From ee594a43dd03ce028cff1671b34c3a92d0715c69 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Wed, 26 Jun 2019 10:50:25 +0200 Subject: [PATCH] Imported Upstream version 1.8.4 --- ChangeLog | 61 +++++++++++++ Makefile.am | 60 ++++++++++++- Makefile.in | 59 ++++++++++++- NEWS | 25 ++++++ README | 7 +- VERSION | 2 +- cipher/ecc-curves.c | 2 +- cipher/ecc-eddsa.c | 5 +- cipher/ecc.c | 10 ++- cipher/primegen.c | 3 +- configure | 28 +++--- configure.ac | 4 +- doc/fips-fsm.eps | 2 +- doc/fips-fsm.pdf | Bin 12566 -> 12566 bytes doc/gcrypt.info | 214 +++++++++++++++++++++++----------------------- doc/gcrypt.info-1 | 14 +-- doc/gcrypt.info-2 | Bin 23149 -> 23152 bytes doc/gcrypt.texi | 9 +- doc/libgcrypt-modules.eps | 2 +- doc/libgcrypt-modules.pdf | Bin 7158 -> 7158 bytes doc/stamp-vti | 8 +- doc/version.texi | 8 +- doc/yat2m.c | 42 ++++++--- random/rndjent.c | 3 +- random/rndlinux.c | 42 +++++++-- src/gcrypt.h.in | 2 +- src/secmem.c | 5 +- src/sexp.c | 2 +- 28 files changed, 434 insertions(+), 185 deletions(-) diff --git a/ChangeLog b/ChangeLog index cd73661..46e94ec 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,64 @@ +2018-10-26 Werner Koch + + Release 1.8.4. + + commit 93775172713c00c363187b5d6a88895b04ac7c8e + + +2018-10-26 Daniel Kahn Gillmor + + random: use getrandom() on Linux where available. + + commit 0973c3f9ee7a9ad7c97b77849ed33ecd6789c787 + * random/rndlinux.c (_gcry_rndlinux_gather_random): use the + getrandom() syscall on Linux if it exists, regardless of what kind of + entropy was requested. + +2018-10-26 Werner Koch + + random: Make sure to re-open /dev/random after a fork. + + commit 60885655756dd0427872b8f01c06da14eab5af70 + * random/rndlinux.c (_gcry_rndlinux_gather_random): Detect fork and + re-open devices. + + primes: Avoid leaking bits of the prime test to pageable memory. + + commit 5b1d022293c5779b1150a7653cce4e3bf494a07c + * cipher/primegen.c (gen_prime): Allocate MODS in secure memory. + +2018-10-24 Werner Koch + + build: Add release make target. + + commit 99a5babfd1e759310db8ab8b11d182f2e139dfb1 + * Makefile.am (release, sign-release): New targets. + + (cherry picked from commit 03bb25ee7ed6f1076bf788ab981ca68672880daa) + + Fix memory leak in secmem in out of core conditions. + + commit abd267bf239345ceae5c0de239d1530b427a53a1 + * src/secmem.c (_gcry_secmem_malloc_internal): Release pool descriptor + if the pool could not be allocated. + + ecc: Fix memory leak in the error case of ecc_encrypt_raw. + + commit 60224352f4de1189e0076c6172886dc787a1e6e6 + * cipher/ecc.c (ecc_encrypt_raw): Add proper error cleanup in the main + block. + + ecc: Fix possible memory leakage in parameter check of eddsa. + + commit 347987d4cf29b6a611b7fafa14fddeb50c0651d2 + * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_verify): Fix mem leak. + + ecc: Fix potential unintended freeing of an internal param. + + commit be68b3ee4fd1f85edc95eaad11c8fd52ccd27ccd + * cipher/ecc-curves.c (_gcry_ecc_get_mpi): Fix c+p error + + sexp: Fix uninitialized use of a var in the error case. + + commit 8cc7cac82ec2087c3e1ece56dbd12855a383f090 + * src/sexp.c (_gcry_sexp_vextract_param): Initialize L1. + +2018-06-19 Will Dietz + + random: Fix hang of _gcry_rndjent_get_version. + + commit 20c034865f2dd15ce2871385b6e29c15d1570539 + * random/rndjent.c (_gcry_rndjent_get_version): Move locking. + 2018-06-13 Werner Koch Release 1.8.3. diff --git a/Makefile.am b/Makefile.am index f97af7f..452cb96 100644 --- a/Makefile.am +++ b/Makefile.am @@ -14,8 +14,17 @@ # GNU Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public -# License along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later + +# Location of the released tarball archives. Note that this is an +# internal archive and before uploading this to the public server, +# manual tests should be run and the git release tagged and pushed. +# Adjust as needed. +RELEASE_ARCHIVE_DIR = wk@vigenere:tarballs/libgpg-error/ +# The key used to sign the released sources. Adjust as needed. +RELEASE_SIGNING_KEY = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 + ACLOCAL_AMFLAGS = -I m4 DISTCHECK_CONFIGURE_FLAGS = --disable-random-daemon --enable-doc \ @@ -92,3 +101,50 @@ gen-ChangeLog: stowinstall: $(MAKE) $(AM_MAKEFLAGS) install prefix=/usr/local/stow/libgcrypt + +# Macro to help the release target. +RELEASE_NAME = $(PACKAGE_TARNAME)-$(PACKAGE_VERSION) + +release: + +(set -e;\ + if [ "$(abs_top_builddir)" = "$(abs_top_srcdir)" ]; then \ + echo "error: build directory must not be the source directory" >&2;\ + exit 2;\ + fi ;\ + echo "/* Build started at $$(date -uIseconds) */" ;\ + cd $(top_srcdir); \ + ./autogen.sh --force; \ + cd $(abs_top_builddir); \ + rm -rf dist; mkdir dist ; cd dist ; \ + $(abs_top_srcdir)/configure --enable-maintainer-mode; \ + $(MAKE) distcheck; \ + echo "/* Build finished at $$(date -uIseconds) */" ;\ + echo "/*" ;\ + echo " * Please run the final step interactivly:" ;\ + echo " * make sign-release" ;\ + echo " */" ;\ + ) 2>&1 | tee "$(RELEASE_NAME).buildlog" + +sign-release: + +(set -e; \ + cd dist; \ + files1="$(RELEASE_NAME).tar.bz2 \ + $(RELEASE_NAME).tar.gz" ; \ + files2="$(RELEASE_NAME).tar.bz2.sig \ + $(RELEASE_NAME).tar.gz.sig \ + $(RELEASE_NAME).swdb \ + $(RELEASE_NAME).buildlog" ;\ + echo "/* Signing the source tarball ..." ;\ + gpg -sbu $(RELEASE_SIGNING_KEY) $(RELEASE_NAME).tar.bz2 ;\ + gpg -sbu $(RELEASE_SIGNING_KEY) $(RELEASE_NAME).tar.gz ;\ + cat $(RELEASE_NAME).swdb >swdb.snippet;\ + echo >>swdb.snippet ;\ + sha1sum $${files1} >>swdb.snippet ;\ + cat "../$(RELEASE_NAME).buildlog" swdb.snippet \ + | gzip >$(RELEASE_NAME).buildlog ;\ + echo "Copying to local archive ..." ;\ + scp -p $${files1} $${files2} $(RELEASE_ARCHIVE_DIR)/ || true;\ + echo '/*' ;\ + echo ' * All done; for checksums see dist/swdb.snippet' ;\ + echo ' */' ;\ + ) diff --git a/Makefile.in b/Makefile.in index c8edfa4..5bdfbdc 100644 --- a/Makefile.in +++ b/Makefile.in @@ -29,8 +29,8 @@ # GNU Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public -# License along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later VPATH = @srcdir@ am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' am__make_running_with_option = \ @@ -385,6 +385,14 @@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ + +# Location of the released tarball archives. Note that this is an +# internal archive and before uploading this to the public server, +# manual tests should be run and the git release tagged and pushed. +# Adjust as needed. +RELEASE_ARCHIVE_DIR = wk@vigenere:tarballs/libgpg-error/ +# The key used to sign the released sources. Adjust as needed. +RELEASE_SIGNING_KEY = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 ACLOCAL_AMFLAGS = -I m4 DISTCHECK_CONFIGURE_FLAGS = --disable-random-daemon --enable-doc \ --enable-random=auto @@ -404,6 +412,9 @@ EXTRA_DIST = autogen.sh autogen.rc README.GIT LICENSES \ DISTCLEANFILES = gen_start_date = 2011-12-01T14:00:00 + +# Macro to help the release target. +RELEASE_NAME = $(PACKAGE_TARNAME)-$(PACKAGE_VERSION) all: config.h $(MAKE) $(AM_MAKEFLAGS) all-recursive @@ -934,6 +945,50 @@ gen-ChangeLog: stowinstall: $(MAKE) $(AM_MAKEFLAGS) install prefix=/usr/local/stow/libgcrypt +release: + +(set -e;\ + if [ "$(abs_top_builddir)" = "$(abs_top_srcdir)" ]; then \ + echo "error: build directory must not be the source directory" >&2;\ + exit 2;\ + fi ;\ + echo "/* Build started at $$(date -uIseconds) */" ;\ + cd $(top_srcdir); \ + ./autogen.sh --force; \ + cd $(abs_top_builddir); \ + rm -rf dist; mkdir dist ; cd dist ; \ + $(abs_top_srcdir)/configure --enable-maintainer-mode; \ + $(MAKE) distcheck; \ + echo "/* Build finished at $$(date -uIseconds) */" ;\ + echo "/*" ;\ + echo " * Please run the final step interactivly:" ;\ + echo " * make sign-release" ;\ + echo " */" ;\ + ) 2>&1 | tee "$(RELEASE_NAME).buildlog" + +sign-release: + +(set -e; \ + cd dist; \ + files1="$(RELEASE_NAME).tar.bz2 \ + $(RELEASE_NAME).tar.gz" ; \ + files2="$(RELEASE_NAME).tar.bz2.sig \ + $(RELEASE_NAME).tar.gz.sig \ + $(RELEASE_NAME).swdb \ + $(RELEASE_NAME).buildlog" ;\ + echo "/* Signing the source tarball ..." ;\ + gpg -sbu $(RELEASE_SIGNING_KEY) $(RELEASE_NAME).tar.bz2 ;\ + gpg -sbu $(RELEASE_SIGNING_KEY) $(RELEASE_NAME).tar.gz ;\ + cat $(RELEASE_NAME).swdb >swdb.snippet;\ + echo >>swdb.snippet ;\ + sha1sum $${files1} >>swdb.snippet ;\ + cat "../$(RELEASE_NAME).buildlog" swdb.snippet \ + | gzip >$(RELEASE_NAME).buildlog ;\ + echo "Copying to local archive ..." ;\ + scp -p $${files1} $${files2} $(RELEASE_ARCHIVE_DIR)/ || true;\ + echo '/*' ;\ + echo ' * All done; for checksums see dist/swdb.snippet' ;\ + echo ' */' ;\ + ) + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/NEWS b/NEWS index b77980c..a4c5e20 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,26 @@ +Noteworthy changes in version 1.8.4 (2018-10-26) [C22/A2/R4] +------------------------------------------------ + + * Bug fixes: + + - Fix infinite loop due to applications using fork the wrong + way. [#3491] + + - Fix possible leak of a few bits of secret primes to pageable + memory. [#3848] + + - Fix possible hang in the RNG (1.8.3 only). [#4034] + + - Several minor fixes. [#4102,#4208,#4209,#4210,#4211,#4212] + + * Performance: + + - On Linux always make use of getrandom if possible and then use + its /dev/urandom behaviour. [#3894] + + Release-info: https://dev.gnupg.org/T4234 + + Noteworthy changes in version 1.8.3 (2018-06-13) [C22/A2/R3] ------------------------------------------------ @@ -16,6 +39,8 @@ Noteworthy changes in version 1.8.3 (2018-06-13) [C22/A2/R3] - Fix rare assertion failure