Fix memleak on signature checking failure

- early exit from header iteration loop could previously leak from unfreed
  buf and header iterator
(cherry picked from commit 05e16d415492f4925782e3fcf6ef155cbdf124c3)

diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c
index 703dee5..f7bd6dc 100644 (file)
--- a/lib/rpmchecksig.c
+++ b/lib/rpmchecksig.c
@@ -562,7 +562,7 @@ int rpmVerifySignatures(QVA_t qva, rpmts ts, FD_t fd,
     pgpDig dig = NULL;
     pgpDigParams sigp;
     Header sigh = NULL;
-    HeaderIterator hi;
+    HeaderIterator hi = NULL;
     char * msg;
     int res = 0;
     int xx;
@@ -759,7 +759,6 @@ int rpmVerifySignatures(QVA_t qva, rpmts ts, FD_t fd,
        free(msg);
        buf = b;
     }
-    hi = headerFreeIterator(hi);
 
     res += failed;
 
@@ -775,12 +774,13 @@ int rpmVerifySignatures(QVA_t qva, rpmts ts, FD_t fd,
               untrustedKeys ? untrustedKeys : "",
               untrustedKeys ? _(")") : "");
     }
-    free(buf);
     free(missingKeys);
     free(untrustedKeys);
 
 exit:
+    free(buf);
     sigh = rpmFreeSignature(sigh);
+    hi = headerFreeIterator(hi);
     rpmKeyringFree(keyring);
     pgpFreeDig(dig);
     return res;