From 7a3b69f2d7a5660d41a844c0a47eae8a643bba2f Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Wed, 3 Feb 2021 17:24:31 +0000
Subject: [PATCH] Fix possible leak during connect.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #2057. Thanks to Przemysław Zygmunt.
---
 ChangeLog.txt        |  1 +
 src/handle_connect.c | 12 ++++++------
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/ChangeLog.txt b/ChangeLog.txt
index edfc3d97..79a82b90 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,6 +1,7 @@
 Broker:
 - Fix exporting of executable symbols on BSD when building via makefile.
 - Fix some minor memory leaks on exit only.
+- Fix possible memory leak on connect. Closes #2057.
 
 Clients:
 - Fix config files truncating options after the first space. Closes #2059.
diff --git a/src/handle_connect.c b/src/handle_connect.c
index bc5c4604..6dfd9e3a 100644
--- a/src/handle_connect.c
+++ b/src/handle_connect.c
@@ -351,7 +351,6 @@ static int will__read(struct mosquitto *context, const char *client_id, struct m
 			}else{
 				send__connack(context, 0, CONNACK_REFUSED_NOT_AUTHORIZED, NULL);
 			}
-			context__disconnect(context);
 			rc = MOSQ_ERR_PAYLOAD_SIZE;
 			goto error_cleanup;
 		}
@@ -835,6 +834,7 @@ int handle__connect(struct mosquitto *context)
 	if(context->auth_method){
 		rc = mosquitto_security_auth_start(context, false, auth_data, auth_data_len, &auth_data_out, &auth_data_out_len);
 		mosquitto__free(auth_data);
+		auth_data = NULL;
 		if(rc == MOSQ_ERR_SUCCESS){
 			return connect__on_authorised(context, auth_data_out, auth_data_out_len);
 		}else if(rc == MOSQ_ERR_AUTH_CONTINUE){
@@ -844,22 +844,23 @@ int handle__connect(struct mosquitto *context)
 			return rc;
 		}else{
 			free(auth_data_out);
+			auth_data_out = NULL;
 			will__clear(context);
 			if(rc == MOSQ_ERR_AUTH){
 				send__connack(context, 0, MQTT_RC_NOT_AUTHORIZED, NULL);
 				mosquitto__free(context->id);
 				context->id = NULL;
-				return MOSQ_ERR_PROTOCOL;
+				goto handle_connect_error;
 			}else if(rc == MOSQ_ERR_NOT_SUPPORTED){
 				/* Client has requested extended authentication, but we don't support it. */
 				send__connack(context, 0, MQTT_RC_BAD_AUTHENTICATION_METHOD, NULL);
 				mosquitto__free(context->id);
 				context->id = NULL;
-				return MOSQ_ERR_PROTOCOL;
+				goto handle_connect_error;
 			}else{
 				mosquitto__free(context->id);
 				context->id = NULL;
-				return rc;
+				goto handle_connect_error;
 			}
 		}
 	}else{
@@ -885,12 +886,11 @@ int handle__connect(struct mosquitto *context)
 					}else{
 						send__connack(context, 0, CONNACK_REFUSED_NOT_AUTHORIZED, NULL);
 					}
-					context__disconnect(context);
 					rc = MOSQ_ERR_AUTH;
 					goto handle_connect_error;
 					break;
 				default:
-					context__disconnect(context);
+					rc = MOSQ_ERR_UNKNOWN;
 					goto handle_connect_error;
 					break;
 			}