dovecot-1.0: auth_bind=yes and empty auth_bind_userdn leaked mem...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-1.0/rev/7009b4409849
changeset: 5358:7009b4409849
user:      Timo Sirainen <tss at iki.fi>
date:      Mon Jul 30 09:17:51 2007 +0300
description:
auth_bind=yes and empty auth_bind_userdn leaked memory.

diffstat:

1 file changed, 5 insertions(+), 2 deletions(-)
src/auth/passdb-ldap.c |    7 +++++--

diffs (24 lines):

diff -r faf0bb8cd57d -r 7009b4409849 src/auth/passdb-ldap.c
--- a/src/auth/passdb-ldap.c	Wed Jul 25 16:59:06 2007 +0300
+++ b/src/auth/passdb-ldap.c	Mon Jul 30 09:17:51 2007 +0300
@@ -344,6 +344,7 @@ handle_request_authbind_search(struct ld
 		(struct passdb_ldap_request *)ldap_request;
 	struct auth_request *auth_request = ldap_request->context;
 	LDAPMessage *entry;
+	char *dn;
 
 	entry = handle_request_get_entry(conn, auth_request,
 					 passdb_ldap_request, res);
@@ -353,8 +354,10 @@ handle_request_authbind_search(struct ld
 	ldap_query_save_result(conn, entry, auth_request);
 
 	/* switch the handler to the authenticated bind handler */
-	ldap_request->base =
-		p_strdup(auth_request->pool, ldap_get_dn(conn->ld, entry));
+	dn = ldap_get_dn(conn->ld, entry);
+	ldap_request->base = p_strdup(auth_request->pool, dn);
+	ldap_memfree(dn);
+
 	ldap_request->filter = NULL;
 	ldap_request->callback = handle_request_authbind;