Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix hr_authrealm memory leak 

hr_authrealm might be already set, so we need to free it before overwriting
the value
This commit is contained in:
shm 2023-09-19 07:51:43 +00:00
parent 9781eaaf8f
commit 1da23bf4be
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libexec/httpd/auth-bozo.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: auth-bozo.c,v 1.27 2021/05/05 07:41:48 mrg Exp $ */
/* $NetBSD: auth-bozo.c,v 1.28 2023/09/19 07:51:43 shm Exp $ */
/* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */
@ -67,6 +67,11 @@ bozo_auth_check(bozo_httpreq_t *request, const char *file)
if (bozo_check_special_files(request, basename, true))
return 1;
}
/* we might be called from cgi code again with the hr_authrealm
* already set */
if (request->hr_authrealm)
free(request->hr_authrealm);
request->hr_authrealm = bozostrdup(httpd, request, dir);
if ((size_t)snprintf(authfile, sizeof(authfile), "%s/%s", dir,