Commit 3c9479ae authored by Tom Carroll's avatar Tom Carroll

Free pcerts array for all assign_privkey paths.

Ensure the array pcerts is free'd for both success/fail paths. The function
gnutls_certificate_set_key() is odd as it takes ownership of the contents of
pcerts, but not the pcerts array itself. See:

gnutls-3.6.15/lib/cert-cred.c:gnutls_certificate_set_key()
...
new_pcert_list = gnutls_malloc(sizeof(gnutls_pcert_st) * pcert_list_size);
if (new_pcert_list == NULL) {
  return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
}
memcpy(new_pcert_list, pcert_list, sizeof(gnutls_pcert_st) * pcert_list_size);
Signed-off-by: default avatarTom Carroll <incentivedesign@gmail.com>
parent 4df34b87
......@@ -584,7 +584,8 @@ static int assign_privkey(struct openconnect_info *vpninfo,
uint8_t *free_certs)
{
gnutls_pcert_st *pcerts = gnutls_calloc(nr_certs, sizeof(*pcerts));
int i, err;
unsigned int i;
int err;
if (!pcerts)
return GNUTLS_E_MEMORY_ERROR;
......@@ -608,8 +609,8 @@ static int assign_privkey(struct openconnect_info *vpninfo,
free_pcerts:
for (i = 0 ; i < nr_certs; i++)
gnutls_pcert_deinit(pcerts + i);
free(pcerts);
}
free(pcerts);
return err;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment