[PATCH] NTLM_AUTH leaks memory when used with old version of curl
Volker.Lendecke at SerNet.DE
Fri Nov 20 04:35:28 MST 2009
On Fri, Nov 20, 2009 at 08:24:49AM +0100, Kai Blin wrote:
> That code seems to exist in master as well. However, I think not duplicating
> the data blob is the wrong fix. The correct fix seems to be to use
> data_blob_talloc() in winbind_pw_check() to hang the memory off the
> ntlmssp_state instead of the NULL context. That way it's freed on calling
> ntlmssp_end() once the reference count drops to 0.
> Volker, what do you think of attached patch (and above reasoning for that
Haven't looked at that piece in the ntlm_auth code, but what
you are saying sounds right. Your patch also looks good, and
if you have run it at least once with it, just push it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: Digital signature
More information about the samba-technical