summaryrefslogtreecommitdiff
path: root/imap
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2021-08-28 00:41:09 -0600
committerEduardo Chappa <chappa@washington.edu>2021-08-28 00:41:09 -0600
commit5431d789f6a736924230ff3e51c14e0db441bdb6 (patch)
treee005e44b755c855d38c3c1d2ffffd1a6fd952dab /imap
parentd2ae2bad36529e3381a642d85947d1fd00fc3ffc (diff)
downloadalpine-5431d789f6a736924230ff3e51c14e0db441bdb6.tar.xz
* Fix of more memory leaks and a crash due to incorrect freeing of memory, introduced
in commit 8961761e0b3c7b3cc11a00f6ac6ebf7a29bc5a10
Diffstat (limited to 'imap')
-rw-r--r--imap/src/c-client/auth_oa2.c13
-rw-r--r--imap/src/c-client/oauth2_aux.c26
2 files changed, 23 insertions, 16 deletions
diff --git a/imap/src/c-client/auth_oa2.c b/imap/src/c-client/auth_oa2.c
index 2f52c4f2..9081a1e3 100644
--- a/imap/src/c-client/auth_oa2.c
+++ b/imap/src/c-client/auth_oa2.c
@@ -25,7 +25,9 @@ AUTHENTICATOR auth_oa2 = {
};
#define OAUTH2_USER "user="
+#define OAUTH2_USER_LEN (5) /* strlen(OAUTH2_USER) */
#define OAUTH2_BEARER "auth=Bearer "
+#define OAUTH2_BEARER_LEN (12) /* strlen(OAUTH2_BEARER) */
/* Client authenticator
* Accepts: challenger function
@@ -142,8 +144,8 @@ long auth_oauth2_client (authchallenge_t challenger,authrespond_t responder, cha
ret = base ? NIL : LONGT; /* will get a BAD response back */
}
else {
- unsigned long rlen = strlen(OAUTH2_USER) + strlen(user)
- + strlen(OAUTH2_BEARER) + strlen(oauth2.access_token) + 1 + 2;
+ unsigned long rlen = OAUTH2_USER_LEN + OAUTH2_BEARER_LEN + 2
+ + strlen(user) + strlen(oauth2.access_token) + 1;
char *response = (char *) fs_get (rlen + 1);
sprintf(response, "%s%s\001%s%s\001\001", OAUTH2_USER, user, OAUTH2_BEARER, oauth2.access_token);
if ((*responder) (stream,base,response,rlen)) {
@@ -157,13 +159,8 @@ long auth_oauth2_client (authchallenge_t challenger,authrespond_t responder, cha
* Refresh Token has expired somehow, we invalidate it if we
* reach *trial to 3. This forces the process to restart later on.
*/
- if(*trial == 3){
- if(oauth2.param[OA2_State].value)
- fs_give((void **) &oauth2.param[OA2_State].value);
- fs_give((void **) &oauth2.param[OA2_RefreshToken].value);
- fs_give((void **) &oauth2.access_token);
+ if(*trial == 3)
oauth2.expiration = 0L;
- }
}
}
fs_give ((void **) &response);
diff --git a/imap/src/c-client/oauth2_aux.c b/imap/src/c-client/oauth2_aux.c
index 5af94992..d2ad6ce6 100644
--- a/imap/src/c-client/oauth2_aux.c
+++ b/imap/src/c-client/oauth2_aux.c
@@ -143,6 +143,7 @@ mm_login_oauth2_c_client_method (NETMBX *mb, char *user, char *method,
if(ogci && (x = (*ogci)(oauth2->name, user)) != NULL){
oauth2->param[OA2_Id].value = cpystr(x->client_id);
oauth2->param[OA2_Secret].value = x->client_secret ? cpystr(x->client_secret) : NULL;
+ if(oauth2->param[OA2_Tenant].value) fs_give((void **) &oauth2->param[OA2_Tenant].value);
oauth2->param[OA2_Tenant].value = x->tenant ? cpystr(x->tenant) : NULL;
free_xoauth2_info(&x);
}
@@ -207,7 +208,9 @@ mm_login_oauth2_c_client_method (NETMBX *mb, char *user, char *method,
case HTTP_UNAUTHORIZED:
mm_log("Client not authorized (wrong client-id?)", ERROR);
break;
- case HTTP_OK: json_assign ((void **) &oauth2->access_token, json, "access_token", JString);
+ case HTTP_OK: if(oauth2->access_token)
+ fs_give((void **) &oauth2->access_token);
+ json_assign ((void **) &oauth2->access_token, json, "access_token", JString);
if((jx = json_body_value(json, "expires_in")) != NULL)
switch(jx->jtype){
case JString: oauth2->expiration = time(0) + atol((char *) jx->value);
@@ -266,7 +269,11 @@ mm_login_oauth2_c_client_method (NETMBX *mb, char *user, char *method,
JSON_S *jx;
switch(status){
- case HTTP_OK : json_assign ((void **) &oauth2->param[OA2_RefreshToken].value, json, "refresh_token", JString);
+ case HTTP_OK : if(oauth2->param[OA2_RefreshToken].value)
+ fs_give((void **) &oauth2->param[OA2_RefreshToken].value);
+ json_assign ((void **) &oauth2->param[OA2_RefreshToken].value, json, "refresh_token", JString);
+ if(oauth2->access_token)
+ fs_give((void **) &oauth2->access_token);
json_assign ((void **) &oauth2->access_token, json, "access_token", JString);
if((jx = json_body_value(json, "expires_in")) != NULL)
@@ -339,8 +346,12 @@ void oauth2deviceinfo_get_accesscode(void *inp, void *outp)
break;
- case HTTP_OK : json_assign ((void **) &oauth2->param[OA2_RefreshToken].value, json, "refresh_token", JString);
- json_assign ((void **) &oauth2->access_token, json, "access_token", JString);
+ case HTTP_OK : if(oauth2->param[OA2_RefreshToken].value)
+ fs_give((void **) &oauth2->param[OA2_RefreshToken].value);
+ json_assign ((void **) &oauth2->param[OA2_RefreshToken].value, json, "refresh_token", JString);
+ if(oauth2->access_token)
+ fs_give((void **) &oauth2->access_token);
+ json_assign ((void **) &oauth2->access_token, json, "access_token", JString);
if((jx = json_body_value(json, "expires_in")) != NULL)
switch(jx->jtype){
@@ -425,16 +436,15 @@ void renew_accesstoken(MAILSTREAM *stream)
user[0] = '\0';
mm_login_method (&mb, user, (void *) &oauth2, trial, stream->auth.name);
- oauth2.param[OA2_State].value = NIL; /* this is freed before we get here */
+ if(oauth2.access_token) /* we need a new one */
+ fs_give((void **) &oauth2.access_token);
if(stream->auth.expiration == 0){
stream->auth.expiration = oauth2.expiration;
+ if(oauth2.param[OA2_RefreshToken].value) fs_give((void **) &oauth2.param[OA2_RefreshToken].value);
return;
}
- if(oauth2.access_token)
- fs_give((void **) &oauth2.access_token);
-
oauth2.param[OA2_State].value = oauth2_generate_state();
mm_login_oauth2_c_client_method (&mb, user, stream->auth.name, &oauth2, trial, &tryanother);