30 lines
920 B
Diff
30 lines
920 B
Diff
From 0d7967549751b7032f22b437106b41444aff0ba9 Mon Sep 17 00:00:00 2001
|
|
From: Scott Gayou <sgayou@redhat.com>
|
|
Date: Fri, 1 Mar 2019 13:11:06 -0600
|
|
Subject: [PATCH] Small memory leak fix (CVE-2019-6502 in #1586)
|
|
|
|
CVE-2019-6502 was assigned to what appears to be a very minor
|
|
memory leak that only occurs on an error-case in a CLI tool.
|
|
If util_connect_card fails, we still need to release the sc
|
|
context previously allocated by sc_context_create else memory
|
|
will leak.
|
|
---
|
|
src/tools/eidenv.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/src/tools/eidenv.c b/src/tools/eidenv.c
|
|
index d8a7be6..d96ad4e 100644
|
|
--- a/src/tools/eidenv.c
|
|
+++ b/src/tools/eidenv.c
|
|
@@ -403,6 +403,7 @@ int main(int argc, char **argv)
|
|
r = util_connect_card(ctx, &card, opt_reader, opt_wait, 0);
|
|
if (r) {
|
|
fprintf(stderr, "Failed to connect to card: %s\n", sc_strerror(r));
|
|
+ sc_release_context(ctx);
|
|
return 1;
|
|
}
|
|
|
|
--
|
|
1.7.12.4
|
|
|