Fix memory leak in auth-pam plugin

As it says on the tin.  aresp would not be free'd nor returned by
my_conv() on errors.  Note that we never reach this code if allocation
of aresp failed.

Found with the Clang static analyzer.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <1445380706-20864-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10338
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c
index bd71792711c43cdccbfcbdf1b7bae65e7f126027..95692ab229fb5a2a2f9f01dd7fdf5a8528b74792 100644 (file)
--- a/src/plugins/auth-pam/auth-pam.c
+++ b/src/plugins/auth-pam/auth-pam.c
@@ -642,6 +642,9 @@ my_conv (int n, const struct pam_message **msg_array,
 
   if (ret == PAM_SUCCESS)
     *response_array = aresp;
+  else
+    free(aresp);
+
   return ret;
 }