[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Darroch updated ZOOKEEPER-466: ------------------------------------ Attachment: ZOOKEEPER-466.patch > crash on zookeeper_close() when using auth with empty cert > ---------------------------------------------------------- > > Key: ZOOKEEPER-466 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466 > Project: Zookeeper > Issue Type: Bug > Components: c client > Affects Versions: 3.2.0 > Reporter: Chris Darroch > Fix For: 3.2.1 > > Attachments: ZOOKEEPER-466.patch > > > The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every > element in the auth list; that function frees any memory pointed to by > auth->auth.buff if that field is non-NULL. > In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set > to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The > result is uninitialized data in auth->auth.buff in free_auth_info(), and > potential crashes. > The attached patch adds a test which attempts to duplicate this error; it > works for me but may not always on all systems as it depends on the > uninitialized data being non-zero; there's not really a simple way I can see > to trigger this in the current test framework. The patch also fixes the > problem, I believe. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.