On Fri, 6 Oct 2023, Wietse Venema via Postfix-users wrote:
> Jozsef Kadlecsik via Postfix-users:
> > + sasl_username = xsasl_server_get_username(state->sasl_server);
> > + if (sasl_username != 0) {
> > + state->sasl_username = mystrdup(sasl_username);
> > + printable(state->sasl_username, '?');
>
> 1) There is no corresponding myfree() call.
I assumed the error path cleans up the state, but yes, I did not verify
that happens for state->sasl_username as well.
> 2) There is no need to 'censor' sasl_username if the name is valid.
>
> 3) In fact the msg() formatter already seems to censor logging;
> there is some redundancy in Postfix code.
I tried to follow the current practice there :-).
> I think I can take it from here.
Great, thank you! Postfix shines in quality, capability and flexibility!
Best regards,
Jozsef
-
E-mail : [email protected], [email protected]
PGP key : https://wigner.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics
H-1525 Budapest 114, POB. 49, Hungary
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
