From 5e2c81ee4acb5bf3eb4afdbc766646ba06f96dd9 Mon Sep 17 00:00:00 2001
From: Jonathan McDowell <noodles@earth.li>
Date: Sun, 18 Aug 2019 11:03:47 +0100
Subject: [PATCH] Fix memory leak when merging key signatures

This is a long-standing memory leak when merging signed packet lists. It
hasn't been observed in the wild because the key merging is normally
done in a transient process. Found using GCC with -fsanitize=leak
---
 merge.c | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/merge.c b/merge.c
index 305c60a..9d03411 100644
--- a/merge.c
+++ b/merge.c
@@ -163,17 +163,15 @@ struct openpgp_signedpacket_list *find_signed_packet(
  *	removes it if found. Assumes the packet can only exist a maximum of
  *	once in the list.
  */
-bool remove_signed_packet(struct openpgp_signedpacket_list **packet_list,
+static void remove_signed_packet(struct openpgp_signedpacket_list **packet_list,
 		struct openpgp_signedpacket_list **list_end,
 		struct openpgp_packet *packet)
 {
 	struct openpgp_signedpacket_list *cur = NULL;
 	struct openpgp_signedpacket_list *prev = NULL;
-	bool found = false;
 
-	for (cur = *packet_list; !found && (cur != NULL); cur = cur->next) {
+	for (cur = *packet_list; cur != NULL; cur = cur->next) {
 		if (compare_packets(cur->packet, packet) == 0) {
-			found = true;
 			if (prev == NULL) {
 				*packet_list = cur->next;
 			} else {
@@ -182,14 +180,14 @@ bool remove_signed_packet(struct openpgp_signedpacket_list **packet_list,
 			if (cur->next == NULL) {
 				*list_end = prev;
 			}
-			/*
-			 * TODO: Free the removed signed packet...
-			 */
+			cur->next = NULL;
+			free_signedpacket_list(cur);
+			break;
 		}
 		prev = cur;
 	}
 
-	return found;
+	return;
 }
 
 /**
-- 
2.39.5