Fix potential TunDispatchSecurityDescriptor leak

TunDispatchSecurityDescriptor will leak if RtlAbsoluteToSelfRelativeSD fails. Add cleanup in error path. Reported-by: Shawn Hoffman <godisgovernment@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2020-10-30 17:03:20 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2020-10-30 17:04:34 +0100
commit: b19c7abd417e62dbb08a8d3aa4db96ce9cfd0830 (patch)
tree: 103fe03f7577c2f23b0c7f3e510087a134fc38af
parent: Use RtlSubAuthoritySid instead of directly poking SID (diff)
download: wintun-b19c7abd417e62dbb08a8d3aa4db96ce9cfd0830.tar.xz
wintun-b19c7abd417e62dbb08a8d3aa4db96ce9cfd0830.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/wintun.c b/wintun.c
index 12ef467..9e10e13 100644
--- a/wintun.c
+++ b/wintun.c
@@ -816,7 +816,10 @@ static NTSTATUS TunInitializeDispatchSecurityDescriptor(VOID)
         return STATUS_INSUFFICIENT_RESOURCES;
     Status = RtlAbsoluteToSelfRelativeSD(&SecurityDescriptor, TunDispatchSecurityDescriptor, &RequiredBytes);
     if (!NT_SUCCESS(Status))
+    {
+        ExFreePoolWithTag(TunDispatchSecurityDescriptor, TUN_MEMORY_TAG);
         return Status;
+    }
     return STATUS_SUCCESS;
 }
author	Jason A. Donenfeld <Jason@zx2c4.com>	2020-10-30 17:03:20 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2020-10-30 17:04:34 +0100
commit	b19c7abd417e62dbb08a8d3aa4db96ce9cfd0830 (patch)
tree	103fe03f7577c2f23b0c7f3e510087a134fc38af
parent	Use RtlSubAuthoritySid instead of directly poking SID (diff)
download	wintun-b19c7abd417e62dbb08a8d3aa4db96ce9cfd0830.tar.xz wintun-b19c7abd417e62dbb08a8d3aa4db96ce9cfd0830.zip