Date: Sun, 19 May 2019 22:00:06 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: "Simon J. Gerraty" <sjg@freebsd.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r347980 - head/lib/libsecureboot/openpgp Message-ID: <201905200500.x4K506YI072317@gndrsh.dnsmgr.net> In-Reply-To: <201905192024.x4JKOIZe086856@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[ Charset UTF-8 unsupported, converting... ] > Author: sjg > Date: Sun May 19 20:24:17 2019 > New Revision: 347980 > URL: https://svnweb.freebsd.org/changeset/base/347980 > > Log: > load_key_buf do not free data from dearmor > > The data returned by dearmor is referenced by the key > leave it alone! > > Reviewed by: stevek > MFC after: 2 days This is an exception below the standard minimal limit during a code freeze, is there some reason for it? The next build should not be started before 3 days. > Modified: > head/lib/libsecureboot/openpgp/opgp_key.c > head/lib/libsecureboot/openpgp/opgp_sig.c > > Modified: head/lib/libsecureboot/openpgp/opgp_key.c > ============================================================================== > --- head/lib/libsecureboot/openpgp/opgp_key.c Sun May 19 20:13:55 2019 (r347979) > +++ head/lib/libsecureboot/openpgp/opgp_key.c Sun May 19 20:24:17 2019 (r347980) > @@ -168,6 +168,7 @@ load_key_buf(unsigned char *buf, size_t nbytes) > initialize(); > > if (!(buf[0] & OPENPGP_TAG_ISTAG)) { > + /* Note: we do *not* free data */ > data = dearmor((char *)buf, nbytes, &nbytes); > ptr = data; > } else > @@ -190,7 +191,6 @@ load_key_buf(unsigned char *buf, size_t nbytes) > } > } > } > - free(data); > return (key); > } > > @@ -209,8 +209,10 @@ openpgp_trust_add(OpenPGP_key *key) > > LIST_INIT(&trust_list); > } > - if (key) > + if (key) { > + DEBUG_PRINTF(2, ("openpgp_trust_add(%s)\n", key->id)); > LIST_INSERT_HEAD(&trust_list, key, entries); > + } > } > > /** > @@ -296,6 +298,7 @@ load_key_id(const char *keyID) > if (!key) > key = load_trusted_key_id(keyID); > #endif > + DEBUG_PRINTF(2, ("load_key_id(%s): %s\n", keyID, key ? "found" : "nope")); > return (key); > } > > > Modified: head/lib/libsecureboot/openpgp/opgp_sig.c > ============================================================================== > --- head/lib/libsecureboot/openpgp/opgp_sig.c Sun May 19 20:13:55 2019 (r347979) > +++ head/lib/libsecureboot/openpgp/opgp_sig.c Sun May 19 20:24:17 2019 (r347980) > @@ -318,6 +318,7 @@ openpgp_verify(const char *filename, > sdata = ddata = dearmor((char *)sdata, sbytes, &sbytes); > ptr = sdata; > rc = decode_packet(2, &ptr, sbytes, (decoder_t)decode_sig, sig); > + DEBUG_PRINTF(2, ("rc=%d keyID=%s\n", rc, sig->key_id ? sig->key_id : "?")); > if (rc == 0 && sig->key_id) { > key = load_key_id(sig->key_id); > if (!key) { > > -- Rod Grimes rgrimes@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201905200500.x4K506YI072317>