If auth_setitem() is called with the current value (ie: the pointer

is the same as the private value) then just return 0 as there is
nothing to do.

This fixes a potentially nasty problem where the caller could grab
the username or style from the auth session via auth_getitem() and
then call auth_verify() with those values.  auth_setitem() would
eventually get called which would make a private copy and free the
old values in the auth session.  After all this, the stashed username
and/or style pointers would point to freed memory.

0 files changed, 0 insertions, 0 deletions