mirror of
https://github.com/docker/docker-credential-helpers.git
synced 2026-06-13 16:01:28 +05:30
Justin Cormack
87c80bfba5
The code was set up so that it would free the individual items and the data in `freeListData`, but there was already a Go `defer` to free the data item, resulting in a double free. Remove the `free` in `freeListData` and leave the original one. In addition, move the `defer` for freeing the list data before the error check, so that the data is also free in the error case. This just removes a minor leak. This vulnerability was discovered by: Jasiel Spelman of Trend Micro Zero Day Initiative and Trend Micro Team Nebula Signed-off-by: Justin Cormack <justin.cormack@docker.com>