231698 – Double free in pam_xauth::pam_sm_open_session ()

Bug 231698 - Double free in pam_xauth::pam_sm_open_session ()

Summary: Double free in pam_xauth::pam_sm_open_session ()

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	pam
Sub Component:
Version:	6
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-03-10 05:20 UTC by Miloslav Trmač
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:	pam-0.99.8.1-9.fc8
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-09-21 14:10:27 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Miloslav Trmač 2007-03-10 05:20:12 UTC

Version-Release number of selected component (if applicable):
pam-0.99.6.2-3.16.fc6; the code is identical in pam-0.99.7.1-3.fc7.

Description of problem:
Reading pam_sm_open_session () in pam_xauth:
...
                putenv (xauthority); /* The environment owns this string now. */
...

        free(xauthority);

Steps to reproduce:
Replace userhelper by a wrapper script that runs real userhelper under valgrind,
then run wireshark through consolehelper.

Note You need to log in before you can comment on or make changes to this bug.