From 4c207a004cce51e0dcd11c42eda514bd1587e8b2 Mon Sep 17 00:00:00 2001
From: Michal Marek <mmarek@suse.cz>
Date: Wed, 22 Jul 2009 09:48:32 +0000
Subject: - David Binderman found a memory and fd leak in
 lib/gtls.c:load_file()   (https://bugzilla.novell.com/523919). When looking
 at the code, I found   that also the ptr pointer can leak.

---
 CHANGES       |  4 ++++
 RELEASE-NOTES |  3 ++-
 lib/gtls.c    | 15 ++++++++++-----
 3 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/CHANGES b/CHANGES
index be7c97172..6dc2af3a5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,10 @@
 
                                   Changelog
 
+Michal Marek (22 Jul 2009)
+- David Binderman found a memory and fd leak in lib/gtls.c:load_file()
+  (https://bugzilla.novell.com/523919). When looking at the code, I found
+  that also the ptr pointer can leak.
 Kamil Dudka (20 Jul 2009)
 - Claes Jakobsson improved the support for client certificates handling
   in NSS-powered libcurl. Now the client certificates can be selected
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 798337160..0f4da0b0e 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -32,6 +32,7 @@ This release includes the following bugfixes:
  o curl -o - sends data to stdout using binary mode on windows
  o fixed the separators for "array" style string that CURLINFO_CERTINFO returns
  o auth problem over several hosts with re-used connection
+ o fix leak in gtls code
 
 This release includes the following known bugs:
 
@@ -44,6 +45,6 @@ advice from friends like these:
  Andre Guibert de Bruet, Mike Crowe, Claes Jakobsson, John E. Malmberg,
  Aaron Oneal, Igor Novoseltsev, Eric Wong, Bill Hoffman, Daniel Steinberg,
  Fabian Keil, Michal Marek, Reuven Wachtfogel, Markus Koetter,
- Constantine Sapuntzakis
+ Constantine Sapuntzakis, David Binderman
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/gtls.c b/lib/gtls.c
index 002246a0c..d5c8f1a79 100644
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -148,17 +148,22 @@ static gnutls_datum load_file (const char *file)
   long filelen;
   void *ptr;
 
-  if (!(f = fopen(file, "r"))
-      || fseek(f, 0, SEEK_END) != 0
+  if (!(f = fopen(file, "r")))
+    return loaded_file;
+  if (fseek(f, 0, SEEK_END) != 0
       || (filelen = ftell(f)) < 0
       || fseek(f, 0, SEEK_SET) != 0
-      || !(ptr = malloc((size_t)filelen))
-      || fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) {
-    return loaded_file;
+      || !(ptr = malloc((size_t)filelen)))
+    goto out;
+  if (fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) {
+    free(ptr);
+    goto out;
   }
 
   loaded_file.data = ptr;
   loaded_file.size = (unsigned int)filelen;
+out:
+  fclose(f);
   return loaded_file;
 }
 
-- 
cgit v1.2.3