in gcry_prime_check. + Release-info: https://dev.gnupg.org/T4016 + Noteworthy changes in version 1.8.2 (2017-12-13) [C22/A2/R2] ------------------------------------------------ diff --git a/README b/README index 7ac8e4a..8a3f2aa 100644 --- a/README +++ b/README @@ -26,14 +26,10 @@ The download canonical location for libgcrypt is: - ftp://ftp.gnupg.org/gcrypt/libgcrypt/ - or https://gnupg.org/ftp/gcrypt/libgcrypt/ To build libgcrypt you need libgpg-error: - ftp://ftp.gnupg.org/gcrypt/libgpg-error/ - or https://gnupg.org/ftp/gcrypt/libgpg-error/ You should get the latest versions of course. @@ -193,6 +189,9 @@ Build Problems -------------- + If you have a problem with a a certain release, please first check + the Release-info URL given in the NEWS file. + We can't check all assembler files, so if you have problems assembling them (or the program crashes) use --disable-asm with ./configure. If you opt to delete individual replacement files in diff --git a/VERSION b/VERSION index a7ee35a..bfa363e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.8.3 +1.8.4 diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 3488ed3..39bad1a 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -1193,7 +1193,7 @@ _gcry_ecc_get_mpi (const char *name, mpi_ec_t ec, int copy) if (!strcmp (name, "q.x") && ec->Q && ec->Q->x) return mpi_is_const (ec->Q->x) && !copy? ec->Q->x : mpi_copy (ec->Q->x); if (!strcmp (name, "q.y") && ec->Q && ec->Q->y) - return mpi_is_const (ec->G->y) && !copy? ec->Q->y : mpi_copy (ec->Q->y); + return mpi_is_const (ec->Q->y) && !copy? ec->Q->y : mpi_copy (ec->Q->y); /* If the base point has been requested, return it in standard encoding. */ diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index 813e030..89b708a 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -760,7 +760,10 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, ECC_public_key *pkey, pkey->E.p, pkey->E.a, pkey->E.b); b = ctx->nbits/8; if (b != 256/8) - return GPG_ERR_INTERNAL; /* We only support 256 bit. */ + { + rc = GPG_ERR_INTERNAL; /* We only support 256 bit. */ + goto leave; + } /* Decode and check the public key. */ rc = _gcry_ecc_eddsa_decodepoint (pk, ctx, &Q, &encpk, &encpklen); diff --git a/cipher/ecc.c b/cipher/ecc.c index 4e3e5b1..3f221a2 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -1392,6 +1392,7 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) unsigned char *rawmpi; unsigned int rawmpilen; + rc = 0; x = mpi_new (0); if (ec->model == MPI_EC_MONTGOMERY) y = NULL; @@ -1418,7 +1419,7 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) if (!(flags & PUBKEY_FLAG_DJB_TWEAK)) { /* It's not for X25519, then, the input data was simply wrong. */ rc = GPG_ERR_INV_DATA; - goto leave; + goto leave_main; } } if (y) @@ -1443,7 +1444,7 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) if (_gcry_mpi_ec_get_affine (x, y, &R, ec)) { rc = GPG_ERR_INV_DATA; - goto leave; + goto leave_main; } if (y) mpi_e = _gcry_ecc_ec2os (x, y, pk.E.p); @@ -1461,11 +1462,12 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) } } - + leave_main: mpi_free (x); mpi_free (y); - point_free (&R); + if (rc) + goto leave; } if (!rc) diff --git a/cipher/primegen.c b/cipher/primegen.c index ce5ad3c..e24de4d 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -758,7 +758,8 @@ gen_prime (unsigned int nbits, int secret, int randomlevel, if (nbits < 16) log_fatal ("can't generate a prime with less than %d bits\n", 16); - mods = xmalloc (no_of_small_prime_numbers * sizeof *mods); + mods = (secret? xmalloc_secure (no_of_small_prime_numbers * sizeof *mods) + /* */ : xmalloc (no_of_small_prime_numbers * sizeof *mods)); /* Make nbits fit into gcry_mpi_t implementation. */ val_2 = mpi_alloc_set_ui( 2 ); val_3 = mpi_alloc_set_ui( 3); diff --git a/configure b/configure index 017ce48..8e8ebff 100755 --- a/configure +++ b/configure @@ -1,7 +1,7 @@ #! /bin/sh # From configure.ac Revision. # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for libgcrypt 1.8.3. +# Generated by GNU Autoconf 2.69 for libgcrypt 1.8.4. # # Report bugs to . # @@ -591,8 +591,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libgcrypt' PACKAGE_TARNAME='libgcrypt' -PACKAGE_VERSION='1.8.3' -PACKAGE_STRING='libgcrypt 1.8.3' +PACKAGE_VERSION='1.8.4' +PACKAGE_STRING='libgcrypt 1.8.4' PACKAGE_BUGREPORT='http://bugs.gnupg.org' PACKAGE_URL='' @@ -1453,7 +1453,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libgcrypt 1.8.3 to adapt to many kinds of systems. +\`configure' configures libgcrypt 1.8.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1523,7 +1523,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libgcrypt 1.8.3:";; + short | recursive ) echo "Configuration of libgcrypt 1.8.4:";; esac cat <<\_ACEOF @@ -1692,7 +1692,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libgcrypt configure 1.8.3 +libgcrypt configure 1.8.