Re: PATCH: anti memleak part 1
- From: Brian Stafford <brian stafford uklinux net>
- To: Peter Bloomfield <PeterBloomfield MindSpring com>
- Cc: Balsa list <balsa-list gnome org>,Ali Akcaagac <ali akcaagac stud fh-wilhelmshaven de>
- Subject: Re: PATCH: anti memleak part 1
- Date: Thu, 18 Oct 2001 19:21:10 +0100
On 2001.10.18 16:53:56 +0100 Peter Bloomfield wrote:
> > diff -ruN balsa-cvs/src/balsa-app.c balsa/src/balsa-app.c
> > --- balsa-cvs/src/balsa-app.c Thu Oct 18 16:38:15 2001
> > +++ balsa/src/balsa-app.c Thu Oct 18 16:51:17 2001
> ...
> > @@ -188,14 +186,14 @@
> > static int
> > tlsinteract (char *buf, int buflen, int rwflag, void *arg)
> > {
> > - char *pw;
> > int len;
> >
> > - pw = balsa_app.smtp_certificate_passphrase;
> > - len = strlen (pw);
> > + len = strlen (balsa_app.smtp_certificate_passphrase);
> > +
> > if (len + 1 > buflen)
> > return 0;
> > - strcpy (buf, pw);
> > +
> > + buf = balsa_app.smtp_certificate_passphrase;
> > return len;
> > }
> > #endif
>
> I don't think this one works.
Quite right!
> `tlsinteract' would have to be called
> with `char **buf_p' instead of `char *buf', and then you could end
> with `*buf_p = balsa_app.smtp_certificate_passphrase;'
That won't work either.
> In your
> suggested code, `buf' is changed on the stack, but nothing is changed
> in the caller's frame.
Basic C semantics.
The strcpy() is important. It's because the pass phrase must be copied
to a buffer maintained by the OpenSSL code, hence the preceeding test
against the buffer length.
> If you *really* wanted to get rid of `char *pw', you could finish up
> with `strcpy (buf, balsa_app.smtp_certificate_passphrase);'
Not sure why I wrote the code like this. Either I had a good reason
that escapes me just now, or I copied and edited it from somewhere else!
Brian Stafford
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
