cURL / Mailing Lists / curl-library / Single Mail

curl-library

Mem leak in curl_ntlm_msg.c

From: Gisle Vanem <gvanem_at_broadpark.no>
Date: Fri, 08 Feb 2013 13:55:41 +0100

Running tests\libtest\libntlmconnect.exe reveals a 1 byte (!) leak in
./lib/curl_ntlm_msgs.c:

perl ..\memanalyze.pl c:memdebug.curl
Leak detected: memory still allocated: 1 bytes
At 9771e8, there's 1 bytes.
 allocated by curl_ntlm_msgs.c:399

Snippet from curl_ntlm_msgs.c:
    /* setup ntlm identity's domain and length */
    dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1));

(my domlen == 0).

'dup_domain.tbyte_ptr' looks to be freed in Curl_ntlm_sspi_cleanup()
via 'ntlm->identity.Domain'. But I see no freeing of 'dup_domain.tchar_ptr'.

Patch:

--- Git-latest\lib\curl_ntlm_msgs.c Mon Jan 28 16:48:37 2013
+++ curl_ntlm_msgs.c Fri Feb 08 13:52:21 2013
@@ -405,6 +405,7 @@
     *(dup_domain.tchar_ptr + domlen) = TEXT('\0');
     ntlm->identity.Domain = dup_domain.tbyte_ptr;
     ntlm->identity.DomainLength = curlx_uztoul(domlen);
+ free(dup_domain.tchar_ptr);
     dup_domain.tchar_ptr = NULL;

     Curl_unicodefree(useranddomain.tchar_ptr);

--gv
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-08