cURL / Mailing Lists / curl-library / Single Mail


Re: PATCH: prevent a double free() with a malformed LDAP URL

From: Daniel Stenberg <>
Date: Thu, 22 Aug 2013 23:23:29 +0200 (CEST)

On Wed, 21 Aug 2013, Geoff Beier wrote:

> Yes. This made it harder to read for me. Upon success _ldap_free_urldesc()
> was properly freeing elements of ->lud_attrs that had been allocated by
> unescape_elements. Upon error, those elements had been populated by strtok_r
> and didn't need to be freed but were being freed anyway.

Ah yes indeed! That seems to be the culprit.

> So I think the right fix is to free the array but not the individual
> elements whenever we're returning an error code prior to the
> unescape_elements() call.
> Does that match your read? If so I'll rewrite the patch.

Yes it does.

I guess that information, if each line was individually allocated or not,
needs to be stored somewhere so that _ldap_free_urldesc can do the right

List admin:
Received on 2013-08-22