Fix memory leak related to use_identity_as_username.

8 years ago · 53c71b2a77
parent 88f72f3f14
commit 53c71b2a77
2 changed files with 8 additions and 0 deletions
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@ -1,6 +1,8 @@
 Broker:
 - Use constant time memcmp for password comparisons.
 - Fix incorrect PSK key being used if it had leading zeroes.
+- Fix memory leak if a client provided a username/password for a listener with
+  use_identity_as_username configured.

 Client library:
 - Fix incorrect PSK key being used if it had leading zeroes.
--- a/src/read_handle_server.c
+++ b/src/read_handle_server.c
@ -336,6 +336,12 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)

 #ifdef WITH_TLS
 	if(context->listener && context->listener->ssl_ctx && context->listener->use_identity_as_username){
+		/* Don't need the username or password if provided */
+		_mosquitto_free(username);
+		username = NULL;
+		_mosquitto_free(password);
+		password = NULL;
+
 		if(!context->ssl){
 			_mosquitto_send_connack(context, 0, CONNACK_REFUSED_BAD_USERNAME_PASSWORD);
 			rc = 1;