[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Correct fix for freeing prompts->result (ITS#2325)
I've committed an alternative fix to libldap/cyrus.c and
liblutil/sasl.c, aside from ensuring that prompt results
are freed, performs this free in the same library which
allocates the results. Please test. Thanks, Kurt
At 07:54 AM 2/21/2003, sfrost@snowman.net wrote:
>Full_Name: Stephen Frost
>Version: 2.1.12
>OS: Debian unstable
>URL: http://snowman.net/openldap-fix_cyrus_free.patch
>Submission from: (NULL) (68.106.109.254)
>
>
> Attached is the correct fix for the cyrus.c free problem. The patch
>
> reverts the incorrect attempted fixes in 1.70/1.71 and fixes the
>
> problem correctly by moving the 'res' int outside the loop so that it
>
> can be checked against. The free should only be done if the interact
>
> call (from the prior loop) returns successfully. The free should not
>
> depend on the current value of saslrc since it is reset at the top of
>
> the loop by sasl_client_start.
>
>
>
> The problem was caused when prompts was set/allocated by
>
> sasl_client_start but prompts->result was not initialized (It is
>
> expected that the application will allocate/deallocate
>
> prompts->result according to SASL documentation). This meant that
>
> libldap attempts to free a pointer which had not been allocated,
>
> causing a segfault.
>