Date: Mon, 29 Dec 2014 21:46:42 +0100 From: Florian Weimer <fw@...eb.enyo.de> To: oss-security@...ts.openwall.com Subject: Re: CVE Request(s): libgcrypt * Joshua Rogers: > Double free of 'hd': > http://lists.gnupg.org/pipermail/gcrypt-devel/2014-December/003300.html The patch seems incorrect because the copy of the pointer in the caller is not updated when first free happens. The error can only happen on a path with an allocation failure, right? > off-by-one out-of-bounds read: > http://lists.gnupg.org/pipermail/gcrypt-devel/2014-December/003299.html This doesn't look like a security issue because the callers all use in-range values.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.