Fix segmentation fault when deleting the sessions Fix the segmentation fault caused by deleting the sessions via Redfish. Do not compare the username when deleting the sessions with no-auth. Tested: Delete the session via Redfish and bmcweb not crashed Signed-off-by: wukaihua-fii-na <eason.kh.wu@fii-na.com> Change-Id: I7f5268e7243a22ba5010ba5b8b4c82f19b8b4f20

commit: 0fd2986567e6e5328942e126b2c7ed28ab12de83 [log] [tgz]
author: wukaihua-fii-na <eason.kh.wu@fii-na.com> Wed May 18 09:19:16 2022 +0800
committer: Ed Tanous <ed@tanous.net> Tue May 24 14:06:52 2022 +0000
tree: 68b8d014ecca24bd7d20b3d96ac74b6498af4a85
parent: 244256cc493c6c258ce3784b5128cab85ce56c6d [diff]
diff --git a/redfish-core/lib/redfish_sessions.hpp b/redfish-core/lib/redfish_sessions.hpp
index 58499a5..89008c9 100644
--- a/redfish-core/lib/redfish_sessions.hpp
+++ b/redfish-core/lib/redfish_sessions.hpp

@@ -89,7 +89,8 @@
     // then the ConfigureSelf privilege does not apply.  In that
     // case, perform the authority check again without the user's
     // ConfigureSelf privilege.
-    if (session->username != req.session->username)
+    if (req.session != nullptr && !session->username.empty() &&
+        session->username != req.session->username)
     {
         Privileges effectiveUserPrivileges =
             redfish::getUserPrivileges(req.userRole);
commit	0fd2986567e6e5328942e126b2c7ed28ab12de83	[log] [tgz]
author	wukaihua-fii-na <eason.kh.wu@fii-na.com>	Wed May 18 09:19:16 2022 +0800
committer	Ed Tanous <ed@tanous.net>	Tue May 24 14:06:52 2022 +0000
tree	68b8d014ecca24bd7d20b3d96ac74b6498af4a85
parent	244256cc493c6c258ce3784b5128cab85ce56c6d [diff]