rpms / trousers

Clone
Source Code
GIT

Blame SOURCES/trousers-0.3.14-double-free.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s
  1.   efabc7ad5c72cfa05949db4d0976423f0f6b09f6
  2.   SOURCES
  3.   trousers-0.3.14-double-free.patch
Blob History Raw
efabc7 
diff -ur trousers-0.3.14/src/tspi/tsp_auth.c trousers-0.3.14-new/src/tspi/tsp_auth.c
efabc7 
--- trousers-0.3.14/src/tspi/tsp_auth.c	2014-07-23 12:42:45.000000000 -0700
efabc7 
+++ trousers-0.3.14-new/src/tspi/tsp_auth.c	2019-05-27 13:41:57.316000945 -0700
efabc7 
@@ -1221,7 +1221,7 @@
efabc7 
 	}
efabc7
efabc7 
 	*handles = handle;
efabc7 
-    handles_track = handles;
efabc7 
+	handles_track = handles;
efabc7
efabc7 
     // Since the call tree of this function can possibly alloc memory
efabc7 
     // (check RPC_ExecuteTransport_TP function), its better to keep track of
efabc7 
@@ -1229,9 +1229,11 @@
efabc7 
 	result = obj_context_transport_execute(tspContext, TPM_ORD_Terminate_Handle, 0, NULL,
efabc7 
 					       NULL, &handlesLen, &handles, NULL, NULL, NULL, NULL);
efabc7
efabc7 
-	free(handles);
efabc7 
-    handles = NULL;
efabc7 
-    free(handles_track);
efabc7 
+	if (handles != handles_track) {
efabc7 
+		free(handles);
efabc7 
+	}
efabc7 
+
efabc7 
+	free(handles_track);
efabc7
efabc7 
 	return result;
efabc7 
 }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation