GNU bug report logs - #31946
27.0.50; The NSM should warn about more TLS problems

Previous Next

Package: emacs;

Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>

Date: Sat, 23 Jun 2018 10:39:02 UTC

Severity: normal

Tags: fixed, security

Found in version 27.0.50

Fixed in version 27.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

Message #156 received at 31946 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Andy Moreton <andrewjmoreton <at> gmail.com>
Cc: 31946 <at> debbugs.gnu.org
Subject: Re: bug#31946: 27.0.50; The NSM should warn about more TLS problems
Date: Mon, 26 Aug 2019 22:36:39 +0300

> From: Andy Moreton <andrewjmoreton <at> gmail.com>
> Date: Mon, 26 Aug 2019 19:19:56 +0100
> 
> On Mon 26 Aug 2019, Eli Zaretskii wrote:
> 
> >> Agreed, but master built from commit 1071a4f still crashes in the same
> >> way:
> >
> > Can you show a recipe?
> 
> 1) Delete ~/.emacs.d/network-security.data (to ensure NSM will query the user).
> 2) Run "emacs -Q"
> 3) "M-x list-packages", and at the NSM prompt, answer 'a' or 's' or 'd'.

Looks like something is wrong with how I'm using gnutls_free when it
comes from the DLL.  I need to look into that.

> >> Removing both xfree(out.data) and xfree(out_buf) from the end of
> >> that function does give me a running emacs.
> >
> > It may run, but it leaks memory.
> 
> Agreed - it is a data point to explore the problem rather than a
> solution.

The xmalloc is actually not needed at all, because we can create the
Lisp string directly.  But that's not the problem here, the problem
is the call to gnutls_free.
This bug report was last modified 5 years and 328 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.