[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Correct fix for freeing prompts->result (ITS#2325)
--XXWio9xG+59OE3g9
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
* Kurt D. Zeilenga (Kurt@OpenLDAP.org) wrote:
> At 10:08 AM 2/21/2003, Stephen Frost wrote:
> >Unfortunately this runs basically the same code path the first did, with
> >the same problem. The problem is that the call to sasl_client_start
> >will populate 'prompts' with some value but does not touch
> >'prompts->result', which can therefore be anything.
>=20
> Argh!
Annoying, isn't it? :)
> Checking in libldap/cyrus.c;
> /repo/OpenLDAP/pkg/ldap/libraries/libldap/cyrus.c,v <-- cyrus.c
> new revision: 1.79; previous revision: 1.78
> done
> Checking in liblutil/sasl.c;
> /repo/OpenLDAP/pkg/ldap/libraries/liblutil/sasl.c,v <-- sasl.c
> new revision: 1.15; previous revision: 1.14
These versions worked for me.
> >When this is
> >not-NULL the 'if( interact && interact->result ) {' check in sasl.c will
> >return true and an attempt will be made to free an unallocated pointer,
> >thus the segfault.
> >
> >In general I like the idea of having the pointer freed in the same
> >library where it's allocated.
>=20
> It's actually required on platforms that support multiple
> heaps per library. (which means the patch I just committed
> needs a bit more work)
Interesting. Well, as you noted if you're going to make sure that's
done you'll need to change the LDAP_FREE((void*)promptresult); to a call
into the library for the free. Additionally, you might check and make
sure it's not already been free'd and reset to NULL (or maybe the
LDAP_FREE macro does that, I forget).
Thanks,
Stephen
--XXWio9xG+59OE3g9
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+VnYIrzgMPqB3kigRAsWeAJ9tVRGAG3lZgyM+Bhv3RDt26HIDGQCgmwQm
Q9HZ/epWSJLQGjJ0vWpOvAI=
=gVt2
-----END PGP SIGNATURE-----
--XXWio9xG+59OE3g9--