)]}'
{
  "commit": "19ad78aa1d406d6d4b835234d7cfa5d5aee9034c",
  "tree": "0df91dfafac1ef7f6d0058a3380c95696342ae0f",
  "parents": [
    "fa4ad808026c5b3abede5772bae0fee80783fad2"
  ],
  "author": {
    "name": "Amine Alami",
    "email": "43780877+Alami-Amine@users.noreply.github.com",
    "time": "Fri Jun 12 15:54:30 2026 +0100"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Fri Jun 12 14:54:30 2026 +0000"
  },
  "message": "Use VerifyOrExit/SuccessOrExit instead of early-return where exit: cleanup is required (#72548)\n\n* Route early-return error paths through the goto-exit cleanup\n\nSeveral functions mix the `goto exit:` cleanup idiom (VerifyOrExit /\nSuccessOrExit) with an early-return macro (VerifyOrReturn* /\nReturnErrorOnFailure) that fires above the `exit:` label. On that error path\nthe early return jumps out of the function and skips the cleanup block, even\nthough a resource has already been acquired:\n\n- PASESession::Pair and CASESession::EstablishSession returned directly on a\n  UseSuggestedResponseTimeout failure after the exchange context was emplaced,\n  skipping Clear() (exchange abort, secure-session release, fabric-delegate\n  removal, secret zeroization, metric end).\n- AndroidCommissioningWindowOpener::OnOpenCommissioningWindowResponse and\n  OnOpenBasicCommissioningWindowResponse returned on a null JNIEnv, skipping\n  `delete self` and leaking the opener object and its global JNI reference.\n- NXP S200 (ECDSA_validate_hash_signature, ECDH_derive_secret, Initialize) and\n  se05x (ECDSA_sign_msg, ECDH_derive_secret) returned after the secure-element\n  key object / session was acquired, skipping the SSS_KEY_OBJ_FREE /\n  se05x_close_session cleanup. The se05x ECDH path also dropped a now-redundant\n  duplicate session check.\n- Tizen DnssdTizen::RegisterService returned on an oversized TXT entry after the\n  RegisterContext was created, skipping RemoveRegisterContext.\n- chip-cert X509ToChipCert returned between i2d_X509 and the exit block, skipping\n  OPENSSL_free(derCert).\n\nEach offending early-return is converted to the VerifyOrExit / SuccessOrExit\nform its sibling checks already use, so the error path runs the existing\ncleanup. The affected branches are not reachable on the normal success path, so\nbehavior on currently-reachable paths is unchanged.\n\n* Fix goto bypassing variable initialization in two converted paths\n\nThe previous commit converted two early-returns to VerifyOrExit, but in\nthese two functions the resulting `goto exit` jumps over a later local with\nnon-vacuous initialization that is still in scope at the `exit:` label, which\nis ill-formed C++:\n\n- AndroidCommissioningWindowOpener::OnOpenCommissioningWindowResponse: the\n  goto bypassed `JniLocalReferenceScope scope(env)`. Handle the null JNIEnv\n  with an explicit cleanup-and-return, matching the structure of\n  OnOpenBasicCommissioningWindowResponse.\n- se05x P256KeypairSE05x::ECDH_derive_secret: the goto bypassed the const\n  rem_pubKey / rem_pubKeyLen locals. Move the session check back below those\n  declarations so the only remaining check routes to the cleanup without\n  skipping any initialization.",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "ff0d73133ef20a08af45bc065f61b7b9c2d7a108",
      "old_mode": 33188,
      "old_path": "src/controller/java/AndroidCommissioningWindowOpener.cpp",
      "new_id": "57d5dd4654c673529d4292590b96593d4b36c226",
      "new_mode": 33188,
      "new_path": "src/controller/java/AndroidCommissioningWindowOpener.cpp"
    },
    {
      "type": "modify",
      "old_id": "2926a3d58fde7e4b805de91be7a14d94bf5a2c7f",
      "old_mode": 33188,
      "old_path": "src/platform/Tizen/DnssdImpl.cpp",
      "new_id": "d538ce88316612c11fdafc1c4cc039d03579da7d",
      "new_mode": 33188,
      "new_path": "src/platform/Tizen/DnssdImpl.cpp"
    },
    {
      "type": "modify",
      "old_id": "23ce936f34bba2871e667b58e08dd1d3a5f66035",
      "old_mode": 33188,
      "old_path": "src/platform/nxp/common/crypto/S200/CHIPCryptoPalS200.cpp",
      "new_id": "03951de469be57cfc5b826d858cb00dd293f36a9",
      "new_mode": 33188,
      "new_path": "src/platform/nxp/common/crypto/S200/CHIPCryptoPalS200.cpp"
    },
    {
      "type": "modify",
      "old_id": "afea59b27af2ffbf448b95319d1b2af19b1c9f82",
      "old_mode": 33188,
      "old_path": "src/platform/nxp/crypto/se05x/CHIPCryptoPALHsm_se05x_p256.cpp",
      "new_id": "dfe1845604327b5d918a76d02030223d10c57bad",
      "new_mode": 33188,
      "new_path": "src/platform/nxp/crypto/se05x/CHIPCryptoPALHsm_se05x_p256.cpp"
    },
    {
      "type": "modify",
      "old_id": "aa78b8676405f5f45196e73d9c9c52995ba94945",
      "old_mode": 33188,
      "old_path": "src/protocols/secure_channel/CASESession.cpp",
      "new_id": "26d2b5b7725a195398773763bc902cd51c772b32",
      "new_mode": 33188,
      "new_path": "src/protocols/secure_channel/CASESession.cpp"
    },
    {
      "type": "modify",
      "old_id": "2499c315d0eb73c71e773d9f263e002fc5de51b6",
      "old_mode": 33188,
      "old_path": "src/protocols/secure_channel/PASESession.cpp",
      "new_id": "4ecc979cb58a43ce0e9f9f2e7c5b5e54b85c6d47",
      "new_mode": 33188,
      "new_path": "src/protocols/secure_channel/PASESession.cpp"
    },
    {
      "type": "modify",
      "old_id": "43be0ced2e9b91a1eb4cd2468b5db8601c05b4d6",
      "old_mode": 33188,
      "old_path": "src/tools/chip-cert/CertUtils.cpp",
      "new_id": "6052fbc5f96bbe328a3c93726e1c2c84416f7ba8",
      "new_mode": 33188,
      "new_path": "src/tools/chip-cert/CertUtils.cpp"
    }
  ]
}
