Module Name: src
Committed By: shm
Date: Tue Sep 19 07:51:43 UTC 2023
Modified Files:
src/libexec/httpd: auth-bozo.c
Log Message:
Fix hr_authrealm memory leak
hr_authrealm might be already set, so we need to free it before overwriting
the value
To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/libexec/httpd/auth-bozo.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/httpd/auth-bozo.c
diff -u src/libexec/httpd/auth-bozo.c:1.27 src/libexec/httpd/auth-bozo.c:1.28
--- src/libexec/httpd/auth-bozo.c:1.27 Wed May 5 07:41:48 2021
+++ src/libexec/httpd/auth-bozo.c Tue Sep 19 07:51:43 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: auth-bozo.c,v 1.27 2021/05/05 07:41:48 mrg Exp $ */
+/* $NetBSD: auth-bozo.c,v 1.28 2023/09/19 07:51:43 shm Exp $ */
/* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */
@@ -67,6 +67,11 @@ bozo_auth_check(bozo_httpreq_t *request,
if (bozo_check_special_files(request, basename, true))
return 1;
}
+
+ /* we might be called from cgi code again with the hr_authrealm
+ * already set */
+ if (request->hr_authrealm)
+ free(request->hr_authrealm);
request->hr_authrealm = bozostrdup(httpd, request, dir);
if ((size_t)snprintf(authfile, sizeof(authfile), "%s/%s", dir,
