diff options
| author | Christian Grothoff <christian@grothoff.org> | 2023-06-20 19:01:54 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2023-06-20 19:01:54 +0200 |
| commit | 913c2ecc76742983ee9d21c257be907cbb537e65 (patch) | |
| tree | 87e4804e6c7f6bb9c3795c18d0aaa986e7d93a4c | |
| parent | b2c046a3f65f823ff6fbfef4f9c96e876aed56dc (diff) | |
| download | anastasis-913c2ecc76742983ee9d21c257be907cbb537e65.tar.gz anastasis-913c2ecc76742983ee9d21c257be907cbb537e65.tar.bz2 anastasis-913c2ecc76742983ee9d21c257be907cbb537e65.zip | |
-fix recdoc use-after-free
| -rw-r--r-- | src/lib/anastasis_recovery.c | 8 | ||||
| -rw-r--r-- | src/testing/testing_cmd_recover_secret.c | 14 |
2 files changed, 16 insertions, 6 deletions
diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c index e844737..f94e946 100644 --- a/src/lib/anastasis_recovery.c +++ b/src/lib/anastasis_recovery.c @@ -626,6 +626,7 @@ policy_lookup_cb (void *cls, json_error_t json_error; const json_t *dec_policies; const json_t *esc_methods; + json_t *recovery_document; r->plo = NULL; switch (http_status) @@ -698,7 +699,6 @@ policy_lookup_cb (void *cls, return; } { - json_t *recovery_document; uint32_t be_size; uLongf pt_size; char *pt; @@ -799,7 +799,6 @@ policy_lookup_cb (void *cls, r->ri.secret_name = r->secret_name; } } - json_decref (recovery_document); } r->ri.version = dd->version; @@ -853,6 +852,7 @@ policy_lookup_cb (void *cls, NULL, 0); ANASTASIS_recovery_abort (r); + json_decref (recovery_document); return; } cs->url = GNUNET_strdup (url); @@ -893,6 +893,7 @@ policy_lookup_cb (void *cls, NULL, 0); ANASTASIS_recovery_abort (r); + json_decref (recovery_document); return; } @@ -923,6 +924,7 @@ policy_lookup_cb (void *cls, NULL, 0); ANASTASIS_recovery_abort (r); + json_decref (recovery_document); return; } for (unsigned int i = 0; i<r->ri.cs_len; i++) @@ -943,12 +945,14 @@ policy_lookup_cb (void *cls, NULL, 0); ANASTASIS_recovery_abort (r); + json_decref (recovery_document); return; } } } r->pc (r->pc_cls, &r->ri); + json_decref (recovery_document); } diff --git a/src/testing/testing_cmd_recover_secret.c b/src/testing/testing_cmd_recover_secret.c index 35a8580..1f3e832 100644 --- a/src/testing/testing_cmd_recover_secret.c +++ b/src/testing/testing_cmd_recover_secret.c @@ -108,13 +108,19 @@ policy_lookup_cb (void *cls, { struct RecoverSecretState *rss = cls; - rss->ri = (struct ANASTASIS_RecoveryInformation *) ri; if (NULL == ri) { GNUNET_break (0); TALER_TESTING_interpreter_fail (rss->is); return; } + if (0 == ri->cs_len) + { + GNUNET_break (0); + TALER_TESTING_interpreter_fail (rss->is); + return; + } + rss->ri = (struct ANASTASIS_RecoveryInformation *) ri; TALER_TESTING_interpreter_next (rss->is); } @@ -188,9 +194,9 @@ recover_secret_run (void *cls, if (NULL != rss->download_reference) { - ref = TALER_TESTING_interpreter_lookup_command - (is, - rss->download_reference); + ref = TALER_TESTING_interpreter_lookup_command ( + is, + rss->download_reference); if (NULL == ref) { GNUNET_break (0); |