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2344,7 +2344,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libgcrypt $as_me 1.8.3, which was +It was created by libgcrypt $as_me 1.8.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2699,7 +2699,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # (No interfaces changed: REVISION++) LIBGCRYPT_LT_CURRENT=22 LIBGCRYPT_LT_AGE=2 -LIBGCRYPT_LT_REVISION=3 +LIBGCRYPT_LT_REVISION=4 # If the API is changed in an incompatible way: increment the next counter. @@ -3231,7 +3231,7 @@ fi # Define the identity of the package. PACKAGE='libgcrypt' - VERSION='1.8.3' + VERSION='1.8.4' cat >>confdefs.h <<_ACEOF @@ -3486,7 +3486,7 @@ cat >>confdefs.h <<_ACEOF #define VERSION "$VERSION" _ACEOF -VERSION_NUMBER=0x010803 +VERSION_NUMBER=0x010804 @@ -18826,7 +18826,7 @@ fi # # Provide information about the build. # -BUILD_REVISION="5600d2d" +BUILD_REVISION="93775172" cat >>confdefs.h <<_ACEOF @@ -18835,7 +18835,7 @@ _ACEOF BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'` -BUILD_FILEVERSION="${BUILD_FILEVERSION}22016" +BUILD_FILEVERSION="${BUILD_FILEVERSION}37751" # Check whether --enable-build-timestamp was given. @@ -19503,7 +19503,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libgcrypt $as_me 1.8.3, which was +This file was extended by libgcrypt $as_me 1.8.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -19573,7 +19573,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libgcrypt config.status 1.8.3 +libgcrypt config.status 1.8.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index dfcd4ef..ce11162 100644 --- a/configure.ac +++ b/configure.ac @@ -30,7 +30,7 @@ min_automake_version="1.14" # for the LT versions. m4_define(mym4_version_major, [1]) m4_define(mym4_version_minor, [8]) -m4_define(mym4_version_micro, [3]) +m4_define(mym4_version_micro, [4]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag @@ -56,7 +56,7 @@ AC_INIT([libgcrypt],[mym4_full_version],[http://bugs.gnupg.org]) # (No interfaces changed: REVISION++) LIBGCRYPT_LT_CURRENT=22 LIBGCRYPT_LT_AGE=2 -LIBGCRYPT_LT_REVISION=3 +LIBGCRYPT_LT_REVISION=4 # If the API is changed in an incompatible way: increment the next counter. diff --git a/doc/fips-fsm.eps b/doc/fips-fsm.eps index e36c08c..31f52d0 100644 --- a/doc/fips-fsm.eps +++ b/doc/fips-fsm.eps @@ -1,7 +1,7 @@ %!PS-Adobe-3.0 EPSF-3.0 %%Title: /home/wk/s/libgcrypt-1.8/doc/fips-fsm.fig %%Creator: fig2dev Version 3.2 Patchlevel 5e -%%CreationDate: Thu Nov 23 19:46:17 2017 +%%CreationDate: Fri Oct 26 19:32:26 2018 %%BoundingBox: 0 0 497 579 %Magnification: 1.0000 %%EndComments diff --git a/doc/fips-fsm.pdf b/doc/fips-fsm.pdf index 5a50439bd5f6c31ff7c7ff1413ac196e6386c576..d5cd79569f14f2bf97ea89fd5041655f095fa1a8 100644 GIT binary patch delta 308 zcmbQ1G%abvTTP)v3&T{)L}PPZLqjt|AdzM=`M+ihc44W>>$S{;Ep!bHbdAhH3@xpU zjjW8!wGE6W|IpIFDsHUZi_54t+Vh(1F|`G=MUR&itPUR*}K(YD7XWvgS3P58g2)aC^`Hy91f4GoQq4J}Q~z!s|; z7^rJ<>HFrVxFnXOYPeV#85p9f*t|kdfXT_x+{MV)*~G-f#MRiu+|k+4&CJlu+}Pa3 T#L?8i$ko-(hLDQMzYJsmK_pR9 diff --git a/doc/gcrypt.info b/doc/gcrypt.info index a8be43d..af94f12 100644 --- a/doc/gcrypt.info +++ b/doc/gcrypt.info @@ -1,6 +1,6 @@ This is gcrypt.info, produced by makeinfo version 6.3 from gcrypt.texi. -This manual is for Libgcrypt (version 1.8.3, 13 June 2018), which is +This manual is for Libgcrypt (version 1.8.4, 24 October 2018), which is GNU's library of cryptographic building blocks. Copyright (C) 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009, 2011, 2012 @@ -20,114 +20,114 @@ END-INFO-DIR-ENTRY  Indirect: -gcrypt.info-1: 835 -gcrypt.info-2: 300845 +gcrypt.info-1: 838 +gcrypt.info-2: 300899  Tag Table: (Indirect) -Node: Top835 -Node: Introduction3361 -Node: Getting Started3733 -Node: Features4613 -Node: Overview5397 -Node: Preparation6020 -Node: Header6943 -Node: Building sources8014 -Node: Building sources using Automake9931 -Node: Initializing the library11859 -Ref: sample-use-suspend-secmem14927 -Ref: sample-use-resume-secmem15770 -Node: Multi-Threading16673 -Ref: Multi-Threading-Footnote-117852 -Node: Enabling FIPS mode18261 -Ref: enabling fips mode18442 -Node: Hardware features20254 -Ref: hardware features20421 -Ref: Hardware features-Footnote-121502 -Node: Generalities21663 -Node: Controlling the library21922 -Node: Error Handling40093 -Node: Error Values42632 -Node: Error Sources47572 -Node: Error Codes49840 -Node: Error Strings53316 -Node: Handler Functions54500 -Node: Progress handler55059 -Node: Allocation handler57208 -Node: Error handler58754 -Node: Logging handler60320 -Node: Symmetric cryptography60912 -Node: Available ciphers61652 -Node: Available cipher modes64333 -Node: Working with cipher handles68186 -Node: General cipher functions79690 -Node: Public