From dc4e9bfb849fc25a5163c64427a7d30b228ed66e Mon Sep 17 00:00:00 2001 From: Adrian Brzezinski Date: Mon, 15 Apr 2019 20:29:42 +0200 Subject: [PATCH] rpc: cleanup in virNetTLSContextNew MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Failed new gnutls context allocations in virNetTLSContextNew function results in double free and segfault. Occasional memory leaks may also occur. Reviewed-by: Daniel P. Berrangé Signed-off-by: Adrian Brzezinski --- src/rpc/virnettlscontext.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c index 72e9ed9eac..4adc409c0b 100644 --- a/src/rpc/virnettlscontext.c +++ b/src/rpc/virnettlscontext.c @@ -707,6 +707,13 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert, err = gnutls_certificate_allocate_credentials(&ctxt->x509cred); if (err) { + /* While gnutls_certificate_credentials_t will free any + * partially allocated credentials struct, it does not + * set the returned pointer back to NULL after it is + * freed in an error path. + */ + ctxt->x509cred = NULL; + virReportError(VIR_ERR_SYSTEM_ERROR, _("Unable to allocate x509 credentials: %s"), gnutls_strerror(err)); @@ -758,7 +765,9 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert, error: if (isServer) gnutls_dh_params_deinit(ctxt->dhParams); - gnutls_certificate_free_credentials(ctxt->x509cred); + if (ctxt->x509cred) + gnutls_certificate_free_credentials(ctxt->x509cred); + VIR_FREE(ctxt->priority); VIR_FREE(ctxt); return NULL; } -- GitLab