gpg: Fix possible double free of the card serialno.

* g10/free-packet.c (copy_public_key): Copy fields serialno and updateurl. -- The PK->serialno is used to get the version of the card to decide whether it does support other algorithms than SHA-1. This value is cached but no deep copy was done when calling copy_public_key. Bug detected by importing some public keys and then importing a secret key which led to a double free. Signed-off-by: Werner Koch <wk@gnupg.org>
author: Werner Koch <wk@gnupg.org> 2017-07-21 17:48:40 +0200
committer: Werner Koch <wk@gnupg.org> 2017-07-21 17:49:10 +0200
commit: e888f7af6571ecd3994fd55cc18c9e2df7fd0c60 (patch)
tree: b5f56bd9b8dbfd9fabb0555483537a29b7a3ea79 /g10/free-packet.c
parent: gpg: Use macros to check the signature class. (diff)
download: gnupg2-e888f7af6571ecd3994fd55cc18c9e2df7fd0c60.tar.xz
gnupg2-e888f7af6571ecd3994fd55cc18c9e2df7fd0c60.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/g10/free-packet.c b/g10/free-packet.c
index cd222a2d6..e15ad3f04 100644
--- a/g10/free-packet.c
+++ b/g10/free-packet.c
@@ -224,6 +224,12 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s)
     }
   else
     d->revkey = NULL;
+
+  if (s->serialno)
+    d->serialno = xstrdup (s->serialno);
+  if (s->updateurl)
+    d->updateurl = xstrdup (s->updateurl);
+
   return d;
 }
author	Werner Koch <wk@gnupg.org>	2017-07-21 17:48:40 +0200
committer	Werner Koch <wk@gnupg.org>	2017-07-21 17:49:10 +0200
commit	e888f7af6571ecd3994fd55cc18c9e2df7fd0c60 (patch)
tree	b5f56bd9b8dbfd9fabb0555483537a29b7a3ea79 /g10/free-packet.c
parent	gpg: Use macros to check the signature class. (diff)
download	gnupg2-e888f7af6571ecd3994fd55cc18c9e2df7fd0c60.tar.xz gnupg2-e888f7af6571ecd3994fd55cc18c9e2df7fd0c60.zip