gsasl: fix potential double free

author Viktor Szakats <commit@vsz.me>

Thu, 14 May 2026 12:35:21 +0000 (14:35 +0200)

committer Viktor Szakats <commit@vsz.me>

Fri, 15 May 2026 09:49:06 +0000 (11:49 +0200)
author Viktor Szakats <commit@vsz.me>
Thu, 14 May 2026 12:35:21 +0000 (14:35 +0200)
committer Viktor Szakats <commit@vsz.me>
Fri, 15 May 2026 09:49:06 +0000 (11:49 +0200)
diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md

index c145690a2caf62b885c8110699fc401ba8a0e611..77f2e437357690d18a4cc090c04dab819f349792 100644 (file)
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -30,6 +30,7 @@ We aim to support these or later versions.
  - c-ares       1.16.0 (2020-03-13)
  - GnuTLS       3.6.5 (2018-12-01)
  - libidn2      2.0.0 (2017-03-29)
+- libgsasl     1.6.0 (2010-12-14)
  - LibreSSL     2.9.1 (2019-04-22)
  - libssh       0.9.0 (2019-06-28)
  - libssh2      1.9.0 (2019-06-20)
diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c

index 3ea77eecd1b46c721d07b5eeea727c8fc9da748e..10a83fdb0998fb4494ca1d663975283ab11c2bf7 100644 (file)
--- a/lib/vauth/gsasl.c
+++ b/lib/vauth/gsasl.c
@@ -32,6 +32,10 @@
  
  #include <gsasl.h>
  
+#if GSASL_VERSION_NUMBER < 0x010600
+#error "requires libgsasl 1.6.0+"
+#endif
+
  bool Curl_auth_gsasl_is_supported(struct Curl_easy *data,
                                    const char *mech,
                                    struct gsasldata *gsasl)
@@ -47,6 +51,7 @@ bool Curl_auth_gsasl_is_supported(struct Curl_easy *data,
    res = gsasl_client_start(gsasl->ctx, mech, &gsasl->client);
    if(res != GSASL_OK) {
      gsasl_done(gsasl->ctx);
+    gsasl->ctx = NULL;
      return FALSE;
    }
author	Viktor Szakats <commit@vsz.me>
	Thu, 14 May 2026 12:35:21 +0000 (14:35 +0200)
committer	Viktor Szakats <commit@vsz.me>
	Fri, 15 May 2026 09:49:06 +0000 (11:49 +0200)
docs/INTERNALS.md		patch \| blob \| blame \| history
lib/vauth/gsasl.c		patch \| blob \| blame \| history