From b989514405e2223f12040d3f940185378041c95c Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Mon, 8 Aug 2016 14:47:32 +0200
Subject: stransport: do not use `git_stream_free` on uninitialized stransport

When failing to initialize a new stransport stream, we try to
release already allocated memory by calling out to
`git_stream_free`, which in turn called out to the stream's
`free` function pointer. As we only initialize the function
pointer later on, this leads to a `NULL` pointer exception.

Furthermore, plug another memory leak when failing to create the
SSL context.
---
 src/stransport_stream.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/stransport_stream.c b/src/stransport_stream.c
index e568620e9..50ed9452c 100644
--- a/src/stransport_stream.c
+++ b/src/stransport_stream.c
@@ -261,6 +261,7 @@ int git_stransport_stream_new(git_stream **out, const char *host, const char *po
 	st->ctx = SSLCreateContext(NULL, kSSLClientSide, kSSLStreamType);
 	if (!st->ctx) {
 		giterr_set(GITERR_NET, "failed to create SSL context");
+		git__free(st);
 		return -1;
 	}
 
@@ -270,7 +271,8 @@ int git_stransport_stream_new(git_stream **out, const char *host, const char *po
 	    (ret = SSLSetProtocolVersionMin(st->ctx, kTLSProtocol1)) != noErr ||
 	    (ret = SSLSetProtocolVersionMax(st->ctx, kTLSProtocol12)) != noErr ||
 	    (ret = SSLSetPeerDomainName(st->ctx, host, strlen(host))) != noErr) {
-		git_stream_free((git_stream *)st);
+		CFRelease(st->ctx);
+		git__free(st);
 		return stransport_error(ret);
 	}
 
-- 
cgit v1.2.1