From b42486f35b2f25c0ed532826d7b4cb77d48fea70 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Mon, 6 Nov 2017 19:10:42 +0000
Subject: [PATCH 4/6] do_noncefile_create: Avoid freeing uninitialized memory
 on error

We could free all of these without having ever successfully
initialized them.

Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103597
---
 dbus/dbus-nonce.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/dbus/dbus-nonce.c b/dbus/dbus-nonce.c
index 49f87369..7f3118cd 100644
--- a/dbus/dbus-nonce.c
+++ b/dbus/dbus-nonce.c
@@ -280,6 +280,12 @@ do_noncefile_create (DBusNonceFile *noncefile,
 
     _dbus_assert (noncefile);
 
+    /* Make it valid to "free" these even if _dbus_string_init() runs
+     * out of memory: see comment in do_check_nonce() */
+    _dbus_string_init_const (&randomStr, "");
+    _dbus_string_init_const (&noncefile->dir, "");
+    _dbus_string_init_const (&noncefile->path, "");
+
     if (!_dbus_string_init (&randomStr))
       {
         dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
-- 
2.15.0