Unset the `pass_cmd` and `user_cmd` fields as soon as their respective
value have been computed. Besides being a bit more efficient as we will
now only ever invoke the respective command once, this also fixes a real
issue: when calling `ensure_password` or `ensure_user` for a second
time, the previous pointer to the `pass` or `user` field will get freed.
As these functions are used in the middle of the SASL authentication in
`process_sasl_interact`, it can an does in fact cause us to use free'd
memory as we store those pointers in the `sasl_interact_t` structure.
---
src/drv_imap.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/drv_imap.c b/src/drv_imap.c
index d8aff75..4cc5695 100644
--- a/src/drv_imap.c
+++ b/src/drv_imap.c
@@ -1894,6 +1894,8 @@ ensure_user( imap_server_conf_t *srvc )
return 0;
free( srvc->user ); /* From previous runs */
srvc->user = user;
+ free( srvc->user_cmd );
+ srvc->user_cmd = NULL;
} else if (!srvc->user) {
error( "Skipping account %s, no user\n", srvc->name );
return 0;
@@ -1910,6 +1912,8 @@ ensure_password( imap_server_conf_t *srvc )
return 0;
free( srvc->pass ); /* From previous runs */
srvc->pass = pass;
+ free( srvc->pass_cmd );
+ srvc->pass_cmd = NULL;
} else if (!srvc->pass) {
char *pass, prompt[80];
--
2.16.1
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
isync-devel mailing list
isync-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/isync-devel
