Google Git
Sign in
android / platform / external / libpcap / b54d9a7d^! / .
commitb54d9a7df841a97fe11ddd362e3baf693033ae2b[log] [tgz]
authorGuy Harris <guy@alum.mit.edu>Sat Oct 07 11:27:03 2017 -0700
committerGuy Harris <guy@alum.mit.edu>Sat Oct 07 11:27:03 2017 -0700
treef35631e0f892fd355973b458c33d5294077087ae
parent94ed856a200c9b3cfc46f4783f3c1063842de07f [diff]
Plug some memory leaks.

We allocate memory for the user name and password when using
username/password authentication; free it if the authentication succeeds
or fails.

Fixes Coverity CIDs 1419022 and 1419023.

While we're at it, rename variables to indicate what they're doing
(they're not just two random strings, they're a user name and password),
and put the string pointers into the scope of the "username/password
authentication" case, just as the string lengths are.

diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c
index 38714fe..c77ed00 100755
--- a/rpcapd/daemon.c
+++ b/rpcapd/daemon.c

@@ -470,7 +470,6 @@
 	uint32 totread = 0;		// number of bytes of the payload read from the socket
 	int nread;
 	struct rpcap_auth auth;		// RPCAP authentication header
-	char *string1, *string2;	// two strings exchanged by the authentication message
 	unsigned int plen;		// length of the payload
 	int retcode;			// the value we have to return to the caller
 
@@ -543,47 +542,56 @@
 
 		case RPCAP_RMTAUTH_PWD:
 		{
-			int len1, len2;
+			char *username, *passwd;
+			int usernamelen, passwdlen;
 
-			len1 = ntohs(auth.slen1);
-			len2 = ntohs(auth.slen2);
+			usernamelen = ntohs(auth.slen1);
+			passwdlen = ntohs(auth.slen2);
 
-			string1 = (char *) malloc (len1 + 1);
-			string2 = (char *) malloc (len2 + 1);
+			username = (char *) malloc (usernamelen + 1);
+			passwd = (char *) malloc (passwdlen + 1);
 
-			if ((string1 == NULL) || (string2 == NULL))
+			if ((username == NULL) || (passwd == NULL))
 			{
 				snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc() failed: %s", pcap_strerror(errno));
 				retcode = -1;
 				goto error;
 			}
 
-			nread = sock_recv(sockctrl, string1, len1,
+			nread = sock_recv(sockctrl, username, usernamelen,
 			    SOCK_RECEIVEALL_YES, errbuf, PCAP_ERRBUF_SIZE);
 			if (nread == -1)
 			{
+				free(username);
+				free(passwd);
 				retcode = -1;
 				goto error;
 			}
 			totread += nread;
-			nread = sock_recv(sockctrl, string2, len2,
+			nread = sock_recv(sockctrl, passwd, passwdlen,
 			    SOCK_RECEIVEALL_YES, errbuf, PCAP_ERRBUF_SIZE);
 			if (nread == -1)
 			{
+				free(username);
+				free(passwd);
 				retcode = -1;
 				goto error;
 			}
 			totread += nread;
 
-			string1[len1] = 0;
-			string2[len2] = 0;
+			username[usernamelen] = 0;
+			passwd[passwdlen] = 0;
 
-			if (daemon_AuthUserPwd(string1, string2, errbuf))
+			if (daemon_AuthUserPwd(username, passwd, errbuf))
 			{
+				free(username);
+				free(passwd);
 				retcode = -2;
 				goto error;
 			}
 
+			free(username);
+			free(passwd);
 			break;
 			}