tests/x509-cert-callback.c: Free p and certs on error to avoid memory leak

Call gnutls_free() to release p and certs on error, preventing a memory leak.

Fixes: ed02ed050 ("tests: added check with X.509 certificates and callbacks")
Signed-off-by: JiashengJiang <jiasheng@purdue.edu>

diff --git a/tests/x509-cert-callback.c b/tests/x509-cert-callback.c
index 4e7265a6de3cb909792ecaaaf0d74553ad3cfcf3..202a1f5c3605e2c274cd235acee5f3b429bd4341 100644 (file)
--- a/tests/x509-cert-callback.c
+++ b/tests/x509-cert-callback.c
@@ -72,23 +72,34 @@ static int cert_callback(gnutls_session_t session,
                ret = gnutls_x509_crt_list_import2(&certs, &certs_size,
                                                   &cli_ca3_cert_chain,
                                                   GNUTLS_X509_FMT_PEM, 0);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
                        return -1;
+               }
+
                ret = gnutls_pcert_import_x509_list(p, certs, &certs_size, 0);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
+                       gnutls_free(certs);
                        return -1;
+               }
+
                for (i = 0; i < certs_size; i++)
                        gnutls_x509_crt_deinit(certs[i]);
                gnutls_free(certs);
 
                ret = gnutls_privkey_init(&lkey);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
                        return -1;
+               }
 
                ret = gnutls_privkey_import_x509_raw(
                        lkey, &cli_ca3_key, GNUTLS_X509_FMT_PEM, NULL, 0);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
                        return -1;
+               }
 
                g_pcert = p;
                g_pkey = lkey;
@@ -134,23 +145,34 @@ static int server_cert_callback(gnutls_session_t session,
                ret = gnutls_x509_crt_list_import2(
                        &certs, &certs_size, &server_ca3_localhost_cert_chain,
                        GNUTLS_X509_FMT_PEM, 0);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
                        return -1;
+               }
+
                ret = gnutls_pcert_import_x509_list(p, certs, &certs_size, 0);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
+                       gnutls_free(certs);
                        return -1;
+               }
+
                for (i = 0; i < certs_size; i++)
                        gnutls_x509_crt_deinit(certs[i]);
                gnutls_free(certs);
 
                ret = gnutls_privkey_init(&lkey);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
                        return -1;
+               }
 
                ret = gnutls_privkey_import_x509_raw(
                        lkey, &server_ca3_key, GNUTLS_X509_FMT_PEM, NULL, 0);
-               if (ret < 0)
+               if (ret < 0) {
+                       gnutls_free(p);
                        return -1;
+               }
 
                server_pcert = p;
                server_pkey = lkey;