In function netsh_dns_cmd() it is possible to jump on a label and
call free() on uninitialized pointer. Move pointer initialization
above jump.
To fix a few warnings which are treated as errors with SDL enabled,
initialize pointers with NULL.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <1539022378-24485-1-git-send-email-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17663.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -1015,6 +1015,7 @@ netsh_dns_cmd(const wchar_t *action, const wchar_t *proto, const wchar_t *if_nam |
1015 | 1015 |
DWORD err = 0; |
1016 | 1016 |
int timeout = 30000; /* in msec */ |
1017 | 1017 |
wchar_t argv0[MAX_PATH]; |
1018 |
+ wchar_t *cmdline = NULL; |
|
1018 | 1019 |
|
1019 | 1020 |
if (!addr) |
1020 | 1021 |
{ |
... | ... |
@@ -1039,7 +1040,7 @@ netsh_dns_cmd(const wchar_t *action, const wchar_t *proto, const wchar_t *if_nam |
1039 | 1039 |
|
1040 | 1040 |
/* max cmdline length in wchars -- include room for worst case and some */ |
1041 | 1041 |
size_t ncmdline = wcslen(fmt) + wcslen(if_name) + wcslen(addr) + 32 + 1; |
1042 |
- wchar_t *cmdline = malloc(ncmdline*sizeof(wchar_t)); |
|
1042 |
+ cmdline = malloc(ncmdline*sizeof(wchar_t)); |
|
1043 | 1043 |
if (!cmdline) |
1044 | 1044 |
{ |
1045 | 1045 |
err = ERROR_OUTOFMEMORY; |
... | ... |
@@ -1350,7 +1351,7 @@ RunOpenvpn(LPVOID p) |
1350 | 1350 |
{ |
1351 | 1351 |
HANDLE pipe = p; |
1352 | 1352 |
HANDLE ovpn_pipe, svc_pipe; |
1353 |
- PTOKEN_USER svc_user, ovpn_user; |
|
1353 |
+ PTOKEN_USER svc_user = NULL, ovpn_user = NULL; |
|
1354 | 1354 |
HANDLE svc_token = NULL, imp_token = NULL, pri_token = NULL; |
1355 | 1355 |
HANDLE stdin_read = NULL, stdin_write = NULL; |
1356 | 1356 |
HANDLE stdout_write = NULL; |
... | ... |
@@ -1403,7 +1404,6 @@ RunOpenvpn(LPVOID p) |
1403 | 1403 |
goto out; |
1404 | 1404 |
} |
1405 | 1405 |
len = 0; |
1406 |
- svc_user = NULL; |
|
1407 | 1406 |
while (!GetTokenInformation(svc_token, TokenUser, svc_user, len, &len)) |
1408 | 1407 |
{ |
1409 | 1408 |
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) |
... | ... |
@@ -1436,7 +1436,6 @@ RunOpenvpn(LPVOID p) |
1436 | 1436 |
goto out; |
1437 | 1437 |
} |
1438 | 1438 |
len = 0; |
1439 |
- ovpn_user = NULL; |
|
1440 | 1439 |
while (!GetTokenInformation(imp_token, TokenUser, ovpn_user, len, &len)) |
1441 | 1440 |
{ |
1442 | 1441 |
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) |