Key cryptography83216 -Node: Available algorithms83982 -Node: Used S-expressions84331 -Node: RSA key parameters85448 -Node: DSA key parameters86723 -Node: ECC key parameters87377 -Ref: ecc_keyparam87528 -Node: Cryptographic Functions89399 -Node: General public-key related Functions101246 -Node: Hashing114915 -Node: Available hash algorithms115648 -Node: Working with hash algorithms121611 -Node: Message Authentication Codes135743 -Node: Available MAC algorithms136411 -Node: Working with MAC algorithms141573 -Node: Key Derivation147561 -Node: Random Numbers149963 -Node: Quality of random numbers150246 -Node: Retrieving random numbers150929 -Node: S-expressions152418 -Node: Data types for S-expressions153063 -Node: Working with S-expressions153389 -Node: MPI library167054 -Node: Data types168076 -Node: Basic functions168385 -Node: MPI formats170849 -Node: Calculations174373 -Node: Comparisons176642 -Node: Bit manipulations177645 -Node: EC functions178967 -Ref: gcry_mpi_ec_new181916 -Node: Miscellaneous187475 -Node: Prime numbers191619 -Node: Generation191889 -Node: Checking193176 -Node: Utilities193586 -Node: Memory allocation193963 -Node: Context management195319 -Ref: gcry_ctx_release195757 -Node: Buffer description195918 -Node: Config reporting196705 -Node: Tools197655 -Node: hmac256197822 -Node: Configuration198828 -Node: Architecture201881 -Ref: fig:subsystems203405 -Ref: Architecture-Footnote-1204491 -Ref: Architecture-Footnote-2204553 -Node: Public-Key Subsystem Architecture204637 -Node: Symmetric Encryption Subsystem Architecture206915 -Node: Hashing and MACing Subsystem Architecture208361 -Node: Multi-Precision-Integer Subsystem Architecture210284 -Node: Prime-Number-Generator Subsystem Architecture211722 -Ref: Prime-Number-Generator Subsystem Architecture-Footnote-1213653 -Node: Random-Number Subsystem Architecture213945 -Node: CSPRNG Description216894 -Ref: CSPRNG Description-Footnote-1218450 -Node: FIPS PRNG Description218573 -Node: Self-Tests220707 -Node: FIPS Mode232166 -Ref: fig:fips-fsm235992 -Ref: tbl:fips-states236095 -Ref: tbl:fips-state-transitions237347 -Node: Library Copying240968 -Node: Copying269074 -Node: Figures and Tables288250 -Node: Concept Index288675 -Node: Function and Data Index300845 +Node: Top838 +Node: Introduction3367 +Node: Getting Started3739 +Node: Features4619 +Node: Overview5403 +Node: Preparation6026 +Node: Header6949 +Node: Building sources8020 +Node: Building sources using Automake9937 +Node: Initializing the library11865 +Ref: sample-use-suspend-secmem14933 +Ref: sample-use-resume-secmem15776 +Node: Multi-Threading16679 +Ref: Multi-Threading-Footnote-117858 +Node: Enabling FIPS mode18267 +Ref: enabling fips mode18448 +Node: Hardware features20260 +Ref: hardware features20427 +Ref: Hardware features-Footnote-121508 +Node: Generalities21669 +Node: Controlling the library21928 +Node: Error Handling40099 +Node: Error Values42638 +Node: Error Sources47578 +Node: Error Codes49846 +Node: Error Strings53322 +Node: Handler Functions54506 +Node: Progress handler55065 +Node: Allocation handler57214 +Node: Error handler58760 +Node: Logging handler60326 +Node: Symmetric cryptography60918 +Node: Available ciphers61658 +Node: Available cipher modes64339 +Node: Working with cipher handles68192 +Node: General cipher functions79696 +Node: Public Key cryptography83222 +Node: Available algorithms83988 +Node: Used S-expressions84337 +Node: RSA key parameters85454 +Node: DSA key parameters86729 +Node: ECC key parameters87383 +Ref: ecc_keyparam87534 +Node: Cryptographic Functions89405 +Node: General public-key related Functions101252 +Node: Hashing114921 +Node: Available hash algorithms115654 +Node: Working with hash algorithms121617 +Node: Message Authentication Codes135749 +Node: Available MAC algorithms136417 +Node: Working with MAC algorithms141579 +Node: Key Derivation147567 +Node: Random Numbers149969 +Node: Quality of random numbers150252 +Node: Retrieving random numbers150935 +Node: S-expressions152424 +Node: Data types for S-expressions153069 +Node: Working with S-expressions153395 +Node: MPI library167105 +Node: Data types168127 +Node: Basic functions168436 +Node: MPI formats170900 +Node: Calculations174424 +Node: Comparisons176693 +Node: Bit manipulations177696 +Node: EC functions179018 +Ref: gcry_mpi_ec_new181967 +Node: Miscellaneous187526 +Node: Prime numbers191670 +Node: Generation191940 +Node: Checking193227 +Node: Utilities193637 +Node: Memory allocation194014 +Node: Context management195370 +Ref: gcry_ctx_release195808 +Node: Buffer description195969 +Node: Config reporting196756 +Node: Tools197706 +Node: hmac256197873 +Node: Configuration198879 +Node: Architecture201932 +Ref: fig:subsystems203456 +Ref: Architecture-Footnote-1204542 +Ref: Architecture-Footnote-2204604 +Node: Public-Key Subsystem Architecture204688 +Node: Symmetric Encryption Subsystem Architecture206966 +Node: Hashing and MACing Subsystem Architecture208412 +Node: Multi-Precision-Integer Subsystem Architecture210335 +Node: Prime-Number-Generator Subsystem Architecture211773 +Ref: Prime-Number-Generator Subsystem Architecture-Footnote-1213704 +Node: Random-Number Subsystem Architecture213996 +Node: CSPRNG Description216945 +Ref: CSPRNG Description-Footnote-1218501 +Node: FIPS PRNG Description218624 +Node: Self-Tests220758 +Node: FIPS Mode232217 +Ref: fig:fips-fsm236043 +Ref: tbl:fips-states236146 +Ref: tbl:fips-state-transitions237398 +Node: Library Copying241019 +Node: Copying269125 +Node: Figures and Tables288301 +Node: Concept Index288726 +Node: Function and Data Index300899  End Tag Table diff --git a/doc/gcrypt.info-1 b/doc/gcrypt.info-1 index e7d247a..3acfec9 100644 --- a/doc/gcrypt.info-1 +++ b/doc/gcrypt.info-1 @@ -1,6 +1,6 @@ This is gcrypt.info, produced by makeinfo version 6.3 from gcrypt.texi. -This manual is for Libgcrypt (version 1.8.3, 13 June 2018), which is +This manual is for Libgcrypt (version 1.8.4, 24 October 2018), which is GNU's library of cryptographic building blocks. Copyright (C) 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009, 2011, 2012 @@ -24,7 +24,7 @@ File: gcrypt.info, Node: Top, Next: Introduction, Up: (dir) The Libgcrypt Library ********************* -This manual is for Libgcrypt (version 1.8.3, 13 June 2018), which is +This manual is for Libgcrypt (version 1.8.4, 24 October 2018), which is GNU's library of cryptographic building blocks. Copyright (C) 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009, 2011, 2012 @@ -4016,13 +4016,13 @@ There are functions to parse S-expressions and retrieve elements: prior to invoking this function, and finally a 'NULL' is expected. For example - _gcry_sexp_extract_param (key, NULL, "n/x+e d-'foo'", - &mpi_n, &mpi_x, &mpi_e, &mpi_foo, NULL) + gcry_sexp_extract_param (key, NULL, "n/x+e d-'foo'", + &mpi_n, &mpi_x, &mpi_e, &mpi_d, &mpi_foo, NULL) stores the parameter 'n' from KEY as an unsigned MPI into MPI_N, - the parameter 'x' as an opaque MPI into MPI_X, the parameter 'e' - again as an unsigned MPI into MPI_E, and the parameter 'foo' as a - signed MPI. + the parameter 'x' as an opaque MPI into MPI_X, the parameters 'e' + and 'd' again as an unsigned MPI into MPI_E and MPI_D and finally + the parameter 'foo' as a signed MPI into MPI_FOO. PATH is an optional string used to locate a token. The exclamation mark separated tokens are used via 'gcry_sexp_find_token' to find a diff --git a/doc/gcrypt.info-2 b/doc/gcrypt.info-2 index d9a5ab4fe9b1f440709855b95cb400d4ba22123d..2e683e3779851ca2ef7ec381409149ee11deeb15 100644 GIT binary patch delta 26 icmaF6h4I4{#tFr|COQg6CJO$^CHYCIMH_2BL;?VhB?_Ye delta 23 fcmeych4Jkc#tFq-#ySdy#tL4gd8r#4K12cla>xl} diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index c18b498..c32748f 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -4454,14 +4454,15 @@ an @code{gcry_mpi_t} variable is expected that must be set to is expected. For example @example - _gcry_sexp_extract_param (key, NULL, "n/x+e d-'foo'", - &mpi_n, &mpi_x, &mpi_e, &mpi_foo, NULL) + gcry_sexp_extract_param (key, NULL, "n/x+e d-'foo'", + &mpi_n, &mpi_x, &mpi_e, &mpi_d, &mpi_foo, NULL) @end example stores the parameter 'n' from @var{key} as an unsigned MPI into @var{mpi_n}, the parameter 'x' as an opaque MPI into @var{mpi_x}, the -parameter 'e' again as an unsigned MPI into @var{mpi_e}, and the -parameter 'foo' as a signed MPI. +parameters 'e' and 'd' again as an unsigned MPI into @var{mpi_e} and +@var{mpi_d} and finally the parameter 'foo' as a signed MPI into +@var{mpi_foo}. @var{path} is an optional string used to locate a token. The exclamation mark separated tokens are used via diff --git a/doc/libgcrypt-modules.eps b/doc/libgcrypt-modules.eps index 832f492..61c60ab 100644 --- a/doc/libgcrypt-modules.eps +++ b/doc/libgcrypt-modules.eps @@ -1,7 +1,7 @@ %!PS-Adobe-3.0 EPSF-3.0 %%Title: /home/wk/s/libgcrypt-1.8/doc/libgcrypt-modules.fig %%Creator: fig2dev Version 3.2 Patchlevel 5e -%%CreationDate: Thu Nov 23 19:46:17 2017 +%%CreationDate: Fri Oct 26 19:32:26 2018 %%BoundingBox: 0 0 488 300 %Magnification: 1.0000 %%EndComments diff --git a/doc/libgcrypt-modules.pdf b/doc/libgcrypt-modules.pdf index 27308bf5449450b97c04cfe38fa7ae7ac91096a3..6311b1be8f42c985e57eac3ef87cad8b6db49b9b 100644 GIT binary patch delta 312 zcmexn{>^;D4-uh63&T{)L}PPZLqjt|AdzM=d7`+~WEIgYTvEG4&4ev<4GnaS%t8z; zt&EMVjLfwSj3zUSX{7y$qs3LQNNt`d{+rRj!qC9T%+S)<2yC&s zfq}Xvm%eX)ic4Zis)mb|k%1wqip_f@?=m{M85miZxw@KI7&^O}I$D^zIypO<8d?~c UIk{Mxnz^;D4-p|FV>5$f69Z#i0}IO}T|>h( zX=P$&WoWK#U^tmsOarU9omej}qrQvTW0w-194)SbMQZaz@!yOF=7xqw#)g(AW?