Fix memory leak in mutt_sasl_cb_pass.

SASL doesn't free the sasl_secret_t, so this was leaking.  Instead,
keep our own pointer to it, and safe_realloc() each time.

sasl_secret_t doesn't need the data field null terminated, so memcpy
the password over.

diff --git a/mutt_sasl.c b/mutt_sasl.c
index 267a59a6a5b93599759cd3bd23f0c7f339e9faf3..d99ba72601356748f6bd27ab6727f7992c194821 100644 (file)
--- a/mutt_sasl.c
+++ b/mutt_sasl.c
@@ -84,6 +84,8 @@ static int getnameinfo_err(int ret)
 
 static sasl_callback_t mutt_sasl_callbacks[5];
 
+static sasl_secret_t *secret_ptr = NULL;
+
 static int mutt_sasl_start (void);
 
 /* callbacks */
@@ -445,9 +447,10 @@ static int mutt_sasl_cb_pass (sasl_conn_t* conn, void* context, int id,
 
   len = strlen (account->pass);
 
-  *psecret = (sasl_secret_t*) safe_malloc (sizeof (sasl_secret_t) + len);
-  (*psecret)->len = len;
-  strcpy ((char*)(*psecret)->data, account->pass);     /* __STRCPY_CHECKED__ */
+  safe_realloc (&secret_ptr, sizeof (sasl_secret_t) + len);
+  memcpy ((char *) secret_ptr->data, account->pass, (size_t) len);
+  secret_ptr->len = len;
+  *psecret = secret_ptr;
 
   return SASL_OK;
 }