Fix double free in xmlSecGCryptAsymKeyDataGenerate
Related: RHEL-35381
This commit is contained in:
		
							parent
							
								
									fb098b2511
								
							
						
					
					
						commit
						42f7bcc4fe
					
				| @ -43,6 +43,19 @@ diff -up xmlsec1-1.2.29/src/gcrypt/asymkeys.c.orig xmlsec1-1.2.29/src/gcrypt/asy | |||||||
|      /* done */ |      /* done */ | ||||||
|      return(res); |      return(res); | ||||||
|  } |  } | ||||||
|  | @@ -292,11 +295,11 @@ xmlSecGCryptAsymKeyDataGenerate(xmlSecKe
 | ||||||
|  |      } | ||||||
|  | 
 | ||||||
|  |      ret = xmlSecGCryptAsymKeyDataAdoptKey(data, key_pair); | ||||||
|  | +    key_pair = NULL; /* now owned by data */
 | ||||||
|  |      if(ret < 0) { | ||||||
|  |          xmlSecInternalError("xmlSecGCryptAsymKeyDataAdopt", NULL); | ||||||
|  |          goto done; | ||||||
|  |      } | ||||||
|  | -    key_pair = NULL; /* now owned by data */
 | ||||||
|  | 
 | ||||||
|  |      /* success */ | ||||||
|  |      res = 0; | ||||||
| diff -up xmlsec1-1.2.29/src/parser.c.orig xmlsec1-1.2.29/src/parser.c
 | diff -up xmlsec1-1.2.29/src/parser.c.orig xmlsec1-1.2.29/src/parser.c
 | ||||||
| --- xmlsec1-1.2.29/src/parser.c.orig	2024-05-10 13:46:59.217160842 +0200
 | --- xmlsec1-1.2.29/src/parser.c.orig	2024-05-10 13:46:59.217160842 +0200
 | ||||||
| +++ xmlsec1-1.2.29/src/parser.c	2024-05-10 17:28:22.848994008 +0200
 | +++ xmlsec1-1.2.29/src/parser.c	2024-05-10 17:28:22.848994008 +0200
 | ||||||
|  | |||||||
| @ -1,7 +1,7 @@ | |||||||
| Summary: Library providing support for "XML Signature" and "XML Encryption" standards | Summary: Library providing support for "XML Signature" and "XML Encryption" standards | ||||||
| Name: xmlsec1 | Name: xmlsec1 | ||||||
| Version: 1.2.29 | Version: 1.2.29 | ||||||
| Release: 11%{?dist}%{?extra_release} | Release: 12%{?dist}%{?extra_release} | ||||||
| License: MIT | License: MIT | ||||||
| Source0: https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz | Source0: https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz | ||||||
| URL: http://www.aleksey.com/xmlsec/ | URL: http://www.aleksey.com/xmlsec/ | ||||||
| @ -178,6 +178,10 @@ mv %{buildroot}%{_docdir}/xmlsec1/* __tmp_doc | |||||||
| %{_libdir}/pkgconfig/xmlsec1-nss.pc | %{_libdir}/pkgconfig/xmlsec1-nss.pc | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Fri May 17 2024 Tomas Halman <thalman@redhat.com> - 1.2.29-12 | ||||||
|  | - Fix double free in xmlSecGCryptAsymKeyDataGenerate | ||||||
|  |   Related: RHEL-35381 | ||||||
|  | 
 | ||||||
| * Fri May 17 2024 Tomas Halman <thalman@redhat.com> - 1.2.29-11 | * Fri May 17 2024 Tomas Halman <thalman@redhat.com> - 1.2.29-11 | ||||||
| - Add xmlsec1-gnutls dependency on xmlsec1-gcrypt | - Add xmlsec1-gnutls dependency on xmlsec1-gcrypt | ||||||
|   Related: RHEL-35381 |   Related: RHEL-35381 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user