Commit b989514405e2223f12040d3f940185378041c95c

Patrick Steinhardt 2016-08-08T14:47:32

stransport: do not use `git_stream_free` on uninitialized stransport When failing to initialize a new stransport stream, we try to release already allocated memory by calling out to `git_stream_free`, which in turn called out to the stream's `free` function pointer. As we only initialize the function pointer later on, this leads to a `NULL` pointer exception. Furthermore, plug another memory leak when failing to create the SSL context.

diff --git a/src/stransport_stream.c b/src/stransport_stream.c
index e568620..50ed945 100644
--- a/src/stransport_stream.c
+++ b/src/stransport_stream.c
@@ -261,6 +261,7 @@ int git_stransport_stream_new(git_stream **out, const char *host, const char *po
 	st->ctx = SSLCreateContext(NULL, kSSLClientSide, kSSLStreamType);
 	if (!st->ctx) {
 		giterr_set(GITERR_NET, "failed to create SSL context");
+		git__free(st);
 		return -1;
 	}
 
@@ -270,7 +271,8 @@ int git_stransport_stream_new(git_stream **out, const char *host, const char *po
 	    (ret = SSLSetProtocolVersionMin(st->ctx, kTLSProtocol1)) != noErr ||
 	    (ret = SSLSetProtocolVersionMax(st->ctx, kTLSProtocol12)) != noErr ||
 	    (ret = SSLSetPeerDomainName(st->ctx, host, strlen(host))) != noErr) {
-		git_stream_free((git_stream *)st);
+		CFRelease(st->ctx);
+		git__free(st);
 		return stransport_error(ret);
 	}