From: Ilia Alshanetsky <iliaa@php.net>
Date: Tue, 12 Jul 2005 16:53:30 +0000 (+0000)
Subject: Fixed double-free in the digest authentication handling.
X-Git-Tag: php-5.1.0b3~26
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0131b2b032501017e9a9ad314bdf77c587a7afd0;p=php

Fixed double-free in the digest authentication handling.

# Found and Reported by Stefan Esser
---

diff --git a/main/SAPI.c b/main/SAPI.c
index e6ce825375..0b9405dab1 100644
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -455,7 +455,7 @@ SAPI_API void sapi_initialize_empty_request(TSRMLS_D)
 {
 	SG(server_context) = NULL;
 	SG(request_info).request_method = NULL;
-	SG(request_info).auth_user = SG(request_info).auth_password = NULL;
+	SG(request_info).auth_digest = SG(request_info).auth_user = SG(request_info).auth_password = NULL;
 	SG(request_info).content_type_dup = NULL;
 }
 
diff --git a/main/main.c b/main/main.c
index ef336e03c0..6a792e8bff 100644
--- a/main/main.c
+++ b/main/main.c
@@ -1767,13 +1767,19 @@ PHPAPI int php_handle_auth_data(const char *auth TSRMLS_DC)
 
 	if (ret == -1) {
 		SG(request_info).auth_user = SG(request_info).auth_password = NULL;
+	} else {
+		SG(request_info).auth_digest = NULL;
 	}
 	
-	if (auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7) == 0) {
+	if (ret == -1 && auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7) == 0) {
 		SG(request_info).auth_digest = estrdup(auth);
 		ret = 0;
 	}
 
+	if (ret == -1) {
+		SG(request_info).auth_digest = NULL;
+	}
+
 	return ret;
 }
 /* }}} */