From 43169c520292397439bd70fb74e9505d371f7c72 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@collabora.co.uk>
Date: Sun, 14 Aug 2011 18:45:19 +0200
Subject: Safer initialization of individually initialized module.

 * More checks for out of memory.
 * Take more of the same code paths when initializing a single
   module as when initializing registered, or loading from file.
 * Cleanup halfway initialized globals if fail during init.
---
 p11-kit/modules.c | 36 ++++++++++++++++++++++++++++++------
 1 file changed, 30 insertions(+), 6 deletions(-)

diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index 9771e6b..693d342 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -971,21 +971,37 @@ p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module)
 			if (mod == NULL) {
 				debug ("allocating new module");
 				allocated = mod = alloc_module_unlocked ();
-				mod->funcs = module;
+				if (mod == NULL)
+					rv = CKR_HOST_MEMORY;
+				else
+					mod->funcs = module;
 			}
 
-			/* WARNING: Reentrancy can occur here */
-			rv = initialize_module_unlocked_reentrant (mod);
-
 			/* If this was newly allocated, add it to the list */
 			if (rv == CKR_OK && allocated) {
-				hash_set (gl.modules, allocated->funcs, allocated);
-				allocated = NULL;
+				if (hash_set (gl.modules, allocated->funcs, allocated))
+					allocated = NULL;
+				else
+					rv = CKR_HOST_MEMORY;
+			}
+
+			if (rv == CKR_OK) {
+
+				/* WARNING: Reentrancy can occur here */
+				rv = initialize_module_unlocked_reentrant (mod);
 			}
 
 			free (allocated);
 		}
 
+		/*
+		 * If initialization failed, we may need to cleanup.
+		 * If we added this module above, then this will
+		 * clean things up as expected.
+		 */
+		if (rv != CKR_OK)
+			free_modules_when_no_refs_unlocked ();
+
 		_p11_kit_default_message (rv);
 
 	_p11_unlock ();
@@ -1109,6 +1125,14 @@ p11_kit_load_initialize_module (const char *module_path,
 		if (rv == CKR_OK && module)
 			*module = mod->funcs;
 
+		/*
+		 * If initialization failed, we may need to cleanup.
+		 * If we added this module above, then this will
+		 * clean things up as expected.
+		 */
+		if (rv != CKR_OK)
+			free_modules_when_no_refs_unlocked ();
+
 		_p11_kit_default_message (rv);
 
 	_p11_unlock ();
-- 
cgit v1.1