[libvirt] [PATCH v2 1/2] rpc: cleanup in virNetTLSContextNew
Adrian Brzezinski
adrian.brzezinski at eo.pl
Mon Apr 15 18:29:42 UTC 2019
Failed new gnutls context allocations in virNetTLSContextNew function
results in double free and segfault. Occasional memory leaks may also
occur.
Signed-off-by: Adrian Brzezinski <redhat at adrb.pl>
---
src/rpc/virnettlscontext.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
index 72e9ed9..7b5d578 100644
--- a/src/rpc/virnettlscontext.c
+++ b/src/rpc/virnettlscontext.c
@@ -707,6 +707,12 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert,
err = gnutls_certificate_allocate_credentials(&ctxt->x509cred);
if (err) {
+ /* gnutls_certificate_credentials_t is complex structure with multiple
+ * internal memory allocatons that can go wrong, so make sure that
+ * reference is NULL.
+ */
+ ctxt->x509cred = NULL;
+
virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to allocate x509 credentials: %s"),
gnutls_strerror(err));
@@ -758,7 +764,9 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert,
error:
if (isServer)
gnutls_dh_params_deinit(ctxt->dhParams);
- gnutls_certificate_free_credentials(ctxt->x509cred);
+ if (ctxt->x509cred)
+ gnutls_certificate_free_credentials(ctxt->x509cred);
+ VIR_FREE(ctxt->priority);
VIR_FREE(ctxt);
return NULL;
}
--
1.8.3.1
More information about the libvir-list
mailing list