forked from pool/openCryptoki
407ecfdaa4
* ocki-3.15.1-Added-NULL-pointer-to-avoid-double-free-for-the-list.patch
Added NULL pointer to avoid double free() for the list-key and
remove-key commands.
* ocki-3.15.1-Fixed-p11sak-and-corresponding-test-case.patch
Note that two hunks that were unrelated to fixing the running
code were removed from this patch.
* ocki-3.15.1-p11sak-Fix-CKA_LABEL-handling.patch
- Added ocki-3.15.1-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch
When constructing an OpenSSL EC public or private key from PKCS#11
attributes or ECDH public data, check that the key is valid, i.e. that
the point is on the curve.
(bsc#1185976)
OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=118
41 lines
1.2 KiB
Diff
41 lines
1.2 KiB
Diff
From 900a480c3c4e1cfb1496d80fb20e8eab4a8108db Mon Sep 17 00:00:00 2001
|
|
From: Matthias Reumann <matthias.reumann1@ibm.com>
|
|
Date: Wed, 17 Mar 2021 11:22:31 +0100
|
|
Subject: [PATCH] Added NULL pointer to avoid double free() for the list-key
|
|
and remove-key commands.
|
|
|
|
Signed-off by Matthias Reumann <matthias.reumann1@ibm.com>
|
|
---
|
|
usr/sbin/p11sak/p11sak.c | 5 ++++-
|
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/usr/sbin/p11sak/p11sak.c b/usr/sbin/p11sak/p11sak.c
|
|
index d99db970..3ba57022 100644
|
|
--- a/usr/sbin/p11sak/p11sak.c
|
|
+++ b/usr/sbin/p11sak/p11sak.c
|
|
@@ -2149,7 +2149,9 @@ static CK_RV list_ckey(CK_SESSION_HANDLE session, p11sak_kt kt, int long_print)
|
|
printf("%s\n", label);
|
|
}
|
|
free(label);
|
|
+ label = NULL;
|
|
free(keytype);
|
|
+ keytype = NULL;
|
|
}
|
|
|
|
rc = funcs->C_FindObjectsFinal(session);
|
|
@@ -2313,9 +2315,10 @@ static CK_RV delete_key(CK_SESSION_HANDLE session, p11sak_kt kt, char *rm_label,
|
|
}
|
|
}
|
|
}
|
|
-
|
|
free(label);
|
|
+ label = NULL;
|
|
free(keytype);
|
|
+ keytype = NULL;
|
|
}
|
|
|
|
rc = funcs->C_FindObjectsFinal(session);
|
|
--
|
|
2.26.2
|
|
|