On Mon, Apr 15, 2019 at 08:29:42PM +0200, Adrian Brzezinski wrote:
Failed new gnutls context allocations in virNetTLSContextNew function results in double free and segfault. Occasional memory leaks may also occur.
Signed-off-by: Adrian Brzezinski <redhat@adrb.pl> --- src/rpc/virnettlscontext.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c index 72e9ed9..7b5d578 100644 --- a/src/rpc/virnettlscontext.c +++ b/src/rpc/virnettlscontext.c @@ -707,6 +707,12 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert,
err = gnutls_certificate_allocate_credentials(&ctxt->x509cred); if (err) { + /* gnutls_certificate_credentials_t is complex structure with multiple + * internal memory allocatons that can go wrong, so make sure that + * reference is NULL. + */
I changd this comment to /* While gnutls_certificate_credentials_t will free any * partially allocated credentials struct, it does not * set the returned pointer back to NULL after it is * freed in an error path. */ and then pushed the fix Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|