Module Name: src Committed By: mrg Date: Mon Nov 19 04:13:09 UTC 2018
Modified Files: src/libexec/httpd: auth-bozo.c Log Message: avoid memory leak in sending multiple auth headers. mostly mitigated by previous patch to limit total header size, but still a real problem here. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/libexec/httpd/auth-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/libexec/httpd/auth-bozo.c diff -u src/libexec/httpd/auth-bozo.c:1.18 src/libexec/httpd/auth-bozo.c:1.19 --- src/libexec/httpd/auth-bozo.c:1.18 Sun Dec 27 10:21:35 2015 +++ src/libexec/httpd/auth-bozo.c Mon Nov 19 04:13:09 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: auth-bozo.c,v 1.18 2015/12/27 10:21:35 mrg Exp $ */ +/* $NetBSD: auth-bozo.c,v 1.19 2018/11/19 04:13:09 mrg Exp $ */ /* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */ @@ -147,6 +147,10 @@ bozo_auth_check_headers(bozo_httpreq_t * char *pass = NULL; ssize_t alen; + /* free prior entries. */ + free(request->hr_authuser); + free(request->hr_authpass); + alen = base64_decode((unsigned char *)str + 6, (size_t)(len - 6), (unsigned char *)authbuf, @@ -158,8 +162,6 @@ bozo_auth_check_headers(bozo_httpreq_t * return bozo_http_error(httpd, 400, request, "bad authorization field"); *pass++ = '\0'; - free(request->hr_authuser); - free(request->hr_authpass); request->hr_authuser = bozostrdup(httpd, request, authbuf); request->hr_authpass = bozostrdup(httpd, request, pass); debug((httpd, DEBUG_FAT,