From adb25fb27481d7f98d83aaeffb65343274b215e3 Mon Sep 17 00:00:00 2001 From: Alexander Larsson Date: Thu, 8 Oct 2020 15:27:14 +0200 Subject: [PATCH] oci-authenticator: Fix crash if anon auth fails and no_interaction is set We were clearing the error from the anon test, and then not doing any non-anon auth, so error was NULL, causing a crash when returning an error message. (cherry picked from commit 180d807d2a9216ae0da07ec049bd66477fbb3150) --- oci-authenticator/flatpak-oci-authenticator.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/oci-authenticator/flatpak-oci-authenticator.c b/oci-authenticator/flatpak-oci-authenticator.c index 14654174..70f40fe3 100644 --- a/oci-authenticator/flatpak-oci-authenticator.c +++ b/oci-authenticator/flatpak-oci-authenticator.c @@ -451,6 +451,7 @@ handle_request_ref_tokens (FlatpakAuthenticator *f_authenticator, { g_autofree char *request_path = NULL; g_autoptr(GError) error = NULL; + g_autoptr(GError) anon_error = NULL; g_autoptr(AutoFlatpakAuthenticatorRequest) request = NULL; const char *auth = NULL; gboolean have_auth; @@ -520,15 +521,14 @@ handle_request_ref_tokens (FlatpakAuthenticator *f_authenticator, g_debug ("Trying anonymous authentication"); - first_token = get_token_for_ref (registry, ref_data, NULL, &error); + first_token = get_token_for_ref (registry, ref_data, NULL, &anon_error); if (first_token != NULL) have_auth = TRUE; else { - if (g_error_matches (error, FLATPAK_ERROR, FLATPAK_ERROR_NOT_AUTHORIZED)) + if (g_error_matches (anon_error, FLATPAK_ERROR, FLATPAK_ERROR_NOT_AUTHORIZED)) { - g_debug ("Anonymous authentication failed: %s", error->message); - g_clear_error (&error); + g_debug ("Anonymous authentication failed: %s", anon_error->message); /* Continue trying with authentication below */ } @@ -538,7 +538,7 @@ handle_request_ref_tokens (FlatpakAuthenticator *f_authenticator, * that adding some authentication will fix it. It will just cause a bad UX like * described in #3753, so just return the error early. */ - return error_request (request, sender, error); + return error_request (request, sender, anon_error); } } } @@ -582,8 +582,8 @@ handle_request_ref_tokens (FlatpakAuthenticator *f_authenticator, } } - if (!have_auth) - return error_request (request, sender, error); + if (!have_auth && n_refs > 0) + return error_request (request, sender, error ? error : anon_error); g_variant_builder_init (&tokens, G_VARIANT_TYPE ("a{sas}"));