From: Steffan Karger <steffan@karger.me>
Date: Tue, 20 Oct 2015 22:38:26 +0000 (+0200)
Subject: Fix memory leak in auth-pam plugin
X-Git-Tag: v2.4_alpha1~212
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cfc13b38bc6504b9768e4cc43311807d6b074672;p=thirdparty%2Fopenvpn.git

Fix memory leak in auth-pam plugin

As it says on the tin.  aresp would not be free'd nor returned by
my_conv() on errors.  Note that we never reach this code if allocation
of aresp failed.

Found with the Clang static analyzer.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <1445380706-20864-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10338
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c
index bd7179271..95692ab22 100644
--- a/src/plugins/auth-pam/auth-pam.c
+++ b/src/plugins/auth-pam/auth-pam.c
@@ -642,6 +642,9 @@ my_conv (int n, const struct pam_message **msg_array,
 
   if (ret == PAM_SUCCESS)
     *response_array = aresp;
+  else
+    free(aresp);
+
   return ret;
 }