do_noncefile_create: Avoid freeing uninitialized memory on error

We could free all of these without having ever successfully
initialized them.

Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103597
(cherry picked from commit 6d08f5c04e601f16ef4ee2126a90c924b7e26df0)

diff --git a/dbus/dbus-nonce.c b/dbus/dbus-nonce.c
index 49f8736..7f3118c 100644 (file)
--- a/dbus/dbus-nonce.c
+++ b/dbus/dbus-nonce.c
@@ -280,6 +280,12 @@ do_noncefile_create (DBusNonceFile *noncefile,
 
     _dbus_assert (noncefile);
 
+    /* Make it valid to "free" these even if _dbus_string_init() runs
+     * out of memory: see comment in do_check_nonce() */
+    _dbus_string_init_const (&randomStr, "");
+    _dbus_string_init_const (&noncefile->dir, "");
+    _dbus_string_init_const (&noncefile->path, "");
+
     if (!_dbus_string_init (&randomStr))
       {
         dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);