qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PULL v1 (for 2.5) 2/4] crypto: fix mistaken setting of Err


From: Daniel P. Berrange
Subject: [Qemu-devel] [PULL v1 (for 2.5) 2/4] crypto: fix mistaken setting of Error in success code path
Date: Wed, 18 Nov 2015 15:47:42 +0000

The qcrypto_tls_session_check_certificate() method was setting
an Error even when the ACL check suceeded. This didn't affect
the callers detection of errors because they relied on the
function return status, but this did cause a memory leak since
the caller would not free an Error they did not expect to be
set.

Signed-off-by: Daniel P. Berrange <address@hidden>
---
 crypto/tlssession.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/tlssession.c b/crypto/tlssession.c
index ffc5c47..3735529 100644
--- a/crypto/tlssession.c
+++ b/crypto/tlssession.c
@@ -304,9 +304,9 @@ qcrypto_tls_session_check_certificate(QCryptoTLSSession 
*session,
 
                 allow = qemu_acl_party_is_allowed(acl, session->peername);
 
-                error_setg(errp, "TLS x509 ACL check for %s is %s",
-                           session->peername, allow ? "allowed" : "denied");
                 if (!allow) {
+                    error_setg(errp, "TLS x509 ACL check for %s is denied",
+                               session->peername);
                     goto error;
                 }
             }
-- 
2.5.0




reply via email to

[Prev in Thread] Current Thread [Next in Thread]