MD5 authorization leaks memory

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Enable MD5 authorization
2. Issue login/logout
3. Determine memory allocated
4. Issue login/logout
5. Determine memory allocated

What is the expected output? What do you see instead?

I expected no more memory allocated at step 5 than in step 3.
What I saw was a 548 byte memory leak.

What version of the product are you using? On what operating system?

Version 1.4 (according to README) on an embedded system.

Please provide any additional information below.

The node processed in tagHook() in stream.c is normally released
by the user supplied routine that is processing the node. But for
the special case of an MD5 challenge, the node is processed locally
and never released. So you end up leaking a node.

Fix:

--- os-tcp-arm/modules/iksemel/src/stream.c     (revision 1711)
+++ os-tcp-arm/modules/iksemel/src/stream.c     (working copy)
@@ -303,8 +303,10 @@
                        }
                        if (NULL == iks_parent (x)) {
                                data->current = NULL;
-                               if (iks_strcmp (name, "challenge") == 0)
-                                       iks_sasl_challenge(data, x);
+                               if (iks_strcmp (name, "challenge") == 0) {
+          iks_sasl_challenge(data, x);
+          iks_delete(x) ;
+        }
                                else if (iks_strcmp (name, "stream:error")
== 0) {
                                        err = data->streamHook
(data->user_data, IKS_NODE_ERROR, x);
                                        if (err != IKS_OK) return err;

Original issue reported on code.google.com by j...@psyncretics.com on 11 May 2009 at 7:46

[GoogleCodeExporter]

Good catch! Fixed in trunk.

Original comment by meduke...@gmail.com on 4 Jul 2009 at 8:17

• Changed state: Fixed