From 87badbef846c29359f2981076d53acd108b57254 Mon Sep 17 00:00:00 2001 From: Julien Chaffraix Date: Sun, 26 Sep 2010 22:44:42 -0700 Subject: krb5-gssapi: Remove several memory leaks. Remove a leak seen on Kerberos/MIT (gss_OID is copied internally and we were leaking it). Now we just pass NULL as advised in RFC2744. |tmp| was never set back to buf->data. Cleaned up Curl_sec_end to take into account failure in Curl_sec_login (where conn->mech would be NULL but not conn->app_data or conn->in_buffer->data). --- lib/krb5.c | 4 ++-- lib/security.c | 15 ++++++++++++--- 2 files changed, 14 insertions(+), 5 deletions(-) (limited to 'lib') diff --git a/lib/krb5.c b/lib/krb5.c index 9fb44f2d7..28c6a2528 100644 --- a/lib/krb5.c +++ b/lib/krb5.c @@ -218,8 +218,8 @@ krb5_auth(void *app_data, struct connectdata *conn) continue; } { - gss_OID t; - gss_display_name(&min, gssname, &gssbuf, &t); + /* We pass NULL as |output_name_type| to avoid a leak. */ + gss_display_name(&min, gssname, &gssbuf, NULL); Curl_infof(data, "Trying against %s\n", gssbuf.value); gss_release_buffer(&min, &gssbuf); } diff --git a/lib/security.c b/lib/security.c index 303a1bec6..73a554016 100644 --- a/lib/security.c +++ b/lib/security.c @@ -216,6 +216,7 @@ static CURLcode read_data(struct connectdata *conn, if (tmp == NULL) return CURLE_OUT_OF_MEMORY; + buf->data = tmp; ret = socket_read(fd, buf->data, len); if (ret != CURLE_OK) return ret; @@ -567,12 +568,20 @@ Curl_sec_login(struct connectdata *conn) void Curl_sec_end(struct connectdata *conn) { - if(conn->mech != NULL) { - if(conn->mech->end) - conn->mech->end(conn->app_data); + if(conn->mech != NULL && conn->mech->end) + conn->mech->end(conn->app_data); + if(conn->app_data) { free(conn->app_data); conn->app_data = NULL; } + if(conn->in_buffer.data) { + free(conn->in_buffer.data); + conn->in_buffer.data = NULL; + conn->in_buffer.size = 0; + conn->in_buffer.index = 0; + /* FIXME: Is this really needed? */ + conn->in_buffer.eof_flag = 0; + } conn->sec_complete = 0; conn->data_prot = (enum protection_level)0; conn->mech = NULL; -- cgit v1.2.3