This is a long-standing memory leak when merging signed packet lists. It
hasn't been observed in the wild because the key merging is normally
done in a transient process. Found using GCC with -fsanitize=leak
* removes it if found. Assumes the packet can only exist a maximum of
* once in the list.
*/
* removes it if found. Assumes the packet can only exist a maximum of
* once in the list.
*/
-bool remove_signed_packet(struct openpgp_signedpacket_list **packet_list,
+static void remove_signed_packet(struct openpgp_signedpacket_list **packet_list,
struct openpgp_signedpacket_list **list_end,
struct openpgp_packet *packet)
{
struct openpgp_signedpacket_list *cur = NULL;
struct openpgp_signedpacket_list *prev = NULL;
struct openpgp_signedpacket_list **list_end,
struct openpgp_packet *packet)
{
struct openpgp_signedpacket_list *cur = NULL;
struct openpgp_signedpacket_list *prev = NULL;
- for (cur = *packet_list; !found && (cur != NULL); cur = cur->next) {
+ for (cur = *packet_list; cur != NULL; cur = cur->next) {
if (compare_packets(cur->packet, packet) == 0) {
if (compare_packets(cur->packet, packet) == 0) {
if (prev == NULL) {
*packet_list = cur->next;
} else {
if (prev == NULL) {
*packet_list = cur->next;
} else {
if (cur->next == NULL) {
*list_end = prev;
}
if (cur->next == NULL) {
*list_end = prev;
}
- /*
- * TODO: Free the removed signed packet...
- */
+ cur->next = NULL;
+ free_signedpacket_list(cur);
+ break;