[glib: 1/2] gtlscertificate: Hold a ref on the root certificate when building chains

[Emmanuele Bassi <ebassi src gnome org>]

commit 2c75c392eb76a12c3fd18b63508b1f971a3afecd
Author: Philip Withnall <pwithnall endlessos org>
Date:   Tue Jun 21 12:10:06 2022 +0100

    gtlscertificate: Hold a ref on the root certificate when building chains
    
    This is unlikely to be a bug in practice, as the certificate pointed to
    by `root` should have a ref held on it as the issuer of another
    certificate in the chain.
    
    However, we can’t guarantee that’s how the `GTlsCertificate`
    implementation behaves, so keep a temporary ref on `root` until it’s no
    longer needed.
    
    Signed-off-by: Philip Withnall <pwithnall endlessos org>
    
    Coverity CID: #1489985

 gio/gtlscertificate.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
---
diff --git a/gio/gtlscertificate.c b/gio/gtlscertificate.c
index 4374ac21a2..ca09b180ae 100644
--- a/gio/gtlscertificate.c
+++ b/gio/gtlscertificate.c
@@ -626,7 +626,7 @@ create_certificate_chain_from_list (GSList       *pem_list,
 
       /* root will point to the last certificate in the file. */
       if (!root)
-        root = cert;
+        root = g_object_ref (cert);
 
       pem = g_slist_next (pem);
     }
@@ -641,6 +641,8 @@ create_certificate_chain_from_list (GSList       *pem_list,
       g_clear_object (&cert);
     }
 
+  g_clear_object (&root);
+
   return cert;
 }