+le z4Gh#Zx%7SWQ(O{DQZ-zxj0_A>RcziPd6&`2)xg=%(bUD&z{0@7)XB-k+04z*(aF-n U#l_gn*wN6^&W4bR$+xAY0X*+c^8f$< diff --git a/doc/stamp-vti b/doc/stamp-vti index 3d08533..ccc0155 100644 --- a/doc/stamp-vti +++ b/doc/stamp-vti @@ -1,4 +1,4 @@ -@set UPDATED 13 June 2018 -@set UPDATED-MONTH June 2018 -@set EDITION 1.8.3 -@set VERSION 1.8.3 +@set UPDATED 24 October 2018 +@set UPDATED-MONTH October 2018 +@set EDITION 1.8.4 +@set VERSION 1.8.4 diff --git a/doc/version.texi b/doc/version.texi index 3d08533..ccc0155 100644 --- a/doc/version.texi +++ b/doc/version.texi @@ -1,4 +1,4 @@ -@set UPDATED 13 June 2018 -@set UPDATED-MONTH June 2018 -@set EDITION 1.8.3 -@set VERSION 1.8.3 +@set UPDATED 24 October 2018 +@set UPDATED-MONTH October 2018 +@set EDITION 1.8.4 +@set VERSION 1.8.4 diff --git a/doc/yat2m.c b/doc/yat2m.c index 7599081..3c7b363 100644 --- a/doc/yat2m.c +++ b/doc/yat2m.c @@ -1,5 +1,5 @@ /* yat2m.c - Yet Another Texi 2 Man converter - * Copyright (C) 2005, 2013, 2015, 2016 g10 Code GmbH + * Copyright (C) 2005, 2013, 2015, 2016, 2017 g10 Code GmbH * Copyright (C) 2006, 2008, 2011 Free Software Foundation, Inc. * * This program is free software; you can redistribute it and/or modify @@ -128,7 +128,11 @@ #define PGM "yat2m" -#define VERSION "1.0" +#ifdef PACKAGE_VERSION +# define VERSION PACKAGE_VERSION +#else +# define VERSION "1.0" +#endif /* The maximum length of a line including the linefeed and one extra character. */ @@ -353,7 +357,7 @@ ascii_strupr (char *string) const char * isodatestring (void) { - static char buffer[11+5]; + static char buffer[36]; struct tm *tp; time_t atime; @@ -482,6 +486,9 @@ evaluate_conditions (const char *fname, int lnr) { int i; + (void)fname; + (void)lnr; + /* for (i=0; i < condition_stack_idx; i++) */ /* inf ("%s:%d: stack[%d] %s %s %c", */ /* fname, lnr, i, condition_stack[i]->isset? "set":"clr", */ @@ -729,7 +736,8 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, { "asis", 7 }, { "anchor", 7 }, { "cartouche", 1 }, - { "xref", 0, "see: [", "]" }, + { "ref", 0, "[", "]" }, + { "xref", 0, "See: [", "]" }, { "pxref", 0, "see: [", "]" }, { "uref", 0, "(\\fB", "\\fR)" }, { "footnote",0, " ([", "])" }, @@ -746,7 +754,7 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, { "subsection", 6, "\n.SS " }, { "chapheading", 0}, { "item", 2, ".TP\n.B " }, - { "itemx", 2, ".TP\n.B " }, + { "itemx", 2, ".TQ\n.B " }, { "table", 3 }, { "itemize", 3 }, { "bullet", 0, "* " }, @@ -793,6 +801,8 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, { if ((*table_level)-- > 1) fputs (".RE\n", fp); + else + fputs (".P\n", fp); } else if (n >= 7 && !memcmp (s, "example", 7) && (!n || s[7] == ' ' || s[7] == '\t' || s[7] == '\n')) @@ -850,18 +860,20 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, } else { - size_t len = s - (rest + 1); + size_t rlen = s - (rest + 1); macro_t m; for (m = variablelist; m; m = m->next) - if (strlen (m->name) == len - &&!strncmp (m->name, rest+1, len)) - break; + { + if (strlen (m->name) == rlen + && !strncmp (m->name, rest+1, rlen)) + break; + } if (m) fputs (m->value, fp); else inf ("texinfo variable '%.*s' is not set", - (int)len, rest+1); + (int)rlen, rest+1); } } break; @@ -1475,6 +1487,7 @@ int main (int argc, char **argv) { int last_argc = -1; + const char *s; opt_source = "GNU"; opt_release = ""; @@ -1513,13 +1526,13 @@ main (int argc, char **argv) " -I DIR also search in include DIR\n" " -D gpgone the only usable define\n\n" "With no FILE, or when FILE is -, read standard input.\n\n" - "Report bugs to ."); + "Report bugs to ."); exit (0); } else if (!strcmp (*argv, "--version")) { puts (PGM " " VERSION "\n" - "Copyright (C) 2005 g10 Code GmbH\n" + "Copyright (C) 2005, 2017 g10 Code GmbH\n" "This program comes with ABSOLUTELY NO WARRANTY.\n" "This is free software, and you are welcome to redistribute it\n" "under certain conditions. See the file COPYING for details."); @@ -1608,6 +1621,11 @@ main (int argc, char **argv) if (argc > 1) die ("usage: " PGM " [OPTION] [FILE] (try --help for more information)\n"); + /* Take care of supplied timestamp for reproducible builds. See + * https://reproducible-builds.org/specs/source-date-epoch/ */ + if (!opt_date && (s = getenv ("SOURCE_DATE_EPOCH")) && *s) + opt_date = s; + /* Start processing. */ if (argc && strcmp (*argv, "-")) { diff --git a/random/rndjent.c b/random/rndjent.c index 0c5a820..3740ddd 100644 --- a/random/rndjent.c +++ b/random/rndjent.c @@ -334,9 +334,10 @@ _gcry_rndjent_get_version (int *r_active) { if (r_active) { - lock_rng (); /* Make sure the RNG is initialized. */ _gcry_rndjent_poll (NULL, 0, 0); + + lock_rng (); /* To ease debugging we store 2 for a clock_gettime based * implementation and 1 for a rdtsc based code. */ *r_active = jent_rng_collector? is_rng_available () : 0; diff --git a/random/rndlinux.c b/random/rndlinux.c index 