From: Omar Sandoval <osandov@osandov.com>
Date: Tue, 27 Aug 2019 16:27:51 +0000 (-0700)
Subject: Don't crash if gnutls_x509_crt_list_import() fails
X-Git-Tag: v8.05~4
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=0859d68f6eb42c7b0b5b9872fd333fd1dd184242;p=users%2Fdwmw2%2Fopenconnect.git

Don't crash if gnutls_x509_crt_list_import() fails

On error, gnutls_x509_crt_list_import() deinitializes any certificates
that it loaded (this isn't documented, of course, but see [1]). However,
we're also deinitializing them in the error handling case, resulting in
a double-free. Set nr_extra_certs to zero in that case so that we don't
crash.

1: https://gitlab.com/gnutls/gnutls/blob/gnutls_3_6_9/lib/x509/x509.c#L3864

Signed-off-by: Omar Sandoval <osandov@osandov.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---

diff --git a/gnutls.c b/gnutls.c
index 4f915d62..4a000af9 100644
--- a/gnutls.c
+++ b/gnutls.c
@@ -1082,6 +1082,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
 		vpn_progress(vpninfo, PRG_ERR,
 			     _("Loading certificate failed: %s\n"),
 			     reason);
+		nr_extra_certs = 0;
 		ret = -EINVAL;
 		goto out;
 	}