From e44a9d2c2f26bac43321433ff6fc027373119852 Mon Sep 17 00:00:00 2001 From: Nikolay Sivov Date: Sat, 4 Jun 2022 18:05:53 +0300 Subject: [PATCH] secur32/schannel: Avoid use-after-free in AcquireClientCredentials() (Coverity). Signed-off-by: Nikolay Sivov --- dlls/secur32/schannel.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index bc0867ca94b..5b4fb196aca 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -589,8 +589,9 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred, } params.key_size = key_size; params.key_blob = key_blob; - if (GNUTLS_CALL( allocate_certificate_credentials, ¶ms )) goto fail; + status = GNUTLS_CALL( allocate_certificate_credentials, ¶ms ); free(key_blob); + if (status) goto fail; handle = schan_alloc_handle(creds, SCHAN_HANDLE_CRED); if (handle == SCHAN_INVALID_HANDLE) goto fail; @@ -609,7 +610,6 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred, fail: free(creds); - free(key_blob); return SEC_E_INTERNAL_ERROR; }