From 338536364246d1e40b4d9f039c106d83594db724 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed, 29 Jun 2016 18:52:22 +0200
Subject: pkcs11_get_attribute_avalue: do not assign values on failure

When C_GetAttributeValue() returns size but does not return data
then pkcs11_get_attribute_avalue() would set the return data pointer
to a free'd value. This is against the convention expected by callers,
i.e, set data to NULL. Reported by Anthony Alba in #108.
---
 lib/pkcs11_int.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/pkcs11_int.c b/lib/pkcs11_int.c
index 2ae35e372d..25c537bbed 100644
--- a/lib/pkcs11_int.c
+++ b/lib/pkcs11_int.c
@@ -148,6 +148,7 @@ pkcs11_get_attribute_avalue(struct ck_function_list * module,
 		rv = (module)->C_GetAttributeValue(sess, object, &templ, 1);
 		if (rv != CKR_OK) {
 			gnutls_free(t);
+			return rv;
 		}
 		res->data = t;
 		res->size = templ.value_len;
-- 
cgit v1.2.1