Nikolay Sivov : secur32/schannel: Avoid use-after-free in AcquireClientCredentials() (Coverity).

[Alexandre Julliard]

Module: wine
Branch: master
Commit: e44a9d2c2f26bac43321433ff6fc027373119852
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=e44a9d2c2f26bac43321433ff6fc027373119852

Author: Nikolay Sivov <nsivov at codeweavers.com>
Date:   Sat Jun  4 18:05:53 2022 +0300

secur32/schannel: Avoid use-after-free in AcquireClientCredentials() (Coverity).

Signed-off-by: Nikolay Sivov <nsivov at codeweavers.com>

---

 dlls/secur32/schannel.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c
index bc0867ca94b..5b4fb196aca 100644
--- a/dlls/secur32/schannel.c
+++ b/dlls/secur32/schannel.c
@@ -589,8 +589,9 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
     }
     params.key_size = key_size;
     params.key_blob = key_blob;
-    if (GNUTLS_CALL( allocate_certificate_credentials, &params )) goto fail;
+    status = GNUTLS_CALL( allocate_certificate_credentials, &params );
     free(key_blob);
+    if (status) goto fail;
 
     handle = schan_alloc_handle(creds, SCHAN_HANDLE_CRED);
     if (handle == SCHAN_INVALID_HANDLE) goto fail;
@@ -609,7 +610,6 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
 
 fail:
     free(creds);
-    free(key_blob);
     return SEC_E_INTERNAL_ERROR;
 }