From 8bf2a4ee81fac43f558570dfb7544a6b0ad65b44 Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Mon, 29 Mar 2021 22:49:34 +0200
Subject: [PATCH] pam_sss: fixed potential mem leak

Fixes following covscan issue:
```
Error: RESOURCE_LEAK (CWE-772): [#def1]
src/sss_client/pam_sss.c:1714: alloc_arg: "asprintf" allocates memory that is stored into "prompt".
src/sss_client/pam_sss.c:1765: leaked_storage: Variable "prompt" going out of scope leaks the storage it points to.
 # 1763|       free(response);
 # 1764|
 # 1765|->     return ret;
 # 1766|   #else
 # 1767|       return ENOTSUP;
```
---
 src/sss_client/pam_sss.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c
index fa5a9694b8..106e301038 100644
--- a/src/sss_client/pam_sss.c
+++ b/src/sss_client/pam_sss.c
@@ -1720,6 +1720,7 @@ static int prompt_multi_cert_gdm(pam_handle_t *pamh, struct pam_items *pi)
         ret = asprintf(&cai->choice_list_id, "%zu", c);
         if (ret == -1) {
             cai->choice_list_id = NULL;
+            free(prompt);
             ret = ENOMEM;
             goto done;
         }