Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Memory leak in Curl_override_sspi_http_realm #635

Closed
ghost opened this issue Feb 4, 2016 · 3 comments
Closed

Memory leak in Curl_override_sspi_http_realm #635

ghost opened this issue Feb 4, 2016 · 3 comments

Comments

@ghost
Copy link

ghost commented Feb 4, 2016

I've fixed a 1 byte memory leak with Curl_override_sspi_http_realm in curl_sasl_sspi.c on line 297. Without being intimately involved in the project I don't want to check it in.

Here is the fix:

CURLcode Curl_override_sspi_http_realm(const char *chlg,
                                       SEC_WINNT_AUTH_IDENTITY *identity)
{
  xcharp_u domain, dup_domain;

  /* If domain is blank or unset, check challenge message for realm */
  if(!identity->Domain || !identity->DomainLength) {
    // --------------------- ADDED BELOW -----------------------------
    if( identity->Domain )
    {
      // free the domain due to strdup
      free(identity->Domain);
      identity->Domain = NULL;
    }
@jay jay added the memory-leak label Feb 4, 2016
@jay
Copy link
Member

jay commented Feb 4, 2016

Ah. The default is a dup of a zero length string so it looks like that is possible. I think only if we are updating the domain pointer would we free the old one, so:

--- a/lib/curl_sasl_sspi.c
+++ b/lib/curl_sasl_sspi.c
@@ -316,6 +316,7 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg,
             Curl_unicodefree(domain.tchar_ptr);
             return CURLE_OUT_OF_MEMORY;
           }
+          free(identity->Domain);
           identity->Domain = dup_domain.tbyte_ptr;
           identity->DomainLength = curlx_uztoul(_tcslen(dup_domain.tchar_ptr));
           dup_domain.tchar_ptr = NULL;

Can you try that?

@jay jay changed the title Memory leak fix Memory leak in Curl_override_sspi_http_realm Feb 4, 2016
@ghost
Copy link
Author

ghost commented Feb 4, 2016

Yes, that works fine. Wouldn't it be better not initialize with strdup("") and just leave as NULL?

Thanks,
Jay

jay added a commit that referenced this issue Feb 4, 2016
Free an existing domain before replacing it.

Bug: #635
Reported-by: silveja1@users.noreply.github.com
@jay
Copy link
Member

jay commented Feb 4, 2016

No, we need a pointer to a domain even if it's zero length. There's no guarantee the domain will be replaced, that's why I changed it to free only if there's a replacement. Landed in 742deff, thanks!

@jay jay closed this as completed Feb 4, 2016
@lock lock bot locked as resolved and limited conversation to collaborators May 7, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

1 participant