ACK from me. My Clang static analyzer concurs. On 21.10.2015 01:38, Steffan Karger wrote:
As it says on the tin. aresp would not be free'd nor returned by my_conv() on errors. Note that we never reach this code if allocation of aresp failed.Found with the Clang static analyzer. Signed-off-by: Steffan Karger <stef...@karger.me> --- src/plugins/auth-pam/auth-pam.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c index bd71792..95692ab 100644 --- a/src/plugins/auth-pam/auth-pam.c +++ b/src/plugins/auth-pam/auth-pam.c @@ -642,6 +642,9 @@ my_conv (int n, const struct pam_message **msg_array, if (ret == PAM_SUCCESS) *response_array = aresp; + else + free(aresp); + return ret; }
