packages/opensc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
opensc/iasecc-Avoid-another-memory-leak.patch
zou_lin77 1f1bd14459 fix more oss-fuzz
2021-08-19 19:53:59 +08:00

80 lines
2.1 KiB
Diff
Raw Permalink Blame History

From 03cbf91be54e2b54dd87176d1136570610e32f3f Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 15 Jan 2021 13:40:34 +0100
Subject: [PATCH] iasecc: Avoid another memory leak
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29456
---
src/libopensc/card-iasecc.c | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/src/libopensc/card-iasecc.c b/src/libopensc/card-iasecc.c
index d144b69..07a99f8 100644
--- a/src/libopensc/card-iasecc.c
+++ b/src/libopensc/card-iasecc.c
@@ -310,12 +310,14 @@ iasecc_select_mf(struct sc_card *card, struct sc_file **file_out)
mf_file->type = SC_FILE_TYPE_DF;
mf_file->path = path;
- if (card->cache.valid)
- sc_file_free(card->cache.current_df);
+ if (card->cache.valid) {
+ sc_file_free(card->cache.current_df);
+ }
card->cache.current_df = NULL;
- if (card->cache.valid)
+ if (card->cache.valid) {
sc_file_free(card->cache.current_ef);
+ }
card->cache.current_ef = NULL;
sc_file_dup(&card->cache.current_df, mf_file);
@@ -1069,25 +1071,23 @@ iasecc_select_file(struct sc_card *card, const struct sc_path *path,
sc_log(ctx, "FileType %i", file->type);
if (file->type == SC_FILE_TYPE_DF) {
- if (card->cache.valid)
+ if (card->cache.valid) {
sc_file_free(card->cache.current_df);
+ }
card->cache.current_df = NULL;
-
- if (card->cache.valid)
- sc_file_free(card->cache.current_ef);
- card->cache.current_ef = NULL;
-
sc_file_dup(&card->cache.current_df, file);
card->cache.valid = 1;
}
else {
- if (card->cache.valid)
+ if (card->cache.valid) {
sc_file_free(card->cache.current_ef);
+ }
card->cache.current_ef = NULL;
sc_file_dup(&card->cache.current_ef, file);
+ card->cache.valid = 1;
}
if (file_out) {
@@ -1493,8 +1493,9 @@ iasecc_delete_file(struct sc_card *card, const struct sc_path *path)
rv = sc_check_sw(card, apdu.sw1, apdu.sw2);
LOG_TEST_RET(ctx, rv, "Delete file failed");
- if (card->cache.valid)
+ if (card->cache.valid) {
sc_file_free(card->cache.current_ef);
+ }
card->cache.current_ef = NULL;
}
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink