[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Correct fix for freeing prompts->result (ITS#2325)



I've committed an alternative fix to libldap/cyrus.c and
liblutil/sasl.c, aside from ensuring that prompt results
are freed, performs this free in the same library which
allocates the results.  Please test.  Thanks, Kurt


At 07:54 AM 2/21/2003, sfrost@snowman.net wrote:
>Full_Name: Stephen Frost
>Version: 2.1.12
>OS: Debian unstable
>URL: http://snowman.net/openldap-fix_cyrus_free.patch
>Submission from: (NULL) (68.106.109.254)
>
>
>  Attached is the correct fix for the cyrus.c free problem.  The patch          
>                   
>  reverts the incorrect attempted fixes in 1.70/1.71 and fixes the              
>                   
>  problem correctly by moving the 'res' int outside the loop so that it         
>                   
>  can be checked against.  The free should only be done if the interact         
>                   
>  call (from the prior loop) returns successfully.  The free should not         
>                   
>  depend on the current value of saslrc since it is reset at the top of         
>                   
>  the loop by sasl_client_start.                                                
>                   
>                                                                                
>                   
>  The problem was caused when prompts was set/allocated by                      
>                   
>  sasl_client_start but prompts->result was not initialized (It is              
>                   
>  expected that the application will allocate/deallocate                        
>                   
>  prompts->result according to SASL documentation).  This meant that            
>                   
>  libldap attempts to free a pointer which had not been allocated,              
>                   
>  causing a segfault.                                                           
>