Commit 3c9479ae authored by Tom Carroll's avatar Tom Carroll

Free pcerts array for all assign_privkey paths.

Ensure the array pcerts is free'd for both success/fail paths. The function
gnutls_certificate_set_key() is odd as it takes ownership of the contents of
pcerts, but not the pcerts array itself. See:

new_pcert_list = gnutls_malloc(sizeof(gnutls_pcert_st) * pcert_list_size);
if (new_pcert_list == NULL) {
  return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
memcpy(new_pcert_list, pcert_list, sizeof(gnutls_pcert_st) * pcert_list_size);
Signed-off-by: default avatarTom Carroll <>
parent 4df34b87
......@@ -584,7 +584,8 @@ static int assign_privkey(struct openconnect_info *vpninfo,
uint8_t *free_certs)
gnutls_pcert_st *pcerts = gnutls_calloc(nr_certs, sizeof(*pcerts));
int i, err;
unsigned int i;
int err;
if (!pcerts)
......@@ -608,8 +609,8 @@ static int assign_privkey(struct openconnect_info *vpninfo,
for (i = 0 ; i < nr_certs; i++)
gnutls_pcert_deinit(pcerts + i);
return err;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment