crypto: Fix certificate file error handling crash bug
qcrypto_tls_creds_load_cert() passes uninitialized GError *gerr by
reference to g_file_get_contents(). When g_file_get_contents() fails,
it'll try to set a GError. Unless @gerr is null by dumb luck, this
logs a ERROR_OVERWRITTEN_WARNING warning message and leaves @gerr
unchanged. qcrypto_tls_creds_load_cert() then dereferences the
uninitialized @gerr.
Fix by initializing @gerr properly.
Fixes: 9a2fd4347c
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20191204093625.14836-2-armbru@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
This commit is contained in:
parent
deda497b84
commit
8cb846db9e
@ -380,7 +380,7 @@ qcrypto_tls_creds_load_cert(QCryptoTLSCredsX509 *creds,
|
||||
gnutls_x509_crt_t cert = NULL;
|
||||
g_autofree char *buf = NULL;
|
||||
gsize buflen;
|
||||
GError *gerr;
|
||||
GError *gerr = NULL;
|
||||
int ret = -1;
|
||||
int err;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user