fluidB
/
webdiss
1
0
Fork 0
Code Pull Requests Activity

Fix small leaks in conf.c (fixes #184) (#185)

Browse Source 
1. plaintext was not free'd after encoding credentials
2. ACL commands were duplicated when there was no need to

In both cases the value came from conf_string_or_envvar which always
uses strdup.
master
Jessie Murray 4 years ago committed by GitHub
parent fd3ec5d3ba
commit 4bc0871006
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File

7
src/conf.c
Unescape Escape View File

@ -200,11 +200,7 @@ acl_read_commands(json_t *jlist, struct acl_commands *ac) {
json_t *jelem = json_array_get(jlist, i); json_t *jelem = json_array_get(jlist, i);
if(json_typeof(jelem) == JSON_STRING) { if(json_typeof(jelem) == JSON_STRING) {
size_t sz; size_t sz;
const char *s = conf_string_or_envvar(json_string_value(jelem)); ac->commands[cur] = conf_string_or_envvar(json_string_value(jelem));
sz = strlen(s);
ac->commands[cur] = calloc(1 + sz, 1);
memcpy(ac->commands[cur], s, sz);
cur++; cur++;
} }
} }
@ -252,6 +248,7 @@ conf_parse_acl(json_t *j) {
base64_init_encodestate(&b64); base64_init_encodestate(&b64);
pos = base64_encode_block(plain, (int)plain_len, a->http_basic_auth, &b64); pos = base64_encode_block(plain, (int)plain_len, a->http_basic_auth, &b64);
free(plain);
if(!pos) { /* nothing was encoded */ if(!pos) { /* nothing was encoded */
fprintf(stderr, "Error: could not encode credentials as HTTP basic auth header\n"); fprintf(stderr, "Error: could not encode credentials as HTTP basic auth header\n");
exit(1); exit(1);

Write Preview
Loading…
Cancel
Save