From 38653ec3ca6665dfde1ea94f094b00a5c06fcc4f Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sun, 14 Feb 2021 10:39:42 +0100 Subject: imap.c: fix memory leak in timeout situation for LOGIN auth ...which uses siglongjmp() so that gen_transact() will not return. Note, just in case, this uses local static buffers and is not thread-safe. --- imap.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'imap.c') diff --git a/imap.c b/imap.c index 90c3f92c..a7ddc45f 100644 --- a/imap.c +++ b/imap.c @@ -639,11 +639,13 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting) || ctl->server.authenticate == A_PASSWORD) { /* these sizes guarantee no buffer overflow */ - char *remotename, *password; + static char *remotename, *password; /* XXX FIXME: not thread-safe but is leaky on timeout */ size_t rnl, pwl; rnl = 2 * strlen(ctl->remotename) + 1; pwl = 2 * strlen(ctl->password) + 1; + if (remotename) xfree(remotename); remotename = (char *)xmalloc(rnl); + if (password) xfree(password); password = (char *)xmalloc(pwl); imap_canonicalize(remotename, ctl->remotename, rnl); @@ -654,8 +656,8 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting) memset(shroud, 0x55, sizeof(shroud)); shroud[0] = '\0'; memset(password, 0x55, strlen(password)); - free(password); - free(remotename); + xfree(password); + xfree(remotename); if (ok) { if(ctl->server.authenticate != A_ANY) -- cgit v1.2.3