--
If something in the keyserver_line failed, parse_keyserver_line would free
'server', but then return it afterwards, leading to a use-after-free.
sm/gpgsm.c, in the function main() correctly checks whether the return of
parse_keyserver_line is false.
---
sm/gpgsm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 3398d17..75c0b4d 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -862,6 +862,7 @@ parse_keyserver_line (char *line,
{
log_info (_("%s:%u: skipping this line\n"), filename, lineno);
keyserver_list_free (server);
+ return 0;
}
return server;
--
1.9.1
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
