From 5e2c81ee4acb5bf3eb4afdbc766646ba06f96dd9 Mon Sep 17 00:00:00 2001 From: Jonathan McDowell Date: Sun, 18 Aug 2019 11:03:47 +0100 Subject: [PATCH] Fix memory leak when merging key signatures This is a long-standing memory leak when merging signed packet lists. It hasn't been observed in the wild because the key merging is normally done in a transient process. Found using GCC with -fsanitize=leak --- merge.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/merge.c b/merge.c index 305c60a..9d03411 100644 --- a/merge.c +++ b/merge.c @@ -163,17 +163,15 @@ struct openpgp_signedpacket_list *find_signed_packet( * removes it if found. Assumes the packet can only exist a maximum of * once in the list. */ -bool remove_signed_packet(struct openpgp_signedpacket_list **packet_list, +static void remove_signed_packet(struct openpgp_signedpacket_list **packet_list, struct openpgp_signedpacket_list **list_end, struct openpgp_packet *packet) { struct openpgp_signedpacket_list *cur = NULL; struct openpgp_signedpacket_list *prev = NULL; - bool found = false; - for (cur = *packet_list; !found && (cur != NULL); cur = cur->next) { + for (cur = *packet_list; cur != NULL; cur = cur->next) { if (compare_packets(cur->packet, packet) == 0) { - found = true; if (prev == NULL) { *packet_list = cur->next; } else { @@ -182,14 +180,14 @@ bool remove_signed_packet(struct openpgp_signedpacket_list **packet_list, if (cur->next == NULL) { *list_end = prev; } - /* - * TODO: Free the removed signed packet... - */ + cur->next = NULL; + free_signedpacket_list(cur); + break; } prev = cur; } - return found; + return; } /** -- 2.39.5