Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/libexec/httpd Fixed memory leak in case of multiple authenti...
details: https://anonhg.NetBSD.org/src/rev/b9d9a8749a43
branches: trunk
changeset: 333899:b9d9a8749a43
user: shm <shm%NetBSD.org@localhost>
date: Fri Nov 21 08:58:28 2014 +0000
description:
Fixed memory leak in case of multiple authentication headers sent by the
client.
OK mrg@
diffstat:
libexec/httpd/auth-bozo.c | 11 ++++++++++-
libexec/httpd/bozohttpd.c | 3 ++-
libexec/httpd/bozohttpd.h | 4 +++-
3 files changed, 15 insertions(+), 3 deletions(-)
diffs (74 lines):
diff -r 5a5a70f6257f -r b9d9a8749a43 libexec/httpd/auth-bozo.c
--- a/libexec/httpd/auth-bozo.c Fri Nov 21 08:54:12 2014 +0000
+++ b/libexec/httpd/auth-bozo.c Fri Nov 21 08:58:28 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: auth-bozo.c,v 1.13 2014/07/08 14:01:21 mrg Exp $ */
+/* $NetBSD: auth-bozo.c,v 1.14 2014/11/21 08:58:28 shm Exp $ */
/* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */
@@ -118,6 +118,13 @@
}
void
+bozo_auth_init(bozo_httpreq_t *request)
+{
+ request->hr_authuser = NULL;
+ request->hr_authpass = NULL;
+}
+
+void
bozo_auth_cleanup(bozo_httpreq_t *request)
{
@@ -150,6 +157,8 @@
return bozo_http_error(httpd, 400, request,
"bad authorization field");
*pass++ = '\0';
+ free(request->hr_authuser);
+ free(request->hr_authpass);
request->hr_authuser = bozostrdup(httpd, authbuf);
request->hr_authpass = bozostrdup(httpd, pass);
debug((httpd, DEBUG_FAT,
diff -r 5a5a70f6257f -r b9d9a8749a43 libexec/httpd/bozohttpd.c
--- a/libexec/httpd/bozohttpd.c Fri Nov 21 08:54:12 2014 +0000
+++ b/libexec/httpd/bozohttpd.c Fri Nov 21 08:58:28 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.c,v 1.58 2014/11/21 08:54:12 shm Exp $ */
+/* $NetBSD: bozohttpd.c,v 1.59 2014/11/21 08:58:28 shm Exp $ */
/* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */
@@ -541,6 +541,7 @@
request->hr_virthostname = NULL;
request->hr_file = NULL;
request->hr_oldfile = NULL;
+ bozo_auth_init(request);
slen = sizeof(ss);
if (getpeername(0, (struct sockaddr *)(void *)&ss, &slen) < 0)
diff -r 5a5a70f6257f -r b9d9a8749a43 libexec/httpd/bozohttpd.h
--- a/libexec/httpd/bozohttpd.h Fri Nov 21 08:54:12 2014 +0000
+++ b/libexec/httpd/bozohttpd.h Fri Nov 21 08:58:28 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.h,v 1.33 2014/07/17 06:27:52 mrg Exp $ */
+/* $NetBSD: bozohttpd.h,v 1.34 2014/11/21 08:58:28 shm Exp $ */
/* $eterna: bozohttpd.h,v 1.39 2011/11/18 09:21:15 mrg Exp $ */
@@ -247,6 +247,7 @@
/* auth-bozo.c */
#ifdef DO_HTPASSWD
+void bozo_auth_init(bozo_httpreq_t *);
int bozo_auth_check(bozo_httpreq_t *, const char *);
void bozo_auth_cleanup(bozo_httpreq_t *);
int bozo_auth_check_headers(bozo_httpreq_t *, char *, char *, ssize_t);
@@ -255,6 +256,7 @@
void bozo_auth_cgi_setenv(bozo_httpreq_t *, char ***);
int bozo_auth_cgi_count(bozo_httpreq_t *);
#else
+#define bozo_auth_init(x) do { /* nothing */ } while (0)
#define bozo_auth_check(x, y) 0
#define bozo_auth_cleanup(x) do { /* nothing */ } while (0)
#define bozo_auth_check_headers(y, z, a, b) 0
Home |
Main Index |
Thread Index |
Old Index