diff options
author | Eduardo Chappa <chappa@washington.edu> | 2018-12-06 16:23:29 -0700 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2018-12-06 16:23:29 -0700 |
commit | 997ceda29bf9c8e54a10f5c0cec7297b067ad5e7 (patch) | |
tree | 3956d8b952566bcf42b6ffe7068562728be2e408 /pith/smime.c | |
parent | d566a9e20e2712617661b9fb00689534ec3be7f4 (diff) | |
download | alpine-997ceda29bf9c8e54a10f5c0cec7297b067ad5e7.tar.xz |
* Fix a crash in the S/MIME configuration screen when a user turned off S/MIME,
and then reenabled it. This crash was due to a double free of memory. To avoid
this in the future, we created a function free_x509_store(), which whenever
called, will only free memory once. A similar crash would occur when one
attempted to enter the S/MIME configuration screen if S/MIME was turned off.
In this case, Alpine would try to dereference a null pointer.
Diffstat (limited to 'pith/smime.c')
-rw-r--r-- | pith/smime.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/pith/smime.c b/pith/smime.c index 77376d5a..f64d81b2 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -1204,8 +1204,7 @@ renew_cert_data(CertList **data, WhichCerts ctype) else ps_global->smime->cacertlist = *data; } - X509_STORE_free(store); - store = NULL; + free_x509_store(&store); } } setup_certs_backup_by_type(ctype); @@ -1224,7 +1223,7 @@ smime_deinit(void) { dprint((9, "smime_deinit()")); app_RAND_write_file(NULL); - if (s_cert_store != NULL) X509_STORE_free(s_cert_store); + if (s_cert_store != NULL) free_x509_store(&s_cert_store); #ifdef ERR_free_strings ERR_free_strings(); #endif /* ERR_free_strings */ @@ -1240,7 +1239,7 @@ renew_store(void) { if(ps_global->smime->inited){ if(s_cert_store != NULL) - X509_STORE_free(s_cert_store); + free_x509_store(&s_cert_store); s_cert_store = get_ca_store(); } } |