Am 11.02.2013, 13:58 Uhr, schrieb Gisle Vanem <gvanem_at_broadpark.no>:

>> I didn't have the opportunity to test the code, but as
>
> Really? You should build libcurl with '-DCURLDEBUG', do a
> "set CURL_MEMDEBUG=mem_trace_file", run
> tests\libtest\libntlmconnect.exe and check leaks with
> "perl tests\memanalyze.pl mem_trace_file".
>

Maybe I'm stupid, but I couldn't get the unit-tests to work properly on
windows, yet.
I am using Visual-Studio (not Cygwin) to compile curl and libcurl.

> The trace from CURL_MEMDEBUG evidently show a mem-leak in the NTLM
> sources.
> Please take a look at it.

I think you got me wrong. I don't say that there is no memory leak, but
that your change breaks the existing code.
I just debugged through the code and made printf-debugging. When you try
to print out ntml->identity.Domain in curl_ntlm_msg.c:410 (right after
your inserted free) you will see that this pointer is a dangling pointer!
When domainlen is 0 that's not a problem, because the pointer doesn't get
accessed, but when a domain-name is set there will be a problem.

The libntlmconnect-test does not have a domain-name set. Maybe that's the
reason why the problem I am talking about didn't come up.

@Daniel
I know you are not into windows but as you already committed the patch
could you also have a quick look at it.

Regards,

Christian

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-11