[Pkg-privacy-commits] [libotr] 09/20: Fix: set to NULL the sendsmp pointer when handling SMP

Intrigeri intrigeri at moszumanska.debian.org
Thu Mar 10 09:25:57 UTC 2016 

This is an automated email from the git hooks/post-receive script.

intrigeri pushed a commit to annotated tag 4.1.1
in repository libotr.

commit 70d1df0d434e54b3eea67a658c7a2e82a31e579c
Author: David Goulet <dgoulet at ev0ke.net>
Date:   Tue Aug 18 09:32:19 2015 +0200

    Fix: set to NULL the sendsmp pointer when handling SMP
    
    If err = otrl_proto_create_data(&mp, ...) returns an early error, then
    mp may not have yet been set to NULL.  If the calling code *both*
    (a) had not set mp to NULL to begin with, *and*
    (b) calls free(mp) _outside_ of the test for if (!err),
    then free(mp) will be freeing an uninitialized pointer.
    
    So ensure every call to otrl_proto_create_data either initializes its mp
    to NULL, or only frees mp if the call succeeds, or both.  There were two
    places where neither was happening.  Other places, one or the other was
    already happening.
    
    Also, for extra precaution, set the message pointer in
    otrl_proto_create_data() to NULL at the beginning.
    
    Thanks to Nicolas Guigo <nicolas.guigo at nccgroup.trust> and
    Ben Hawkes <hawkes at inertiawar.com> for the report.
    
    Fixes #72
    
    Signed-off-by: David Goulet <dgoulet at ev0ke.net>
    Signed-off-by: Ian Goldberg <iang at cs.uwaterloo.ca>
---
 src/message.c | 4 ++--
 src/proto.c   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/message.c b/src/message.c
index 150b6ad..d9ca58c 100644
--- a/src/message.c
+++ b/src/message.c
@@ -1505,7 +1505,7 @@ int otrl_message_receiving(OtrlUserState us, const OtrlMessageAppOps *ops,
 			    unsigned char* nextmsg;
 			    int nextmsglen;
 			    OtrlTLV *sendtlv;
-			    char *sendsmp;
+			    char *sendsmp = NULL;
 			    otrl_sm_step3(context->smstate, tlv->data,
 				    tlv->len, &nextmsg, &nextmsglen);
 
@@ -1560,7 +1560,7 @@ int otrl_message_receiving(OtrlUserState us, const OtrlMessageAppOps *ops,
 			    unsigned char* nextmsg;
 			    int nextmsglen;
 			    OtrlTLV *sendtlv;
-			    char *sendsmp;
+			    char *sendsmp = NULL;
 			    err = otrl_sm_step4(context->smstate, tlv->data,
 				    tlv->len, &nextmsg, &nextmsglen);
 			    /* Set trust level based on result */
diff --git a/src/proto.c b/src/proto.c
index f8880a6..1050620 100644
--- a/src/proto.c
+++ b/src/proto.c
@@ -496,6 +496,8 @@ gcry_error_t otrl_proto_create_data(char **encmessagep, ConnContext *context,
     char *msgdup;
     int version = context->protocol_version;
 
+    *encmessagep = NULL;
+
     /* Make sure we're actually supposed to be able to encrypt */
     if (context->msgstate != OTRL_MSGSTATE_ENCRYPTED ||
 	    context->context_priv->their_keyid == 0) {
@@ -510,8 +512,6 @@ gcry_error_t otrl_proto_create_data(char **encmessagep, ConnContext *context,
     }
     strcpy(msgdup, msg);
 
-    *encmessagep = NULL;
-
     /* Header, msg flags, send keyid, recv keyid, counter, msg len, msg
      * len of revealed mac keys, revealed mac keys, MAC */
     buflen = OTRL_HEADER_LEN + (version == 3 ? 8 : 0)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/libotr.git

More information about the Pkg-privacy-commits mailing list