From: Simon McVittie <smcv@collabora.com>
Date: Mon, 6 Nov 2017 19:11:32 +0000 (+0000)
Subject: _dbus_accept_with_noncefile: Don't leak nonce
X-Git-Tag: dbus-1.12.2~5
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a208e0242177ea2d0a57591d8abbc6367b672d9a;p=thirdparty%2Fdbus.git

_dbus_accept_with_noncefile: Don't leak nonce

This was always leaked, both on success and on error.

Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103597
(cherry picked from commit 37d5af203c0fc22c9ae746b2ae4781ff648a792f)
---

diff --git a/dbus/dbus-nonce.c b/dbus/dbus-nonce.c
index 7f3118cd8..eab23f642 100644
--- a/dbus/dbus-nonce.c
+++ b/dbus/dbus-nonce.c
@@ -165,24 +165,36 @@ _dbus_read_nonce (const DBusString *fname, DBusString *nonce, DBusError* error)
 DBusSocket
 _dbus_accept_with_noncefile (DBusSocket listen_fd, const DBusNonceFile *noncefile)
 {
-  DBusSocket fd;
+  DBusSocket fd = _dbus_socket_get_invalid ();
   DBusString nonce;
 
   _dbus_assert (noncefile != NULL);
+
+  /* Make it valid to "free" this even if _dbus_string_init() runs
+   * out of memory: see comment in do_check_nonce() */
+  _dbus_string_init_const (&nonce, "");
+
   if (!_dbus_string_init (&nonce))
-    return _dbus_socket_get_invalid ();
+    goto out;
+
   //PENDING(kdab): set better errors
   if (_dbus_read_nonce (_dbus_noncefile_get_path(noncefile), &nonce, NULL) != TRUE)
-    return _dbus_socket_get_invalid ();
+    goto out;
+
   fd = _dbus_accept (listen_fd);
+
   if (!_dbus_socket_is_valid (fd))
-    return fd;
+    goto out;
+
   if (do_check_nonce(fd, &nonce, NULL) != TRUE) {
     _dbus_verbose ("nonce check failed. Closing socket.\n");
     _dbus_close_socket(fd, NULL);
-    return _dbus_socket_get_invalid ();
+    _dbus_socket_invalidate (&fd);
+    goto out;
   }
 
+out:
+  _dbus_string_free (&nonce);
   return fd;
 }