diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-12 10:22:37 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-12 10:29:26 +0200 |
commit | c59df1554b55748ea95ad1a89a6bcb6ab91963d2 (patch) | |
tree | a6ce6548b4c3a32bca4b4cabd25623ec8d5350f7 | |
parent | b3c508908e78455cd5588c2cb0663d0386182a96 (diff) | |
download | gnutls-c59df1554b55748ea95ad1a89a6bcb6ab91963d2.tar.gz |
gnutls_certificate_set_*key: ensure proper cleanup on key mismatch failures
That is, ensure that we keep no local references that are shared with
the caller, and that we properly free all initialized values.
-rw-r--r-- | lib/x509.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/x509.c b/lib/x509.c index 47347dfbf1..efdc1f37bd 100644 --- a/lib/x509.c +++ b/lib/x509.c @@ -1169,9 +1169,12 @@ gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res, res->ncerts++; + /* after this point we do not deinitialize anything on failure to avoid + * double freeing. We intentionally keep everything as the credentials state + * is documented to be on undefined state. */ if ((ret = _gnutls_check_key_cert_match(res)) < 0) { gnutls_assert(); - goto cleanup; + return ret; } return res->ncerts-1; @@ -1387,9 +1390,15 @@ gnutls_certificate_set_key(gnutls_certificate_credentials_t res, res->ncerts++; + /* Unlike gnutls_certificate_set_x509_key, we deinitialize everything + * local after a failure. That is because the caller is responsible for + * freeing these values after a failure, and if we keep references we + * lead to double freeing */ if ((ret = _gnutls_check_key_cert_match(res)) < 0) { gnutls_assert(); - return ret; + gnutls_free(new_pcert_list); + res->ncerts--; + goto cleanup; } return res->ncerts-1; |