projects / platform / core / api / http.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ddfa44a)
[SATIZENVUL-1601] Fix incorrect use of free 31/188531/2 accepted/tizen/5.0/unified/20181102.013751 accepted/tizen/unified/20180906.144201 submit/tizen/20180906.014555 submit/tizen_5.0/20181101.000002
authorchleun.moon <chleun.moon@samsung.com>
Thu, 6 Sep 2018 00:20:13 +0000 (09:20 +0900)
committerchleun.moon <chleun.moon@samsung.com>
Thu, 6 Sep 2018 01:40:35 +0000 (10:40 +0900)
Change-Id: I33dd481d6cad29ffe4013d480530ac8b46441cb0
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
packaging/capi-network-http.spec patch | blob | history
src/http_transaction.c patch | blob | history

diff --git a/packaging/capi-network-http.spec b/packaging/capi-network-http.spec
index 99b6f3f2b46d6540ee8971165bfbd06497bab7c9..38cf333ea8b5a2f77331d244dbff4aef00a24009 100644 (file)
--- a/packaging/capi-network-http.spec
+++ b/packaging/capi-network-http.spec
@@ -1,6 +1,6 @@
 Name:          capi-network-http
 Summary:       Http Framework
-Version:       0.0.35
+Version:       0.0.36
 Release:       0
 Group:         System/Network
 License:       Apache-2.0
diff --git a/src/http_transaction.c b/src/http_transaction.c
index 6894c055c0fc7940bd8591370ddb5bd125314f71..ef4252e02427932505eaa16735dfc555bb64c7a6 100644 (file)
--- a/src/http_transaction.c
+++ b/src/http_transaction.c
@@ -366,13 +366,14 @@ int _transaction_submit(gpointer user_data)
                gchar *credentials = NULL;
                int credentials_len = 0;
 
-               http_transaction_get_credentials(transaction, &user_name, &password);
+               ret = http_transaction_get_credentials(transaction, &user_name, &password);
+               if (ret != HTTP_ERROR_NONE)
+                       return ret;
+
                credentials_len = sizeof(gchar) * (strlen(user_name) + 1 + strlen(password) + 1);
                credentials = (gchar *)malloc(credentials_len);
                if (credentials) {
                        snprintf(credentials, credentials_len, "%s:%s", (gchar*)user_name, (gchar*)password);
-                       free(user_name);
-                       free(password);
 
                        http_transaction_get_http_auth_scheme(transaction, &auth_scheme);
 
@@ -388,6 +389,8 @@ int _transaction_submit(gpointer user_data)
                        }
                        free(credentials);
                }
+               free(user_name);
+               free(password);
        }
        //LCOV_EXCL_STOP
 
@@ -1160,6 +1163,8 @@ API int http_transaction_get_credentials(http_transaction_h http_transaction, ch
        *password = g_strdup(transaction->password);
        if (*password == NULL) {
                ERR("strdup is failed\n");
+               g_free(*user_name);
+               *user_name = NULL;
                return HTTP_ERROR_OUT_OF_MEMORY;
        }
        return HTTP_ERROR_NONE;
Domain: Network & Connectivity / Data Network;