gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] 02/02: -fix recdoc use-after-free

From: gnunet
Subject: [taler-anastasis] 02/02: -fix recdoc use-after-free
Date: Tue, 20 Jun 2023 19:02:01 +0200 
This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository anastasis.

commit 913c2ecc76742983ee9d21c257be907cbb537e65
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Jun 20 19:01:54 2023 +0200

    -fix recdoc use-after-free
---
 src/lib/anastasis_recovery.c             |  8 ++++++--
 src/testing/testing_cmd_recover_secret.c | 14 ++++++++++----
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c
index e844737..f94e946 100644
--- a/src/lib/anastasis_recovery.c
+++ b/src/lib/anastasis_recovery.c
@@ -626,6 +626,7 @@ policy_lookup_cb (void *cls,
   json_error_t json_error;
   const json_t *dec_policies;
   const json_t *esc_methods;
+  json_t *recovery_document;
 
   r->plo = NULL;
   switch (http_status)
@@ -698,7 +699,6 @@ policy_lookup_cb (void *cls,
     return;
   }
   {
-    json_t *recovery_document;
     uint32_t be_size;
     uLongf pt_size;
     char *pt;
@@ -799,7 +799,6 @@ policy_lookup_cb (void *cls,
         r->ri.secret_name = r->secret_name;
       }
     }
-    json_decref (recovery_document);
   }
 
   r->ri.version = dd->version;
@@ -853,6 +852,7 @@ policy_lookup_cb (void *cls,
               NULL,
               0);
       ANASTASIS_recovery_abort (r);
+      json_decref (recovery_document);
       return;
     }
     cs->url = GNUNET_strdup (url);
@@ -893,6 +893,7 @@ policy_lookup_cb (void *cls,
               NULL,
               0);
       ANASTASIS_recovery_abort (r);
+      json_decref (recovery_document);
       return;
     }
 
@@ -923,6 +924,7 @@ policy_lookup_cb (void *cls,
                 NULL,
                 0);
         ANASTASIS_recovery_abort (r);
+        json_decref (recovery_document);
         return;
       }
       for (unsigned int i = 0; i<r->ri.cs_len; i++)
@@ -943,12 +945,14 @@ policy_lookup_cb (void *cls,
                 NULL,
                 0);
         ANASTASIS_recovery_abort (r);
+        json_decref (recovery_document);
         return;
       }
     }
   }
   r->pc (r->pc_cls,
          &r->ri);
+  json_decref (recovery_document);
 }
 
 
diff --git a/src/testing/testing_cmd_recover_secret.c 
b/src/testing/testing_cmd_recover_secret.c
index 35a8580..1f3e832 100644
--- a/src/testing/testing_cmd_recover_secret.c
+++ b/src/testing/testing_cmd_recover_secret.c
@@ -108,13 +108,19 @@ policy_lookup_cb (void *cls,
 {
   struct RecoverSecretState *rss = cls;
 
-  rss->ri = (struct ANASTASIS_RecoveryInformation *) ri;
   if (NULL == ri)
   {
     GNUNET_break (0);
     TALER_TESTING_interpreter_fail (rss->is);
     return;
   }
+  if (0 == ri->cs_len)
+  {
+    GNUNET_break (0);
+    TALER_TESTING_interpreter_fail (rss->is);
+    return;
+  }
+  rss->ri = (struct ANASTASIS_RecoveryInformation *) ri;
   TALER_TESTING_interpreter_next (rss->is);
 }
 
@@ -188,9 +194,9 @@ recover_secret_run (void *cls,
 
   if (NULL != rss->download_reference)
   {
-    ref = TALER_TESTING_interpreter_lookup_command
-            (is,
-            rss->download_reference);
+    ref = TALER_TESTING_interpreter_lookup_command (
+      is,
+      rss->download_reference);
     if (NULL == ref)
     {
       GNUNET_break (0);

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]