[taler-merchant] branch master updated: fix use-after-free (#6493)

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-merchant] branch master updated: fix use-after-free (#6493)

From:	gnunet
Subject:	[taler-merchant] branch master updated: fix use-after-free (#6493)
Date:	Tue, 25 Aug 2020 10:52:17 +0200

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository merchant.

The following commit(s) were added to refs/heads/master by this push:
     new f47e0c5  fix use-after-free (#6493)
f47e0c5 is described below

commit f47e0c5d47962f472f814174d46258baeaafdf52
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Aug 25 10:52:14 2020 +0200

    fix use-after-free (#6493)
---
 src/backend/taler-merchant-httpd_get-orders-ID.c | 33 ++++++++++--------------
 1 file changed, 14 insertions(+), 19 deletions(-)

diff --git a/src/backend/taler-merchant-httpd_get-orders-ID.c 
b/src/backend/taler-merchant-httpd_get-orders-ID.c
index 8833329..43e37d3 100644
--- a/src/backend/taler-merchant-httpd_get-orders-ID.c
+++ b/src/backend/taler-merchant-httpd_get-orders-ID.c
@@ -787,40 +787,35 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh,
 
   /* Convert order_id to h_contract_terms */
   TMH_db->preflight (TMH_db->cls);
+  if (NULL == god->contract_terms)
   {
     uint64_t order_serial;
 
-    if (NULL != god->contract_terms)
-    {
-      json_decref (god->contract_terms);
-      god->contract_terms = NULL;
-    }
     qs = TMH_db->lookup_contract_terms (TMH_db->cls,
                                         hc->instance->settings.id,
                                         order_id,
                                         &god->contract_terms,
                                         &order_serial);
-  }
-  if (0 > qs)
-  {
-    /* single, read-only SQL statements should never cause
-       serialization problems */
-    GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR != qs);
-    /* Always report on hard error as well to enable diagnostics */
-    GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR == qs);
-    return TALER_MHD_reply_with_error (connection,
-                                       MHD_HTTP_INTERNAL_SERVER_ERROR,
-                                       TALER_EC_GET_ORDERS_DB_LOOKUP_ERROR,
-                                       "database error looking up contract");
+    if (0 > qs)
+    {
+      /* single, read-only SQL statements should never cause
+         serialization problems */
+      GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR != qs);
+      /* Always report on hard error as well to enable diagnostics */
+      GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR == qs);
+      return TALER_MHD_reply_with_error (connection,
+                                         MHD_HTTP_INTERNAL_SERVER_ERROR,
+                                         TALER_EC_GET_ORDERS_DB_LOOKUP_ERROR,
+                                         "database error looking up contract");
+    }
   }
 
   /* Check client provided the right hash code of the contract terms */
-  if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
+  if (NULL != god->contract_terms)
   {
     struct GNUNET_HashCode h;
 
     contract_available = true;
-
     if (GNUNET_OK !=
         TALER_JSON_contract_hash (god->contract_terms,
                                   &h))

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-merchant] branch master updated: fix use-after-free (#6493), gnunet <=

Prev by Date: [gnunet] branch master updated: remove const from query string in GNUNET_uri
Next by Date: [taler-merchant] branch master updated: fix memory leaks discovered while valgrinding #6493
Previous by thread: [gnunet] branch master updated: remove const from query string in GNUNET_uri
Next by thread: [taler-merchant] branch master updated: fix memory leaks discovered while valgrinding #6493
Index(es):
- Date
- Thread