src/signature: Fix leaking GString in get_pubkey_hash()

The variable 'string' will not be freed on error.
Use g_autoptr to automatically free 'string' and use this to simplify
code.

Fixes coverity issue:
| CID 1445505 (#1 of 1): Resource leak (RESOURCE_LEAK)
| 7. leaked_storage: Variable string going out of scope leaks the storage it points to

Signed-off-by: Enrico Joerns <[email protected]>

src/signature.c

@@ -604,8 +604,7 @@ GBytes *cms_sign(GBytes *content, gboolean detached, const gchar *certfile, cons
 
 gchar* get_pubkey_hash(X509 *cert)
 {
-	gchar *data = NULL;
-	GString *string;
+	g_autoptr(GString) string = NULL;
 	g_autofree unsigned char *der_buf = NULL;
 	unsigned char *tmp_buf = NULL;
 	unsigned int len = 0;
@@ -620,7 +619,7 @@ gchar* get_pubkey_hash(X509 *cert)
 	len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(cert), NULL);
 	if (len <= 0) {
 		g_warning("DER Encoding failed");
-		goto out;
+		return NULL;
 	}
 	/* As i2d_X509_PUBKEY() moves pointer after end of data,
 	 * we must use a tmp pointer, here */
@@ -631,7 +630,7 @@ gchar* get_pubkey_hash(X509 *cert)
 
 	if (!EVP_Digest(der_buf, len, md, &n, EVP_sha256(), NULL)) {
 		g_warning("Error in EVP_Digest");
-		goto out;
+		return NULL;
 	}
 
 	g_assert_cmpint(n, ==, SHA256_DIGEST_LENGTH);
@@ -641,9 +640,7 @@ gchar* get_pubkey_hash(X509 *cert)
 	}
 	g_string_truncate(string, SHA256_DIGEST_LENGTH * 3 - 1);
 
-	data = g_string_free(string, FALSE);
-out:
-	return data;
+	return g_string_free(g_steal_pointer(&string), FALSE);
 }
 
 gchar** get_pubkey_hashes(STACK_OF(X509) *verified_chain)