From: David Woodhouse Date: Wed, 13 Jun 2012 19:21:30 +0000 (+0100) Subject: Fix error exits in GnuTLS load_certificate() function X-Git-Tag: v3.99~11 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=e05f5cd8d8689e8295848c9957adf007ad46c995;p=users%2Fdwmw2%2Fopenconnect.git Fix error exits in GnuTLS load_certificate() function Having separate 'err' for GnuTLS errno, and 'ret' for the return value, has caused me to sometimes return without setting 'ret'. Make it uninitialised to start with, and then the compiler should warn if I 'goto out' again without setting 'ret'. Signed-off-by: David Woodhouse --- diff --git a/gnutls.c b/gnutls.c index 4abb0fc7..154522ac 100644 --- a/gnutls.c +++ b/gnutls.c @@ -621,7 +621,7 @@ static int load_certificate(struct openconnect_info *vpninfo) unsigned int nr_supporting_certs = 0, nr_extra_certs = 0; unsigned int certs_to_free = 0; /* How many of supporting_certs */ int err; /* GnuTLS error */ - int ret = 0; /* our error (zero or -errno) */ + int ret; int i; int cert_is_p11 = 0, key_is_p11 = 0; unsigned char key_id[20]; @@ -925,6 +925,7 @@ static int load_certificate(struct openconnect_info *vpninfo) vpn_progress(vpninfo, PRG_ERR, _("Failed to get key ID: %s\n"), gnutls_strerror(err)); + ret = -EINVAL; goto out; } for (i = 0; i < (extra_certs?nr_extra_certs:1); i++) { @@ -969,6 +970,7 @@ static int load_certificate(struct openconnect_info *vpninfo) vpn_progress(vpninfo, PRG_ERR, _("Error signing test data with private key: %s\n"), gnutls_strerror(err)); + ret = -EINVAL; goto out; } @@ -1025,6 +1027,7 @@ static int load_certificate(struct openconnect_info *vpninfo) vpn_progress(vpninfo, PRG_ERR, _("Setting certificate recovation list failed: %s\n"), gnutls_strerror(err)); + ret = -EINVAL; goto out; } } @@ -1162,7 +1165,8 @@ static int load_certificate(struct openconnect_info *vpninfo) _("Setting certificate failed: %s\n"), gnutls_strerror(err)); ret = -EIO; - } + } else + ret = 0; out: if (crl) gnutls_x509_crl_deinit(crl);