From b19c7abd417e62dbb08a8d3aa4db96ce9cfd0830 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Fri, 30 Oct 2020 17:03:20 +0100 Subject: [PATCH] Fix potential TunDispatchSecurityDescriptor leak TunDispatchSecurityDescriptor will leak if RtlAbsoluteToSelfRelativeSD fails. Add cleanup in error path. Reported-by: Shawn Hoffman Signed-off-by: Jason A. Donenfeld --- wintun.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/wintun.c b/wintun.c index 12ef467..9e10e13 100644 --- a/wintun.c +++ b/wintun.c @@ -816,7 +816,10 @@ static NTSTATUS TunInitializeDispatchSecurityDescriptor(VOID) return STATUS_INSUFFICIENT_RESOURCES; Status = RtlAbsoluteToSelfRelativeSD(&SecurityDescriptor, TunDispatchSecurityDescriptor, &RequiredBytes); if (!NT_SUCCESS(Status)) + { + ExFreePoolWithTag(TunDispatchSecurityDescriptor, TUN_MEMORY_TAG); return Status; + } return STATUS_SUCCESS; }