diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-12 10:22:37 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-12 14:14:32 +0200 |
commit | ef8fb11dc5a88ec7d77a3ac273ffe336098a3431 (patch) | |
tree | ce907711764e403b80c396cd9443742a6f3cbcb7 | |
parent | 5057040fdefc7d6724ef1f1285c73fb36ba67b7f (diff) | |
download | gnutls-ef8fb11dc5a88ec7d77a3ac273ffe336098a3431.tar.gz |
gnutls_certificate_set_*key: ensure proper cleanup on key mismatch failures
That is, ensure that we keep no local references that are shared with
the caller, and that we properly free all initialized values.
-rw-r--r-- | lib/gnutls_x509.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 22dea94fdf..132be49dcc 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -1144,6 +1144,9 @@ gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res, res->ncerts++; + /* after this point we do not deinitialize anything on failure to avoid + * double freeing. We intentionally keep everything as the credentials state + * is documented to be on undefined state. */ if ((ret = _gnutls_check_key_cert_match(res)) < 0) { gnutls_assert(); return ret; @@ -1260,9 +1263,15 @@ gnutls_certificate_set_key(gnutls_certificate_credentials_t res, res->ncerts++; + /* Unlike gnutls_certificate_set_x509_key, we deinitialize everything + * local after a failure. That is because the caller is responsible for + * freeing these values after a failure, and if we keep references we + * lead to double freeing */ if ((ret = _gnutls_check_key_cert_match(res)) < 0) { gnutls_assert(); - return ret; + gnutls_free(new_pcert_list); + res->ncerts--; + goto cleanup; } return 0; |