| From 078f98ea154475d953ce5b7cd851732f4dc270a7 Mon Sep 17 00:00:00 2001 |
| From: Hitendra Prajapati <hprajapati@mvista.com> |
| Date: Tue, 5 Jul 2022 09:31:07 +0530 |
| Subject: [PATCH] CVE-2022-24407 |
| |
| Upstream-Status: Backport [https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc] |
| CVE: CVE-2022-24407 |
| Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> |
| --- |
| plugins/sql.c | 1 + |
| 1 file changed, 1 insertion(+) |
| |
| diff --git a/plugins/sql.c b/plugins/sql.c |
| index 6ac81c2f..d90dbac9 100644 |
| --- a/plugins/sql.c |
| +++ b/plugins/sql.c |
| @@ -1127,6 +1127,7 @@ static int sql_auxprop_lookup(void *glob_context, |
| done: |
| if (escap_userid) sparams->utils->free(escap_userid); |
| if (escap_realm) sparams->utils->free(escap_realm); |
| + if (escap_passwd) sparams->utils->free(escap_passwd); |
| if (conn) settings->sql_engine->sql_close(conn); |
| if (userid) sparams->utils->free(userid); |
| if (realm) sparams->utils->free(realm); |
| -- |
| 2.25.1 |
| |