Blob Blame History Raw
autofs-5.1.4 - fix use after free in parse_ldap_config()

From: Ian Kent <raven@themaw.net>

Commit a4a2af5f30 (covarity fixes) incorrecly frees local variable
authtype after assigning it to a lookup context structure member.

Signed-off-by: Ian Kent <raven@themaw.net>
---
 CHANGELOG             |    1 +
 modules/lookup_ldap.c |    2 --
 2 files changed, 1 insertion(+), 2 deletions(-)

--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -33,6 +33,7 @@ xx/xx/2018 autofs-5.1.5
 - set bind mount as propagation slave.
 - add master map pseudo options for mount propagation.
 - fix age setting at startup.
+- fix use after free in parse_ldap_config().
 
 19/12/2017 autofs-5.1.4
 - fix spec file url.
--- autofs-5.1.4.orig/modules/lookup_ldap.c
+++ autofs-5.1.4/modules/lookup_ldap.c
@@ -1383,8 +1383,6 @@ auth_fail:
 		      user, secret ? "specified" : "unspecified",
 		      client_princ, client_cc);
 	}
-	if (authtype)
-		free(authtype);
 out:
 	xmlFreeDoc(doc);
 	if (auth_conf)