aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJulien Chaffraix <julien.chaffraix@gmail.com>2010-09-26 22:44:42 -0700
committerJulien Chaffraix <julien.chaffraix@gmail.com>2010-09-28 22:05:24 -0700
commit87badbef846c29359f2981076d53acd108b57254 (patch)
treeadc5bf60fa2fb04cd08eab05a887286276536122 /lib
parente3811ed7c34ed1818dc246af54460fea0fc52c02 (diff)
krb5-gssapi: Remove several memory leaks.
Remove a leak seen on Kerberos/MIT (gss_OID is copied internally and we were leaking it). Now we just pass NULL as advised in RFC2744. |tmp| was never set back to buf->data. Cleaned up Curl_sec_end to take into account failure in Curl_sec_login (where conn->mech would be NULL but not conn->app_data or conn->in_buffer->data).
Diffstat (limited to 'lib')
-rw-r--r--lib/krb5.c4
-rw-r--r--lib/security.c15
2 files changed, 14 insertions, 5 deletions
diff --git a/lib/krb5.c b/lib/krb5.c
index 9fb44f2d7..28c6a2528 100644
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -218,8 +218,8 @@ krb5_auth(void *app_data, struct connectdata *conn)
continue;
}
{
- gss_OID t;
- gss_display_name(&min, gssname, &gssbuf, &t);
+ /* We pass NULL as |output_name_type| to avoid a leak. */
+ gss_display_name(&min, gssname, &gssbuf, NULL);
Curl_infof(data, "Trying against %s\n", gssbuf.value);
gss_release_buffer(&min, &gssbuf);
}
diff --git a/lib/security.c b/lib/security.c
index 303a1bec6..73a554016 100644
--- a/lib/security.c
+++ b/lib/security.c
@@ -216,6 +216,7 @@ static CURLcode read_data(struct connectdata *conn,
if (tmp == NULL)
return CURLE_OUT_OF_MEMORY;
+ buf->data = tmp;
ret = socket_read(fd, buf->data, len);
if (ret != CURLE_OK)
return ret;
@@ -567,12 +568,20 @@ Curl_sec_login(struct connectdata *conn)
void
Curl_sec_end(struct connectdata *conn)
{
- if(conn->mech != NULL) {
- if(conn->mech->end)
- conn->mech->end(conn->app_data);
+ if(conn->mech != NULL && conn->mech->end)
+ conn->mech->end(conn->app_data);
+ if(conn->app_data) {
free(conn->app_data);
conn->app_data = NULL;
}
+ if(conn->in_buffer.data) {
+ free(conn->in_buffer.data);
+ conn->in_buffer.data = NULL;
+ conn->in_buffer.size = 0;
+ conn->in_buffer.index = 0;
+ /* FIXME: Is this really needed? */
+ conn->in_buffer.eof_flag = 0;
+ }
conn->sec_complete = 0;
conn->data_prot = (enum protection_level)0;
conn->mech = NULL;