[Pkg-gnupg-maint] Bug#773541: Bug#773541: Bug#773541: uninitalized pointer read

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Feb 18 09:35:35 UTC 2015


Control: tags 773541 + moreinfo

On Tue 2015-01-06 23:06:50 -0500, NIIBE Yutaka wrote:
> Hello,
>
> Thanks for your reviewing and reporting.
>
> On 12/20/2014 02:19 AM, Joshua Rogers wrote:
>> Package: gnupg2
>> Version: 2.1.1
>> Severity: normal
> [...]
>> On line 204 of crlfetch.c 'hd' is run through http_get_status_code,
>> but it is possible for 'hd' not to be set, if opt.disable_http is
>> true.(see lines 192-202)
>
> When opt.disable_http is true, err is set (at line 199).
>
> The expression in question is:
>
> 	err? 99999 : http_get_status_code (hd)
>
> The function call http_get_status_code (hd) is not evaluated in that
> case (and its value is 99999).

gniibe's explanation suggests that this is not a bug, so i'm closing it.
if you think it's still a bug, please reopen it and provide more
details.

        --dkg



More information about the Pkg-gnupg-maint mailing list