autofs-5.1.4 - fix use after free in parse_ldap_config()
From: Ian Kent <raven@themaw.net>
Commit a4a2af5f30 (covarity fixes) incorrecly frees local variable
authtype after assigning it to a lookup context structure member.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/lookup_ldap.c | 2 --
2 files changed, 1 insertion(+), 2 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -32,6 +32,7 @@ xx/xx/2018 autofs-5.1.5
- fix age setting at startup.
- fix update_negative_cache() map source usage.
- fix program usage message.
+- fix use after free in parse_ldap_config().
19/12/2017 autofs-5.1.4
- fix spec file url.
--- autofs-5.1.4.orig/modules/lookup_ldap.c
+++ autofs-5.1.4/modules/lookup_ldap.c
@@ -1383,8 +1383,6 @@ auth_fail:
user, secret ? "specified" : "unspecified",
client_princ, client_cc);
}
- if (authtype)
- free(authtype);
out:
xmlFreeDoc(doc);
if (auth_conf)