From 27a4ad25c65fa7b4fdbbe53b3551a687a9b43214 Mon Sep 17 00:00:00 2001
From: Pekka Riikonen <priikone@silcnet.org>
Date: Tue, 25 May 2010 07:24:28 +0300
Subject: [PATCH] Client: Fix signature verification double free

When client receives public key in the message payload and is compared
against the client's own public key, when the keys differ we have to
return immediately and not try to verify the signature.
---
 apps/irssi/src/silc/core/client_ops.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/apps/irssi/src/silc/core/client_ops.c b/apps/irssi/src/silc/core/client_ops.c
index cfefe327..a4d53b76 100644
--- a/apps/irssi/src/silc/core/client_ops.c
+++ b/apps/irssi/src/silc/core/client_ops.c
@@ -262,10 +262,11 @@ int verify_message_signature(SilcClientEntry sender,
 				      sizeof(sender->fingerprint));
       if (strcmp(fingerprint, fingerprint2)) {
         /* since the public key differs from the senders public key, the
-           verification _failed_ */
+           verification won't be done */
         silc_pkcs_public_key_free(pk);
         silc_free(fingerprint);
-        ret = SILC_MSG_SIGNED_UNKNOWN;
+        silc_free(fingerprint2);
+	return SILC_MSG_SIGNED_UNKNOWN;
       }
       silc_free(fingerprint2);
     }
-- 
2.24.0