crash on zookeeper_close() when using auth with empty cert

                 Key: ZOOKEEPER-466
             Project: Zookeeper
          Issue Type: Bug
          Components: c client
    Affects Versions: 3.2.0
            Reporter: Chris Darroch
             Fix For: 3.2.1

The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every 
element in the auth list; that function frees any memory pointed to by 
auth->auth.buff if that field is non-NULL.

In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 
0, but then not assigned to authinfo->auth when auth.buff is NULL.  The result 
is uninitialized data in auth->auth.buff in free_auth_info(), and potential 

The attached patch adds a test which attempts to duplicate this error; it works 
for me but may not always on all systems as it depends on the uninitialized 
data being non-zero; there's not really a simple way I can see to trigger this 
in the current test framework.  The patch also fixes the problem, I believe.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

Reply via email to