Fix possible realloc overflow for gpgsm and uiserver engines.
[gpgme.git] / src / engine-uiserver.c
index a0008e4..a7184b7 100644 (file)
@@ -296,7 +296,7 @@ uiserver_new (void **engine, const char *file_name, const char *home_dir)
 
   err = assuan_socket_connect (uiserver->assuan_ctx,
                               file_name ?
-                              file_name : _gpgme_get_uiserver_socket_path (),
+                              file_name : _gpgme_get_default_uisrv_socket (),
                               0, ASSUAN_SOCKET_SERVER_FDPASSING);
   if (err)
     goto leave;
@@ -698,7 +698,7 @@ status_handler (void *opaque, int fd)
              else
                {
                  *aline = newline;
-                 uiserver->colon.attic.linesize += linelen + 1;
+                 uiserver->colon.attic.linesize = *alinelen + linelen + 1;
                }
            }
          if (!err)
@@ -1302,7 +1302,7 @@ uiserver_io_event (void *engine, gpgme_event_io_t type, void *type_data)
 struct engine_ops _gpgme_engine_ops_uiserver =
   {
     /* Static functions.  */
-    _gpgme_get_uiserver_socket_path,
+    _gpgme_get_default_uisrv_socket,
     NULL,
     uiserver_get_version,
     uiserver_get_req_version,
@@ -1340,5 +1340,6 @@ struct engine_ops _gpgme_engine_ops_uiserver =
     uiserver_cancel,
     NULL,              /* cancel_op */
     NULL,               /* passwd */
-    NULL                /* set_pinentry_mode */
+    NULL,                /* set_pinentry_mode */
+    NULL                /* opspawn */
   };