[PATCH] Stop realm variable in modules/access/http.c from being freed too early.
Aaron Wyatt
github at psi-borg.org
Thu May 7 17:27:05 CEST 2020
Fix to stop the realm variable in modules/access/http.c from being freed
before credentials are stored using the keystore module. (Prevents
keystore modules from creating multiple entries with keys based on junk
data.)
Aaron
---
modules/access/http.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/modules/access/http.c b/modules/access/http.c
index 4384e2b0a3..b4645c0f4e 100644
--- a/modules/access/http.c
+++ b/modules/access/http.c
@@ -142,6 +142,7 @@ static int Open( vlc_object_t *p_this )
char *psz;
int ret = VLC_EGENERIC;
vlc_credential credential;
+ char *psz_realm;
access_sys_t *p_sys = vlc_obj_malloc( p_this, sizeof(*p_sys) );
if( unlikely(p_sys == NULL) )
@@ -166,6 +167,7 @@ static int Open( vlc_object_t *p_this )
p_sys->offset = 0;
p_sys->size = 0;
p_access->p_sys = p_sys;
+ psz_realm = NULL;
if( vlc_UrlParse( &p_sys->url, psz_url ) || p_sys->url.psz_host
== NULL )
{
@@ -298,7 +300,10 @@ connect:
msg_Dbg( p_access, "authentication failed for realm %s",
p_sys->auth.psz_realm );
- credential.psz_realm = p_sys->auth.psz_realm;
+ free( psz_realm );
+ psz_realm = malloc( strlen( p_sys->auth.psz_realm ) + 1 );
+ strcpy( psz_realm, p_sys->auth.psz_realm );
+ credential.psz_realm = psz_realm;
credential.psz_authtype = p_sys->auth.psz_nonce ? "Digest" :
"Basic";
if( vlc_credential_get( &credential, p_access, NULL, NULL,
@@ -339,6 +344,8 @@ connect:
p_access->pf_control = Control;
p_access->pf_seek = Seek;
+ free( psz_realm );
+ psz_realm = NULL;
vlc_credential_clean( &credential );
return VLC_SUCCESS;
@@ -347,6 +354,8 @@ disconnect:
Disconnect( p_access );
error:
+ free( psz_realm );
+ psz_realm = NULL;
vlc_credential_clean( &credential );
vlc_UrlClean( &p_sys->url );
if( p_sys->b_proxy )
--
2.24.2 (Apple Git-127)
More information about the vlc-devel
mailing list