Am 10.12.03 19:30 schrieb(en) Albrecht Dreß:
> I can confirm that there is a problem with a double-free when handling
> OpenPGP (RFC2440) messages. I could reproduce it when running balsa with
> nice -10 and compiling gcc 3.3.2 in parallel...
O.k., just say that I'm completely dumb!!! When moving the big blocks of
gpgme code in src/balsa-message.c to separate functions, I passed the text
buf as char *, freed it, and set it to a new (decrypted/sig verified)
buffer. Replacing the parameter by the correct char ** removes the crash
(surprise). Sorry again! The patch below against today's cvs fixes the
problem. Btw, today's cvs doesn't compile cleanly:
message-window.c: In function `mw_destroy_window':
message-window.c:469: warning: no return statement in function returning
non-void
message-window.c:744: warning: control reaches end of non-void function
Maybe this way I can insinuate two more patches into the cvs, both
contained below...
The first one fixes a potentially critical security problem, as currently
the passphrase cache is only erased from memory when balsa crashes, not if
it exits cleanly. This is fixed in libbalsa/rfc3156.c (there are still
some debug statements to stderr, to be removed in the future).
The second one, also in libbalsa/rfc3156.c, is cosmetical: it constructs
the key selection and passphrase entry dialogs according to the HIG
(mostly at least). To this end, I also added a new icon which according to
a discussion in the hig is supposed to move into mainstream gtk+ (stolen
from there), so it might be removed and replaced by a stock icon later.
Cheers, Albrecht.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Albrecht Dreß - Johanna-Kirchner-Straße 13 - D-53123 Bonn (Germany)
Phone (+49) 228 6199571 - mailto:albrecht.dress@arcor.de
_________________________________________________________________________
balsa-rfc3156-patch-2003-12-10.gz