1bb7c76..fefc3c3 100644 --- a/random/rndlinux.c +++ b/random/rndlinux.c @@ -104,9 +104,10 @@ open_device (const char *name, int retry) /* Note that the caller needs to make sure that this function is only - called by one thread at a time. The function returns 0 on success - or true on failure (in which case the caller will signal a fatal - error). */ + * called by one thread at a time. The function returns 0 on success + * or true on failure (in which case the caller will signal a fatal + * error). This function should be entered only by one thread at a + * time. */ int _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, enum random_origins), @@ -117,6 +118,11 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, static int fd_random = -1; static int only_urandom = -1; static unsigned char ever_opened; + static volatile pid_t my_pid; /* The volatile is there to make sure + * the compiler does not optimize the + * code away in case the getpid + * function is badly attributed. */ + volatile pid_t apid; int fd; int n; byte buffer[768]; @@ -130,13 +136,13 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, * use only urandom. */ if (only_urandom == -1) { + my_pid = getpid (); if ((_gcry_random_read_conf () & RANDOM_CONF_ONLY_URANDOM)) only_urandom = 1; else only_urandom = 0; } - if (!add) { /* Special mode to close the descriptors. */ @@ -153,6 +159,25 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, return 0; } + /* Detect a fork and close the devices so that we don't use the old + * file descriptors. Note that open_device will be called in retry + * mode if the devices was opened by the parent process. */ + apid = getpid (); + if (my_pid != apid) + { + if (fd_random != -1) + { + close (fd_random); + fd_random = -1; + } + if (fd_urandom != -1) + { + close (fd_urandom); + fd_urandom = -1; + } + my_pid = apid; + } + /* First read from a hardware source. However let it account only for up to 50% (or 25% for RDRAND) of the requested bytes. */ @@ -220,17 +245,16 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, struct timeval tv; int rc; - /* If we have a modern Linux kernel and we want to read from the - * the non-blocking /dev/urandom, we first try to use the new + /* If we have a modern Linux kernel, we first try to use the new * getrandom syscall. That call guarantees that the kernel's * RNG has been properly seeded before returning any data. This * is different from /dev/urandom which may, due to its * non-blocking semantics, return data even if the kernel has - * not been properly seeded. Unfortunately we need to use a + * not been properly seeded. And it differs from /dev/random by never + * blocking once the kernel is seeded. Unfortunately we need to use a * syscall and not a new device and thus we are not able to use * select(2) to have a timeout. */ #if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) - if (fd == fd_urandom) { long ret; size_t nbytes; @@ -247,7 +271,7 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, } while (ret == -1 && errno == EINTR); if (ret == -1 && errno == ENOSYS) - ; /* The syscall is not supported - fallback to /dev/urandom. */ + ; /* The syscall is not supported - fallback to pulling from fd. */ else { /* The syscall is supported. Some sanity checks. */ if (ret == -1) diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 89b1303..75c49a0 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1311,7 +1311,7 @@ gpg_error_t gcry_md_extract (gcry_md_hd_t hd, int algo, void *buffer, size_t length); /* Convenience function to calculate the hash from the data in BUFFER - of size LENGTH using the algorithm ALGO avoiding the creating of a + of size LENGTH using the algorithm ALGO avoiding the creation of a hash object. The hash is returned in the caller provided buffer DIGEST which must be large enough to hold the digest of the given algorithm. */ diff --git a/src/secmem.c b/src/secmem.c index 79c135f..3e091d8 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -658,7 +658,10 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) pool->size = auto_expand? auto_expand : STANDARD_POOL_SIZE; pool->mem = malloc (pool->size); if (!pool->mem) - return NULL; /* Not enough memory available for a new pool. */ + { + free (pool); + return NULL; /* Not enough memory available for a new pool. */ + } /* Initialize first memory block. */ mb = (memblock_t *) pool->mem; mb->size = pool->size - BLOCK_HEAD_SIZE; diff --git a/src/sexp.c b/src/sexp.c index 9d89268..f2a164c 100644 --- a/src/sexp.c +++ b/src/sexp.c @@ -2232,7 +2232,7 @@ _gcry_sexp_vextract_param (gcry_sexp_t sexp, const char *path, gcry_mpi_t *array[20]; char arrayisdesc[20]; int idx; - gcry_sexp_t l1; + gcry_sexp_t l1 = NULL; int mode = '+'; /* Default to GCRYMPI_FMT_USG. */ gcry_sexp_t freethis = NULL; -- 2.7.4