status_request: eliminated leak on error path

Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=269 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-01-03 14:37:18 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-01-03 16:14:18 +0100
commit: 091f5079a714a619d6f8044f1fed02d7a48ab5c7 (patch)
tree: 227ee17736c1a819307b6b5107d23097875a214b
parent: 3cad570427a96c30af9b6410961d0fa20bd47629 (diff)
download: gnutls-091f5079a714a619d6f8044f1fed02d7a48ab5c7.tar.gz
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c
index 5b9a71d898..f5a46dca23 100644
--- a/lib/ext/status_request.c
+++ b/lib/ext/status_request.c
@@ -689,18 +689,23 @@ int _gnutls_recv_server_certificate_status(gnutls_session_t session)
 	data_size = buf.length;
 
 	/* minimum message is type (1) + response (3) + data */
-	if (data_size == 0)
-		return 0;
-	else if (data_size < 4)
-		return
+	if (data_size == 0) {
+		ret = 0;
+		goto error;
+	} else if (data_size < 4) {
+		ret =
 		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		goto error;
+	}
 
 	if (data[0] != 0x01) {
 		gnutls_assert();
 		_gnutls_handshake_log("EXT[%p]: unknown status_type %d\n",
 				      session, data[0]);
-		return 0;
+		ret = 0;
+		goto error;
 	}
+
 	DECR_LENGTH_COM(data_size, 1, ret =
 			GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
 			goto error);
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-01-03 14:37:18 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-01-03 16:14:18 +0100
commit	091f5079a714a619d6f8044f1fed02d7a48ab5c7 (patch)
tree	227ee17736c1a819307b6b5107d23097875a214b
parent	3cad570427a96c30af9b6410961d0fa20bd47629 (diff)
download	gnutls-091f5079a714a619d6f8044f1fed02d7a48ab5c7.tar.gz