b5a5d8
@@ -2483,7 +2483,7 @@ do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
b5a5d8
   gpg_error_t err;
b5a5d8
   data_object_t dobj;
b5a5d8
   unsigned char *outdata = NULL;
b5a5d8
-  size_t outdatalen;
b5a5d8
+  size_t outdatalen = 0;
b5a5d8
   const unsigned char *s;
b5a5d8
   size_t n;
b5a5d8
   int keyref, mechanism;
b5a5d8
@@ -2582,7 +2582,7 @@ do_decipher (app_t app, ctrl_t ctrl, const char *keyidstr,
b5a5d8
   /* Now verify the Application PIN.  */
b5a5d8
   err = verify_chv (app, ctrl, 0x80, 0, pincb, pincb_arg);
b5a5d8
   if (err)
b5a5d8
-    return err;
b5a5d8
+    goto leave;
b5a5d8
 
b5a5d8
   /* Build the Dynamic Authentication Template.  */
b5a5d8
   err = concat_tlv_list (0, &apdudata, &apdudatalen,
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8
b5a5d8
b5a5d8
From f182bf91443618323e34261039045a6bde269be5 Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Tue, 13 Apr 2021 16:44:48 +0200
b5a5d8
Subject: [PATCH GnuPG 16/19] tools: Avoid memory leaks
b5a5d8
b5a5d8
* tools/wks-util.c (wks_cmd_print_wkd_url): Free addrspec on error
b5a5d8
  (wks_cmd_print_wkd_hash): Free addrspec on error
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 tools/wks-util.c | 14 ++++++++++----
b5a5d8
 1 file changed, 10 insertions(+), 4 deletions(-)
b5a5d8
b5a5d8
diff --git a/tools/wks-util.c b/tools/wks-util.c
b5a5d8
index 516c7fe00..38dd194ff 100644
b5a5d8
--- a/tools/wks-util.c
b5a5d8
+++ b/tools/wks-util.c
b5a5d8
@@ -1192,11 +1192,14 @@ gpg_error_t
b5a5d8
 wks_cmd_print_wkd_hash (const char *userid)
b5a5d8
 {
b5a5d8
   gpg_error_t err;
b5a5d8
-  char *addrspec, *fname;
b5a5d8
+  char *addrspec = NULL, *fname;
b5a5d8
 
b5a5d8
   err = wks_fname_from_userid (userid, 1, &fname, &addrspec);
b5a5d8
   if (err)
b5a5d8
-    return err;
b5a5d8
+    {
b5a5d8
+      xfree (addrspec);
b5a5d8
+      return err;
b5a5d8
+    }
b5a5d8
 
b5a5d8
   es_printf ("%s %s\n", fname, addrspec);
b5a5d8
 
b5a5d8
@@ -1211,12 +1214,15 @@ gpg_error_t
b5a5d8
 wks_cmd_print_wkd_url (const char *userid)
b5a5d8
 {
b5a5d8
   gpg_error_t err;
b5a5d8
-  char *addrspec, *fname;
b5a5d8
+  char *addrspec = NULL, *fname;
b5a5d8
   char *domain;
b5a5d8
 
b5a5d8
   err = wks_fname_from_userid (userid, 1, &fname, &addrspec);
b5a5d8
   if (err)
b5a5d8
-    return err;
b5a5d8
+    {
b5a5d8
+      xfree (addrspec);
b5a5d8
+      return err;
b5a5d8
+    }
b5a5d8
 
b5a5d8
   domain = strchr (addrspec, '@');
b5a5d8
   if (domain)
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8
b5a5d8
b5a5d8
From 600fabd8268c765d45d48873e7a8610e6dae0966 Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Wed, 14 Apr 2021 15:59:12 +0200
b5a5d8
Subject: [PATCH GnuPG 17/19] scd: Use the same allocator to free memory
b5a5d8
b5a5d8
* scd/command.c (cmd_getinfo): Use free instead of gcry_free to match
b5a5d8
  the original allocator
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 scd/command.c | 3 ++-
b5a5d8
 1 file changed, 2 insertions(+), 1 deletion(-)
b5a5d8
b5a5d8
diff --git a/scd/command.c b/scd/command.c
b5a5d8
index cb0dd379a..9d85c5a41 100644
b5a5d8
--- a/scd/command.c
b5a5d8
+++ b/scd/command.c
b5a5d8
@@ -1832,7 +1832,8 @@ cmd_getinfo (assuan_context_t ctx, char *line)
b5a5d8
         rc = assuan_send_data (ctx, p, strlen (p));
b5a5d8
       else
b5a5d8
         rc = gpg_error (GPG_ERR_NO_DATA);
b5a5d8
-      xfree (p);
b5a5d8
+      /* allocated by scd/ccid-driver.c which is not using x*alloc/gcry_* */
b5a5d8
+      free (p);
b5a5d8
     }
b5a5d8
   else if (!strcmp (line, "deny_admin"))
b5a5d8
     rc = opt.allow_admin? gpg_error (GPG_ERR_GENERAL) : 0;
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8
b5a5d8
b5a5d8
From a94b0deab7c2ece2e512f87a52142454354d77b5 Mon Sep 17 00:00:00 2001
b5a5d8
From: Jakub Jelen <jjelen@redhat.com>
b5a5d8
Date: Wed, 14 Apr 2021 18:49:03 +0200
b5a5d8
Subject: [PATCH GnuPG 19/19] g10: Do not allocate memory when we can't return
b5a5d8
 it
b5a5d8
b5a5d8
* g10/keyid.c (fpr20_from_pk): Do not allocate memory when we can't
b5a5d8
  return it
b5a5d8
b5a5d8
--
b5a5d8
b5a5d8
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
b5a5d8
---
b5a5d8
 g10/keyid.c | 2 +-
b5a5d8
 1 file changed, 1 insertion(+), 1 deletion(-)
b5a5d8
b5a5d8
diff --git a/g10/keyid.c b/g10/keyid.c
b5a5d8
index 522cc9cda..f1af2fd90 100644
b5a5d8
--- a/g10/keyid.c
b5a5d8
+++ b/g10/keyid.c
b5a5d8
@@ -899,7 +899,7 @@ fpr20_from_pk (PKT_public_key *pk, byte array[20])
b5a5d8
     compute_fingerprint (pk);
b5a5d8
 
b5a5d8
   if (!array)
b5a5d8
-    array = xmalloc (pk->fprlen);
b5a5d8
+    return;
b5a5d8
 
b5a5d8
   if (pk->fprlen == 32)         /* v5 fingerprint */
b5a5d8
     {
b5a5d8
-- 
b5a5d8
2.30.2
b5a5d8