gnutls_aead_cipher_init: fix potential memleak

When _gnutls_aead_cipher_init() fails, the function returns without
freeing the allocted handle.  This was once fixed in commit
502be130493e8ce802cdf60fffdbb5f1885352a5 but regressed after a code
reorganization in commit 2eef509ce5f2d250f8dcaeffa46444dd2b694e91.

Reported by Miroslav Lichvar.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 45be64ed1f3d0d236155006a28a3c433b18bacbe..311c819a3200a47ead003aeb63c12f9ae2582add 100644 (file)
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -755,6 +755,7 @@ int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t *handle,
 {
        api_aead_cipher_hd_st *h;
        const cipher_entry_st *e;
+       int ret;
 
        if (is_cipher_algo_forbidden(cipher))
                return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
@@ -763,15 +764,21 @@ int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t *handle,
        if (e == NULL || e->type != CIPHER_AEAD)
                return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
-       *handle = gnutls_calloc(1, sizeof(api_aead_cipher_hd_st));
-       if (*handle == NULL) {
+       h = gnutls_calloc(1, sizeof(api_aead_cipher_hd_st));
+       if (h == NULL) {
                gnutls_assert();
                return GNUTLS_E_MEMORY_ERROR;
        }
 
-       h = *handle;
+       ret = _gnutls_aead_cipher_init(h, cipher, key);
+       if (ret < 0) {
+               gnutls_free(h);
+               return ret;
+       }
 
-       return _gnutls_aead_cipher_init(h, cipher, key);
+       *handle = h;
+
+       return ret;
 }
 
 /**