Crashes with gpg-agent 2.1.18
Werner Koch
wk at gnupg.org
Thu Jan 26 19:01:57 CET 2017
On Wed, 25 Jan 2017 13:58, justus at g10code.com said:
> It was a double free. Fixed in
Can you please describe in a code comment how xtrystrdup relinquishes
control to another thread. That is not easy to see:
xtrystrdup used gcry_strdup which may use the secure memory allocator of
Libgcrypt. That allocator takes locks and since Libgpg-error 1.14
libgpg-error can be nPth aware and thus the lock may switch threads.
It would also be useful to check other parts of gpg-agent and scdaemon
which do secure memory allocations and may be prone to the same
problem.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170126/b8956270/attachment.sig>
More information about the Gnupg-devel
mailing list