Bug#1006687: libchipcard6: card.c leaks memory

Wed, 02 Mar 2022 12:06:12 -0800

Control: forwarded -1 https://www.aquamaniac.de/rdm/projects/libchipcard/repository/revisions/913b862a8a0678be0a2bd9f85213dea24081e2bf/diff/src/lib/client/base/card.c 

Hi Michael,
thank you for reporting the issue to the Debian bug tracker. Assuming your consent to distributing your patch under the LGPL v2.1 license, I dared to commit it to the upstream Git repository on branch "libchipcard5", which you can find here: 
https://www.aquamaniac.de/rdm/projects/libchipcard/repository/revisions/913b862a8a0678be0a2bd9f85213dea24081e2bf/diff/src/lib/client/base/card.c
Unfortunately the patch didn't apply cleanly to the master branch. The file card.c was since moved to src/libchipcard/base/card.c, yet changed substantially so that a careful review would be appropriate. 

Nevertheless, thank you to your contribution to Debian and Libchipcard.

Kind regards,
Micha

Am 02.03.22 um 13:36 schrieb Michael Klein:

Package: libchipcard6
Version: 5.1.5rc2-7
Severity: normal
Tags: patch upstream

Dear Maintainer,

while running a small inhouse application under AddressSanitizer I
stumbled over a few small memory leaks in card.c:

- the LC_CARD struct members readerType and driverType are not freed in
   LC_Card_free()
- LC_Card_Select{Df,Ef,EfById}() leaks a GWEN_BUFFER local to the function

-- System Information:
Debian Release: 11.0
   APT prefers impish-updates
   APT policy: (500, 'impish-updates'), (500, 'impish-security'), (500, 
'impish'), (100, 'impish-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.13.0-30-generic (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libchipcard6 depends on:
ii  libc6             2.34-0ubuntu3
ii  libchipcard-data  5.1.5rc2-7
ii  libgwenhywfar79   5.6.0-2
ii  libpcsclite1      1.9.3-2
ii  zlib1g            1:1.2.11.dfsg-2ubuntu7

libchipcard6 recommends no packages.

libchipcard6 suggests no packages.

-- no debconf information

Reply via email to