# HG changeset patch
# User Mike Becker <universe@uap-core.de>
# Date 1506104340 -7200
# Node ID d721250984d07f9d7ab98ce55df43aed57ab5317
# Parent  8a474d2ad209b73e7f607fb3deedd5d3693d6df2
fixes possible UAF for locktocken paths, if file could not be opened

diff -r 8a474d2ad209 -r d721250984d0 dav/sync.c
--- a/dav/sync.c	Sun Sep 17 17:56:02 2017 +0200
+++ b/dav/sync.c	Fri Sep 22 20:19:00 2017 +0200
@@ -1862,13 +1862,14 @@
     free(fname.ptr);
     
     FILE *file = fopen(path, "w");
-    if(!file) {
+    if(file) {
+        fprintf(file, "%s\n", locktoken);
+        fclose(file);
+        return path;
+    } else {
         perror("Cannot create locktoken file");
         free(path);
+        return NULL;
     }
-    
-    fprintf(file, "%s\n", locktoken);
-    fclose(file);
-    return path;
 }