[Spice-devel] [PATCH spice-server 03/11] reds: Remove possible leak during SASL authentication

Mon Dec 11 10:28:00 UTC 2017

We need to free the connection if the mechanism name is wrong

Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
---
 server/reds.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/reds.c b/server/reds.c
index e7b95980..384ebc58 100644
--- a/server/reds.c
+++ b/server/reds.c
@@ -2202,6 +2202,7 @@ static void reds_handle_auth_mechname(void *opaque)
 
     if (!red_sasl_handle_auth_mechname(link->stream, reds_handle_auth_startlen, link)) {
             reds_send_link_error(link, SPICE_LINK_ERR_INVALID_DATA);
+        reds_link_free(link);
     }
 }
 
-- 
2.14.3

