Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Memory leak in Curl_override_sspi_http_realm #635

Closed
silveja1 opened this issue Feb 4, 2016 · 3 comments
Closed

Memory leak in Curl_override_sspi_http_realm #635

silveja1 opened this issue Feb 4, 2016 · 3 comments
Labels

Comments

@silveja1
Copy link

@silveja1 silveja1 commented Feb 4, 2016

I've fixed a 1 byte memory leak with Curl_override_sspi_http_realm in curl_sasl_sspi.c on line 297. Without being intimately involved in the project I don't want to check it in.

Here is the fix:

CURLcode Curl_override_sspi_http_realm(const char *chlg,
                                       SEC_WINNT_AUTH_IDENTITY *identity)
{
  xcharp_u domain, dup_domain;

  /* If domain is blank or unset, check challenge message for realm */
  if(!identity->Domain || !identity->DomainLength) {
    // --------------------- ADDED BELOW -----------------------------
    if( identity->Domain )
    {
      // free the domain due to strdup
      free(identity->Domain);
      identity->Domain = NULL;
    }
@jay jay added the memory-leak label Feb 4, 2016
@jay
Copy link
Member

@jay jay commented Feb 4, 2016

Ah. The default is a dup of a zero length string so it looks like that is possible. I think only if we are updating the domain pointer would we free the old one, so:

--- a/lib/curl_sasl_sspi.c
+++ b/lib/curl_sasl_sspi.c
@@ -316,6 +316,7 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg,
             Curl_unicodefree(domain.tchar_ptr);
             return CURLE_OUT_OF_MEMORY;
           }
+          free(identity->Domain);
           identity->Domain = dup_domain.tbyte_ptr;
           identity->DomainLength = curlx_uztoul(_tcslen(dup_domain.tchar_ptr));
           dup_domain.tchar_ptr = NULL;

Can you try that?

@jay jay changed the title Memory leak fix Memory leak in Curl_override_sspi_http_realm Feb 4, 2016
@silveja1
Copy link
Author

@silveja1 silveja1 commented Feb 4, 2016

Yes, that works fine. Wouldn't it be better not initialize with strdup("") and just leave as NULL?

Thanks,
Jay

jay added a commit that referenced this issue Feb 4, 2016
Free an existing domain before replacing it.

Bug: #635
Reported-by: silveja1@users.noreply.github.com
@jay
Copy link
Member

@jay jay commented Feb 4, 2016

No, we need a pointer to a domain even if it's zero length. There's no guarantee the domain will be replaced, that's why I changed it to free only if there's a replacement. Landed in 742deff, thanks!

@jay jay closed this Feb 4, 2016
@lock lock bot locked as resolved and limited conversation to collaborators May 7, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.