From b47ed5a89e744c5ab8ffc92d612e244269626a9e Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 19 Sep 2014 13:05:11 +0200 Subject: [PATCH] added bugfix --- gnutls-3.3.8-mem-issue.patch | 95 ++++++++++++++++++++++++++++++++++++ gnutls.spec | 2 + 2 files changed, 97 insertions(+) create mode 100644 gnutls-3.3.8-mem-issue.patch diff --git a/gnutls-3.3.8-mem-issue.patch b/gnutls-3.3.8-mem-issue.patch new file mode 100644 index 0000000..58f9943 --- /dev/null +++ b/gnutls-3.3.8-mem-issue.patch @@ -0,0 +1,95 @@ +diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c +index b102f4d..a4921f9 100644 +--- a/lib/gnutls_x509.c ++++ b/lib/gnutls_x509.c +@@ -697,11 +697,11 @@ static int + read_cert_url(gnutls_certificate_credentials_t res, const char *url) + { + int ret; +- gnutls_x509_crt_t crt; ++ gnutls_x509_crt_t crt = NULL; + gnutls_pcert_st *ccert; + gnutls_str_array_t names; + gnutls_datum_t t = {NULL, 0}; +- unsigned i; ++ unsigned i, count = 0; + + _gnutls_str_array_init(&names); + +@@ -729,13 +729,13 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url) + + if (ret < 0) { + gnutls_assert(); +- goto cleanup1; ++ goto cleanup; + } + + ret = get_x509_name(crt, &names); + if (ret < 0) { + gnutls_assert(); +- goto cleanup1; ++ goto cleanup; + } + + /* Try to load the whole certificate chain from the PKCS #11 token */ +@@ -747,17 +747,18 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url) + } + + ret = gnutls_pcert_import_x509(&ccert[i], crt, 0); +- gnutls_x509_crt_deinit(crt); +- + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } ++ count++; + + ret = gnutls_pkcs11_get_raw_issuer(url, crt, &t, GNUTLS_X509_FMT_DER, 0); + if (ret < 0) + break; +- ++ ++ gnutls_x509_crt_deinit(crt); ++ crt = NULL; + ret = gnutls_x509_crt_init(&crt); + if (ret < 0) { + gnutls_assert(); +@@ -767,23 +768,25 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url) + ret = gnutls_x509_crt_import(crt, &t, GNUTLS_X509_FMT_DER); + if (ret < 0) { + gnutls_assert(); +- goto cleanup1; ++ goto cleanup; + } + gnutls_free(t.data); + t.data = NULL; + } + +- ret = certificate_credential_append_crt_list(res, names, ccert, i+1); ++ ret = certificate_credential_append_crt_list(res, names, ccert, count); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + +- return 0; +-cleanup1: +- gnutls_x509_crt_deinit(crt); ++ if (crt != NULL) ++ gnutls_x509_crt_deinit(crt); + ++ return 0; + cleanup: ++ if (crt != NULL) ++ gnutls_x509_crt_deinit(crt); + gnutls_free(t.data); + _gnutls_str_array_clear(&names); + gnutls_free(ccert); +@@ -959,7 +962,6 @@ static int check_if_sorted(gnutls_pcert_st * crt, int nr) + ret = gnutls_x509_crt_init(&x509); + if (ret < 0) + return gnutls_assert_val(ret); +- + ret = + gnutls_x509_crt_import(x509, &crt[i].cert, + GNUTLS_X509_FMT_DER); diff --git a/gnutls.spec b/gnutls.spec index 7c5df77..e42bc4d 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -32,6 +32,7 @@ Source0: %{name}-%{version}-hobbled.tar.xz Source1: libgnutls-config Source2: hobble-gnutls Patch1: gnutls-3.2.7-rpath.patch +Patch2: gnutls-3.3.8-mem-issue.patch Patch3: gnutls-3.1.11-nosrp.patch Patch4: gnutls-3.3.6-default-policy.patch @@ -134,6 +135,7 @@ This package contains Guile bindings for the library. %setup -q %patch1 -p1 -b .rpath +%patch2 -p1 -b .mem-issue %patch3 -p1 -b .nosrp %patch4 -p1 -b .default-policy sed 's/gnutls_srp.c//g' -i lib/Makefile.in