Fix handle leak in the Win32 apr_uid_current implementation.

Backports: r1860057 Submitted by: ivan Reviewed by: wrowe git-svn-id: https://svn.apache.org/repos/asf/apr/apr/branches/1.7.x@1893388 13f79535-47bb-0310-9956-ffa450edef68
author: wrowe <wrowe@13f79535-47bb-0310-9956-ffa450edef68> 2021-09-16 20:20:00 +0000
committer: wrowe <wrowe@13f79535-47bb-0310-9956-ffa450edef68> 2021-09-16 20:20:00 +0000
commit: 2556a1853b6d3523b270e54af85e37830df62762 (patch)
tree: 664fa01534efd6145f111ba8cc9e8e791b81dc70
parent: db7878536f5a8e6daa9e608f6ccd8b32dd752355 (diff)
download: libapr-2556a1853b6d3523b270e54af85e37830df62762.tar.gz
2 files changed, 22 insertions, 8 deletions
diff --git a/CHANGES b/CHANGES
index bce513489..184877ba9 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,9 @@ Changes for APR 1.7.1
      (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
      later 1.6.x releases, but was missing in 1.7.0.)  [Stefan Sperling]
 
+  *) Fix handle leak in the Win32 apr_uid_current implementation.
+     PR 61165. [Ivan Zhakov]
+
   *) Add error handling for lseek() failures in apr_file_write() and
      apr_file_writev().  [Joe Orton]
 
diff --git a/user/win32/userinfo.c b/user/win32/userinfo.c
index c6b5084a5..89f9b8cf0 100644
--- a/user/win32/userinfo.c
+++ b/user/win32/userinfo.c
@@ -171,27 +171,38 @@ APR_DECLARE(apr_status_t) apr_uid_current(apr_uid_t *uid,
     DWORD needed;
     TOKEN_USER *usr;
     TOKEN_PRIMARY_GROUP *grp;
-    
+    apr_status_t rv;
+
     if(!OpenProcessToken(GetCurrentProcess(), STANDARD_RIGHTS_READ | READ_CONTROL | TOKEN_QUERY, &threadtok)) {
         return apr_get_os_error();
     }
 
     *uid = NULL;
     if (!GetTokenInformation(threadtok, TokenUser, NULL, 0, &needed)
-        && (GetLastError() == ERROR_INSUFFICIENT_BUFFER) 
+        && (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
         && (usr = apr_palloc(p, needed))
-        && GetTokenInformation(threadtok, TokenUser, usr, needed, &needed))
+        && GetTokenInformation(threadtok, TokenUser, usr, needed, &needed)) {
         *uid = usr->User.Sid;
-    else
-        return apr_get_os_error();
+    }
+    else {
+        rv = apr_get_os_error();
+        CloseHandle(threadtok);
+        return rv;
+    }
 
     if (!GetTokenInformation(threadtok, TokenPrimaryGroup, NULL, 0, &needed)
         && (GetLastError() == ERROR_INSUFFICIENT_BUFFER) 
         && (grp = apr_palloc(p, needed))
-        && GetTokenInformation(threadtok, TokenPrimaryGroup, grp, needed, &needed))
+        && GetTokenInformation(threadtok, TokenPrimaryGroup, grp, needed, &needed)) {
         *gid = grp->PrimaryGroup;
-    else
-        return apr_get_os_error();
+    }
+    else {
+        rv = apr_get_os_error();
+        CloseHandle(threadtok);
+        return rv;
+    }
+
+    CloseHandle(threadtok);
 
     return APR_SUCCESS;
 #endif
author	wrowe <wrowe@13f79535-47bb-0310-9956-ffa450edef68>	2021-09-16 20:20:00 +0000
committer	wrowe <wrowe@13f79535-47bb-0310-9956-ffa450edef68>	2021-09-16 20:20:00 +0000
commit	2556a1853b6d3523b270e54af85e37830df62762 (patch)
tree	664fa01534efd6145f111ba8cc9e8e791b81dc70
parent	db7878536f5a8e6daa9e608f6ccd8b32dd752355 (diff)
download	libapr-2556a1853b6d3523b270e54af85e37830df62762.tar.gz