From cb7b638a1e3493357b44bfc7ee1138b840fdb0e1 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@gnome.org>
Date: Mon, 12 Oct 2020 16:33:54 -0500
Subject: pkcs11: fix session leak in error path

gnutls_pkcs11_obj_set_info() fails to call pkcs11_close_session() after
a successful pkcs11_open_session() if called with an invalid itype
parameter. That would be programmer error, of course, but better not
forget to close the session regardless.

Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
---
 lib/pkcs11.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index d8d4a65114..0d5e83a0c6 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -598,7 +598,8 @@ gnutls_pkcs11_obj_set_info(gnutls_pkcs11_obj_t obj,
 		break;
 	default:
 		gnutls_assert();
-		return GNUTLS_E_INVALID_REQUEST;
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
 	}
 
 	ret = 0;
-- 
cgit v1.2.1