curl-library
RE: Mem leak in curl_ntlm_msg.c
Date: Mon, 11 Feb 2013 20:50:25 +0000
Hi Guys,
On Mon, 11 Feb 2013, Christian Hagele wrote:
> I think you got me wrong. I don't say that there is no memory
> leak, but that your change breaks the existing code.
> I just debugged through the code and made printf-debugging.
> When you try to print out ntml->identity.Domain in
> curl_ntlm_msg.c:410 (right after your inserted free) you will
> see that this pointer is a dangling pointer!
I appreciate it has been a while since I've coded in the ntlm modules but
out of curiosity I ran a debug build under Visual Studio 2010 and I get the
following dialog box:
"Windows has triggered a breakpoint in curld.exe
This may be due to corruption of the heap, which indicates a bug in
curld.exe or any of the DLLs it has loaded.
This may also be due to the user pressing F12 while curld.exe has focus.
The output window may have more diagnostic information.
[Break] [Continue] [Ignore]
If I press break the call stack shows the problem lies with curl_ntlm_msgs.c
at line 286:
Curl_safefree(ntlm->identity.Domain);
> When domainlen is 0 that's not a problem, because the
> pointer doesn't get accessed, but when a domain-name is set
> there will be a problem.
I'm seeing the problem when domainlen is zero as well as when I have a valid
domain.
I can verify that both dup_domain.tbyte_ptr and dup_domain.tchar_ptr are the
same pointer in both circumstances.
If I can help any further please let me know.
Kind Regards
Steve
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-11