soup-auth-digest: fix a leak on re-auth

Calling soup_auth_authenticate() on an already-authenticated SoupAuthDigest would leak the old username and hashed password. https://bugzilla.gnome.org/show_bug.cgi?id=690142
author: Dan Winship <danw@gnome.org> 2013-01-12 09:42:50 -0500
committer: Dan Winship <danw@gnome.org> 2013-01-12 09:45:12 -0500
commit: 00170d90c72d0cd2e6fea434e88c03f8e09f7631 (patch)
tree: 3d208a28d43d90ec06a3504be8889a7d9ebb24c8
parent: c63e1392ac6dd3f9e5d32faff1bba8c10b261225 (diff)
download: libsoup-00170d90c72d0cd2e6fea434e88c03f8e09f7631.tar.gz
libsoup-00170d90c72d0cd2e6fea434e88c03f8e09f7631.tar.bz2
libsoup-00170d90c72d0cd2e6fea434e88c03f8e09f7631.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
index b95a996f..1fbb639d 100644
--- a/libsoup/soup-auth-digest.c
+++ b/libsoup/soup-auth-digest.c
@@ -293,6 +293,9 @@ soup_auth_digest_authenticate (SoupAuth *auth, const char *username,
 	SoupAuthDigestPrivate *priv = SOUP_AUTH_DIGEST_GET_PRIVATE (auth);
 	char *bgen;
 
+	g_clear_pointer (&priv->cnonce, g_free);
+	g_clear_pointer (&priv->user, g_free);
+
 	/* Create client nonce */
 	bgen = g_strdup_printf ("%p:%lu:%lu",
 				auth,
author	Dan Winship <danw@gnome.org>	2013-01-12 09:42:50 -0500
committer	Dan Winship <danw@gnome.org>	2013-01-12 09:45:12 -0500
commit	00170d90c72d0cd2e6fea434e88c03f8e09f7631 (patch)
tree	3d208a28d43d90ec06a3504be8889a7d9ebb24c8
parent	c63e1392ac6dd3f9e5d32faff1bba8c10b261225 (diff)
download	libsoup-00170d90c72d0cd2e6fea434e88c03f8e09f7631.tar.gz libsoup-00170d90c72d0cd2e6fea434e88c03f8e09f7631.tar.bz2 libsoup-00170d90c72d0cd2e6fea434e88c03f8e09f7631.zip