Fix abuse of gnutls_realloc() causing memory leaks

We need to free the original pointer, if gnutls_realloc() returns NULL.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/gnutls.c b/gnutls.c
index d858d72ab3f3ba88b4536f930b9c9ccd6072196c..cc2e2104e8481f1c98d45c9959e9df31d026a648 100644 (file)
--- a/gnutls.c
+++ b/gnutls.c
@@ -1444,6 +1444,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
        }
        while (1) {
                gnutls_x509_crt_t issuer;
+               void *tmp;
 
                for (i = 0; i < nr_extra_certs; i++) {
                        if (extra_certs[i] &&
@@ -1486,9 +1487,11 @@ static int load_certificate(struct openconnect_info *vpninfo)
                }
 
                /* OK, we found a new cert to add to our chain. */
+               tmp = supporting_certs;
                supporting_certs = gnutls_realloc(supporting_certs,
                                                  sizeof(cert) * ++nr_supporting_certs);
                if (!supporting_certs) {
+                       gnutls_free(tmp);
                        vpn_progress(vpninfo, PRG_ERR,
                                     _("Failed to allocate memory for supporting certificates\n"));
                        /* The world is probably about to end, but try without them anyway */

diff --git a/gnutls_pkcs12.c b/gnutls_pkcs12.c
index 7da1c9cd2c4afea16a7ad2030f7d9aa319c5388d..b009f3fa99040c4b1f0e91873da27c518bc7e08e 100644 (file)
--- a/gnutls_pkcs12.c
+++ b/gnutls_pkcs12.c
@@ -61,11 +61,13 @@ unsigned int i;
       if (gnutls_x509_crt_check_issuer((*chain)[*chain_len - 1], (*extra_certs)[i]) != 0 &&
           gnutls_x509_crt_check_issuer((*extra_certs)[i], (*extra_certs)[i]) == 0)
         {
+           void *tmp = *chain;
            *chain = gnutls_realloc (*chain, sizeof((*chain)[0]) *
                                                      ++(*chain_len));
            if (*chain == NULL)
              {
                gnutls_assert();
+               gnutls_free(tmp);
                return GNUTLS_E_MEMORY_ERROR;
              }
            (*chain)[*chain_len - 1] = (*extra_certs)[i];
@@ -398,12 +400,14 @@ gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12,
                 { /* they don't match - skip the certificate */
                   if (extra_certs)
                     {
+                      void *tmp = _extra_certs;
                       _extra_certs = gnutls_realloc (_extra_certs,
                                                      sizeof(_extra_certs[0]) *
                                                      ++_extra_certs_len);
                       if (!_extra_certs)
                         {
                           gnutls_assert ();
+                          gnutls_free(tmp);
                           ret = GNUTLS_E_MEMORY_ERROR;
                           goto done;
                         }