Skip to content

Commit

Permalink
Fix oss-fuzz 67167.
Browse files Browse the repository at this point in the history 
Leak on startup and reload only, assuming a corrupt password file
provided by the admin. Minimal impact.
  • Loading branch information
@ralight
ralight committed Mar 2, 2024
1 parent f39ecb3 commit 34e0718
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions common/password_mosq.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -436,6 +436,7 @@ static int pw__decode_sha512(struct mosquitto_pw *pw, const char *salt_password)
rc = base64__decode(salt_b64, &salt, &salt_len);
if(rc != MOSQ_ERR_SUCCESS || (salt_len != 12 && salt_len != HASH_LEN)){
free(sp_heap);
free(salt);
return MOSQ_ERR_INVAL;
}
memcpy(pw->params.sha512.salt, salt, salt_len);
Expand Down

0 comments on commit 34e0718

Please sign in to comment.