[
https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Darroch updated ZOOKEEPER-466:
------------------------------------
Attachment: ZOOKEEPER-466.patch
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Fix For: 3.2.1
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every
> element in the auth list; that function frees any memory pointed to by
> auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set
> to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The
> result is uninitialized data in auth->auth.buff in free_auth_info(), and
> potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it
> works for me but may not always on all systems as it depends on the
> uninitialized data being non-zero; there's not really a simple way I can see
> to trigger this in the current test framework. The patch also fixes the
> problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
