Memory leak in DIGEST-MD5 plugin?
Spencer Jackson
spencer.jackson at mongodb.com
Fri Jun 10 16:43:46 EDT 2016
Hi, while doing some work with Address Sanitizer, I noticed what appears to
be a memory leak in the DIGEST-MD5 client mechanism.
In digestmd5_client_mech_step1, on line 4257, is seems that the mechanism
may allocate a new string on text->realm.
Then, in digestmd5_client_mech_step2 on line 4333, it seems that
text->realm can be replaced by a realm obtained from the server. But, if
this memory was allocated on line 4257, then it seems that it is never
freed.
Line numbers taken from current master at commit
76dd88987eb7a916cc56585ccf38232c646483d8.
Adding the line
if (text->realm) params->utils->free(text->realm);
to digestmd5_client_mech_step2 before setting the realm seems to have
addressed the issues raised by Address Sanitizer for me.
Does this look legitimate?
Spencer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20160610/4bce2818/attachment.html>
More information about the Cyrus-sasl
mailing list