summaryrefslogtreecommitdiff
path: root/dovecot/CVE-2017-15132.patch
blob: 6b147abef6ef06e317510bc5b3b865341d586534 (plain) 
    1 From 1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 Mon Sep 17 00:00:00 2001
    2 From: Timo Sirainen <timo.sirainen@dovecot.fi>
    3 Date: Mon, 18 Dec 2017 16:50:51 +0200
    4 Subject: [PATCH] lib-auth: Fix memory leak in auth_client_request_abort()
    5 
    6 This caused memory leaks when authentication was aborted. For example
    7 with IMAP:
    8 
    9 a AUTHENTICATE PLAIN
   10 *
   11 
   12 Broken by 9137c55411aa39d41c1e705ddc34d5bd26c65021
   13 ---
   14  src/lib-auth/auth-client-request.c | 1 +
   15  1 file changed, 1 insertion(+)
   16 
   17 diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c
   18 index 480fb42b30..046f7c307d 100644
   19 --- a/src/lib-auth/auth-client-request.c
   20 +++ b/src/lib-auth/auth-client-request.c
   21 @@ -186,6 +186,7 @@ void auth_client_request_abort(struct auth_client_request **_request)
   22  
   23  	auth_client_send_cancel(request->conn->client, request->id);
   24  	call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL);
   25 +	pool_unref(&request->pool);
   26  }
   27  
   28  unsigned int auth_client_request_get_id(struct auth_client_request *request)

Generated by cgit