diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2002-10-15 17:47:28 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2002-10-15 17:47:28 +0000 |
commit | 7e04bb5c2c206da97fd92d0258f77d12aa6dc337 (patch) | |
tree | f453e78216d32feb8d0d6c2139ee583d0976ae58 /distrib/sets | |
parent | c0772bf3dbe20cd87c6e5d7f522bc15e676b461a (diff) |
If auth_setitem() is called with the current value (ie: the pointer
is the same as the private value) then just return 0 as there is
nothing to do.
This fixes a potentially nasty problem where the caller could grab
the username or style from the auth session via auth_getitem() and
then call auth_verify() with those values. auth_setitem() would
eventually get called which would make a private copy and free the
old values in the auth session. After all this, the stashed username
and/or style pointers would point to freed memory.
Diffstat (limited to 'distrib/sets')
0 files changed, 0 insertions, 0 deletions