Memory leak in DIGEST-MD5 plugin?
Ken Murchison
murch at andrew.cmu.edu
Tue Jun 14 10:20:52 EDT 2016
Patch applied to git. Thanks!
On 06/10/2016 04:43 PM, Spencer Jackson via Cyrus-sasl wrote:
> Hi, while doing some work with Address Sanitizer, I noticed what
> appears to be a memory leak in the DIGEST-MD5 client mechanism.
>
> In digestmd5_client_mech_step1, on line 4257, is seems that the
> mechanism may allocate a new string on text->realm.
>
> Then, in digestmd5_client_mech_step2 on line 4333, it seems that
> text->realm can be replaced by a realm obtained from the server. But,
> if this memory was allocated on line 4257, then it seems that it is
> never freed.
>
> Line numbers taken from current master at commit
> 76dd88987eb7a916cc56585ccf38232c646483d8.
>
> Adding the line
> if (text->realm) params->utils->free(text->realm);
> to digestmd5_client_mech_step2 before setting the realm seems to have
> addressed the issues raised by Address Sanitizer for me.
>
> Does this look legitimate?
>
> Spencer
--
Kenneth Murchison
Principal Systems Software Engineer
Carnegie Mellon University
More information about the Cyrus-sasl
mailing list