summarylogtreecommitdiffstats
path: root/use-after-free.patch
diff options
context:
space:
mode:
Diffstat (limited to 'use-after-free.patch')
-rw-r--r--use-after-free.patch20
1 files changed, 20 insertions, 0 deletions
diff --git a/use-after-free.patch b/use-after-free.patch
new file mode 100644
index 000000000000..936186dfd7c3
--- /dev/null
+++ b/use-after-free.patch
@@ -0,0 +1,20 @@
+diff -Naur yubico-piv-tool-2.3.0.org/ykcs11/tests/ykcs11_tests_util.c yubico-piv-tool-2.3.0/ykcs11/tests/ykcs11_tests_util.c
+--- yubico-piv-tool-2.3.0.org/ykcs11/tests/ykcs11_tests_util.c 2022-06-29 10:40:32.725836092 +0200
++++ yubico-piv-tool-2.3.0/ykcs11/tests/ykcs11_tests_util.c 2022-02-23 14:54:47.000000000 +0100
+@@ -1224,7 +1223,6 @@
+ asrt(funcs->C_Decrypt(session, enc, enc_len, dec, &dec_len), CKR_OK, "DECRYPT");
+ asrt(dec_len, data_len, "DECRYPTED DATA LEN");
+ asrt(memcmp(data, dec, dec_len), 0, "DECRYPTED DATA");
+- free(dec);
+
+ // Decrypt Update
+ asrt(funcs->C_DecryptInit(session, &mech, obj_pvtkey[i]), CKR_OK, "DECRYPT INIT");
+@@ -1234,6 +1234,8 @@
+ asrt(funcs->C_DecryptUpdate(session, enc+100, 8, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
+ dec_len = sizeof(dec);
+ asrt(funcs->C_DecryptUpdate(session, enc+108, 20, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
++ free(dec);
++
+ dec_len = 0;
+ asrt(funcs->C_DecryptFinal(session, NULL, &dec_len), CKR_OK, "DECRYPT FINAL");
+ dec = malloc(dec_len);