If the talloc_realloc() fails, asn1_write calls talloc_free on the
context and then immediately dereferences the pointer.
Fix this by skipping the talloc_free here. Let the caller handle it.
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxx>
---
asn1.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/asn1.c b/asn1.c
index ea50a23..4c0e480 100644
--- a/asn1.c
+++ b/asn1.c
@@ -47,7 +47,6 @@ bool asn1_write(struct asn1_data *data, const void *p, int len)
uint8_t *newp;
newp = talloc_realloc(data, data->data, uint8_t, data->ofs+len);
if (!newp) {
- asn1_free(data);
data->has_error = true;
return false;
}
--
1.8.3.1
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
