auth: auth-sasl - Fix potential segfault in request handling

Keep reference to the request during auth_sasl_request_initial() and
auth_sasl_request_continue() to prevent the auth request object from going away
during callbacks while lib-sasl is still working with it.

Reported by Valgrind.

diff --git a/src/auth/auth-sasl.c b/src/auth/auth-sasl.c
index a90581923d548631eb38d9d1b39d3b0c82be7e66..cbc67ccb291329cb5a2cec85ed7d59989f545a32 100644 (file)
--- a/src/auth/auth-sasl.c
+++ b/src/auth/auth-sasl.c
@@ -322,15 +322,19 @@ void auth_sasl_request_deinit(struct auth_request *request)
 
 void auth_sasl_request_initial(struct auth_request *request)
 {
+       auth_request_ref(request);
        sasl_server_request_initial(&request->sasl.req,
                                    request->initial_response,
                                    request->initial_response_len);
+       auth_request_unref(&request);
 }
 
 void auth_sasl_request_continue(struct auth_request *request,
                                const unsigned char *data, size_t data_size)
 {
+       auth_request_ref(request);
        sasl_server_request_input(&request->sasl.req, data, data_size);
+       auth_request_unref(&request);
 }
 
 /*