rpms/pinentry
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Address issues reported by coverity

Browse Source
This commit is contained in:
Jakub Jelen 2021-04-14 14:56:24 +02:00
parent df36c013d5
commit 6c3713bafb
2 changed files with 100 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
pinentry-1.1.1-coverity.patch Normal file
View File

@ -0,0 +1,97 @@
commit a87d9e8f89f946a733c756c72bf5ec41e0a738b8
Author: Jakub Jelen <jjelen@redhat.com>
Date: Wed Apr 14 15:51:27 2021 +0900
core,emacs,tty,curses: Fix memory leaks, invalid accese, and mistake.
* pinentry/pinentry-curses.c (dialog_create): Free NEW.
[HAVE_NCURSESW] (dialog_run): Free OLD_CTYPE on error.
* pinentry/pinentry.c (pinentry_inq_genpin): Free VALUE on error.
* tty/pinentry-tty.c (tty_cmd_handler): Don't access closed FDs.
* pinentry/pinentry-emacs.c (set_labels): Fix for ->default_cancel.
--
GnuPG-bug-id: 5384
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
diff --git a/pinentry/pinentry-curses.c b/pinentry/pinentry-curses.c
index a3fe2e2..1c3008a 100644
--- a/pinentry/pinentry-curses.c
+++ b/pinentry/pinentry-curses.c
@@ -315,6 +315,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog)
} \
dialog->which = pinentry_utf8_to_local (pinentry->lc_ctype, \
new ? new : default); \
+ free (new); \
if (!dialog->which) \
{ \
err = 1; \
@@ -873,6 +874,9 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
{
pinentry->specific_err = gpg_error_from_syserror ();
pinentry->specific_err_loc = "open_tty_for_read";
+#ifdef HAVE_NCURSESW
+ free (old_ctype);
+#endif
return confirm_mode? 0 : -1;
}
ttyfo = fopen (tty_name, "w");
@@ -883,6 +887,9 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
errno = err;
pinentry->specific_err = gpg_error_from_syserror ();
pinentry->specific_err_loc = "open_tty_for_write";
+#ifdef HAVE_NCURSESW
+ free (old_ctype);
+#endif
return confirm_mode? 0 : -1;
}
screen = newterm (tty_type, ttyfo, ttyfi);
@@ -897,6 +904,9 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
errno = ENOTTY;
pinentry->specific_err = gpg_error_from_syserror ();
pinentry->specific_err_loc = "isatty";
+#ifdef HAVE_NCURSESW
+ free (old_ctype);
+#endif
return confirm_mode? 0 : -1;
}
init_screen = 1;
diff --git a/pinentry/pinentry-emacs.c b/pinentry/pinentry-emacs.c
index 16ae1c2..9685b67 100644
--- a/pinentry/pinentry-emacs.c
+++ b/pinentry/pinentry-emacs.c
@@ -498,7 +498,7 @@ set_labels (pinentry_t pe)
set_label (pe, "SETOK", pe->default_ok);
if (pe->cancel)
set_label (pe, "SETCANCEL", pe->cancel);
- else if (pe->default_ok)
+ else if (pe->default_cancel)
set_label (pe, "SETCANCEL", pe->default_cancel);
if (pe->notok)
set_label (pe, "SETNOTOK", pe->notok);
diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c
index ef81f12..26ec77a 100644
--- a/pinentry/pinentry.c
+++ b/pinentry/pinentry.c
@@ -656,6 +656,7 @@ pinentry_inq_genpin (pinentry_t pin)
if (rc)
{
fprintf (stderr, "ASSUAN READ LINE failed: rc=%d\n", rc);
+ free (value);
return 0;
}
}
diff --git a/tty/pinentry-tty.c b/tty/pinentry-tty.c
index 403dd60..4a2b67f 100644
--- a/tty/pinentry-tty.c
+++ b/tty/pinentry-tty.c
@@ -559,7 +559,7 @@ tty_cmd_handler (pinentry_t pinentry)
}
}
- if (terminal_save (fileno (ttyfi)) < 0)
+ if (!rc && terminal_save (fileno (ttyfi)) < 0)
rc = -1;
if (! rc)

3
pinentry.spec
View File

@ -9,6 +9,8 @@ URL: https://www.gnupg.org/
Source0: https://gnupg.org/ftp/gcrypt/pinentry/%{name}-%{version}.tar.bz2
Source1: https://gnupg.org/ftp/gcrypt/pinentry/%{name}-%{version}.tar.bz2.sig
Patch1: pinentry-1.1.1-coverity.patch
# borrowed from opensuse
Source10: pinentry-wrapper
@ -86,6 +88,7 @@ This package contains the tty version of the PIN entry dialog.
%prep
%setup -q
%patch1 -p1 -b .coverity
%build