xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

webfs: fix auth memory leak

Browse source
This commit is contained in:
cinap_lenrek 2012-04-01 01:09:06 +02:00
parent cf112fae1b
commit 7f8fc0c5b4
1 changed files with 21 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
sys/src/cmd/webfs/http.c
View file

@ -289,48 +289,50 @@ static int
authenticate(Url *u, Url *ru, char *method, char *s) authenticate(Url *u, Url *ru, char *method, char *s)
{ {
char *user, *pass, *realm, *nonce, *opaque, *x; char *user, *pass, *realm, *nonce, *opaque, *x;
UserPasswd *up;
Hauth *a; Hauth *a;
Fmt fmt; Fmt fmt;
int n; int n;
up = nil;
user = u->user; user = u->user;
pass = u->pass; pass = u->pass;
realm = nonce = opaque = nil; realm = nonce = opaque = nil;
fmtstrinit(&fmt); fmtstrinit(&fmt);
if(!cistrncmp(s, "Basic ", 6)){ if(!cistrncmp(s, "Basic ", 6)){
char cred[64]; char cred[128], plain[128];
UserPasswd *up;
s += 6; s += 6;
if(x = cistrstr(s, "realm=")) if(x = cistrstr(s, "realm="))
realm = unquote(x+6, &s); realm = unquote(x+6, &s);
if(realm == nil) if(realm == nil)
return -1; return -1;
up = nil;
if(user == nil || pass == nil){ if(user == nil || pass == nil){
fmtprint(&fmt, " realm=%q", realm); fmtprint(&fmt, " realm=%q", realm);
if(user) if(user)
fmtprint(&fmt, " user=%q", user); fmtprint(&fmt, " user=%q", user);
if((s = fmtstrflush(&fmt)) == nil) if((s = fmtstrflush(&fmt)) == nil)
return -1; return -1;
if((up = auth_getuserpasswd(nil, "proto=pass service=http server=%q%s", up = auth_getuserpasswd(nil, "proto=pass service=http server=%q%s", u->host, s);
u->host, s)) == nil) free(s);
if(up == nil)
return -1; return -1;
user = up->user; user = up->user;
pass = up->passwd; pass = up->passwd;
} }
fmtstrinit(&fmt); n = snprint(plain, sizeof(plain), "%s:%s", user ? user : "", pass ? pass : "");
fmtprint(&fmt, "%s:%s", user ? user : "", pass ? pass : ""); if(up){
free(up); memset(up->user, 0, strlen(up->user));
if((s = fmtstrflush(&fmt)) == nil) memset(up->passwd, 0, strlen(up->passwd));
return -1; free(up);
n = enc64(cred, sizeof(cred), (uchar*)s, strlen(s)); }
memset(s, 0, strlen(s)); n = enc64(cred, sizeof(cred), (uchar*)plain, n);
free(s); memset(plain, 0, sizeof(plain));
if(n == -1) if(n == -1)
return -1; return -1;
fmtstrinit(&fmt); fmtstrinit(&fmt);
fmtprint(&fmt, "Basic %s", cred); fmtprint(&fmt, "Basic %s", cred);
memset(cred, 0, sizeof(cred));
u = saneurl(url(".", u)); /* all uris below the requested one */ u = saneurl(url(".", u)); /* all uris below the requested one */
}else }else
if(!cistrncmp(s, "Digest ", 7)){ if(!cistrncmp(s, "Digest ", 7)){
@ -346,14 +348,17 @@ authenticate(Url *u, Url *ru, char *method, char *s)
opaque = unquote(x+7, &s); opaque = unquote(x+7, &s);
if(realm == nil || nonce == nil) if(realm == nil || nonce == nil)
return -1; return -1;
nchal = snprint(chal, sizeof(chal), "%s %s %U", nonce, method, ru);
fmtprint(&fmt, " realm=%q", realm); fmtprint(&fmt, " realm=%q", realm);
if(user) if(user)
fmtprint(&fmt, " user=%q", user); fmtprint(&fmt, " user=%q", user);
if((s = fmtstrflush(&fmt)) == nil) if((s = fmtstrflush(&fmt)) == nil)
return -1; return -1;
if(auth_respond(chal, nchal, ouser, sizeof ouser, resp, sizeof resp, nil, nchal = snprint(chal, sizeof(chal), "%s %s %U", nonce, method, ru);
"proto=httpdigest role=client server=%q%s", u->host, s) < 0) n = auth_respond(chal, nchal, ouser, sizeof ouser, resp, sizeof resp, nil,
"proto=httpdigest role=client server=%q%s", u->host, s);
memset(chal, 0, sizeof(chal));
free(s);
if(n < 0)
return -1; return -1;
fmtstrinit(&fmt); fmtstrinit(&fmt);
fmtprint(&fmt, "Digest "); fmtprint(&fmt, "Digest ");