From: Greg Hudson <ghudson@mit.edu>
Date: Sat, 11 Jan 2020 04:47:34 +0000 (-0500)
Subject: Fix error handling in gssint_mechglue_init()
X-Git-Tag: krb5-1.17.2-final~17
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=45ec4ac9a159b6be3042356ba4570e4c501b5726;p=thirdparty%2Fkrb5.git

Fix error handling in gssint_mechglue_init()

In the unlikely event that one of the functions called by
gssint_mechglue_init() returns an error, return that error to the
caller rather than continuing on and discarding the error status.
Returning success when some of the operations failed could fool the
library finalizer into thinking that initialization completed.
Reported by Spencer Malone.

(cherry picked from commit c120ed5b211ee684b830a6722fc3ab3222afbfa1)

ticket: 8864
version_fixed: 1.17.2
---

diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 0ad11c0b02..1c24f0a91c 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -114,11 +114,19 @@ gssint_mechglue_init(void)
 	add_error_table(&et_ggss_error_table);
 
 	err = k5_mutex_finish_init(&g_mechSetLock);
+	if (err)
+		return err;
 	err = k5_mutex_finish_init(&g_mechListLock);
+	if (err)
+		return err;
 
 #ifdef _GSS_STATIC_LINK
 	err = gss_krb5int_lib_init();
+	if (err)
+		return err;
 	err = gss_spnegoint_lib_init();
+	if (err)
+		return err;
 #endif
 
 	err = gssint_mecherrmap_init();