[Commits] [SCM] claws branch, gtk3, updated. 4.0.0-280-g9cbebb67c
wwp at claws-mail.org
wwp at claws-mail.org
Thu Sep 30 20:29:17 CEST 2021
The branch, gtk3 has been updated
via 9cbebb67c87bea3f39f3f7f3997deb7e05d99a8d (commit)
from c75453be80856def79d80ff03f22817c2f7033fa (commit)
Summary of changes:
src/oauth2.c | 38 +++++++++++++++++++++++++++-----------
1 file changed, 27 insertions(+), 11 deletions(-)
- Log -----------------------------------------------------------------
commit 9cbebb67c87bea3f39f3f7f3997deb7e05d99a8d
Author: wwp <subscript at free.fr>
Date: Thu Sep 30 20:29:07 2021 +0200
Fix CID 1491371, 1491094, 1491341, 1491114, 1491203, 1491206, 1491199, 1491219: resource leaks.
diff --git a/src/oauth2.c b/src/oauth2.c
index 87aeaf25e..d7e663008 100644
--- a/src/oauth2.c
+++ b/src/oauth2.c
@@ -215,8 +215,9 @@ int oauth2_obtain_tokens (Oauth2Service provider, OAUTH2Data *OAUTH2Data, const
gchar *request;
gchar *response;
gchar *body;
+ gchar *uri;
gchar *header;
- gchar *tmp_hd;
+ gchar *tmp_hd, *tmp_hd_encoded;
gchar *access_token;
gchar *refresh_token;
gint expiry = 0;
@@ -265,9 +266,11 @@ int oauth2_obtain_tokens (Oauth2Service provider, OAUTH2Data *OAUTH2Data, const
client_id = g_strdup(OAUTH2Data->custom_client_id);
else
client_id = oauth2_decode(OAUTH2info[i][OA2_CLIENT_ID]);
-
- body = g_strconcat ("client_id=", g_uri_escape_string (client_id, NULL, FALSE),
+
+ uri = g_uri_escape_string (client_id, NULL, FALSE);
+ body = g_strconcat ("client_id=", uri,
"&code=",g_uri_escape_string (token, NULL, FALSE), NULL);
+ g_free(uri);
g_free(token);
if(OAUTH2info[i][OA2_CLIENT_SECRET][0]){
@@ -293,8 +296,10 @@ int oauth2_obtain_tokens (Oauth2Service provider, OAUTH2Data *OAUTH2Data, const
body = g_strconcat (body, "&state=", g_uri_escape_string (OAUTH2info[i][OA2_STATE], NULL, FALSE), NULL);
if(OAUTH2info[i][OA2_HEADER_AUTH_BASIC][0]){
- tmp_hd = g_strconcat(client_id, ":", client_secret, NULL);
- header = g_strconcat ("Authorization: Basic ", g_base64_encode (tmp_hd, strlen(tmp_hd)), NULL);
+ tmp_hd = g_strconcat(client_id, ":", client_secret, NULL);
+ tmp_hd_encoded = g_base64_encode (tmp_hd, strlen(tmp_hd));
+ header = g_strconcat ("Authorization: Basic ", tmp_hd_encoded, NULL);
+ g_free(tmp_hd_encoded);
g_free(tmp_hd);
}else{
header = g_strconcat ("", NULL);
@@ -329,6 +334,8 @@ int oauth2_obtain_tokens (Oauth2Service provider, OAUTH2Data *OAUTH2Data, const
g_free(response);
g_free(client_id);
g_free(client_secret);
+ g_free(access_token);
+ g_free(refresh_token);
return (ret);
}
@@ -340,7 +347,7 @@ gint oauth2_use_refresh_token (Oauth2Service provider, OAUTH2Data *OAUTH2Data)
gchar *response;
gchar *body;
gchar *header;
- gchar *tmp_hd;
+ gchar *tmp_hd, *tmp_hd_encoded;
gchar *access_token;
gint expiry = 0;
gint ret;
@@ -400,8 +407,10 @@ gint oauth2_use_refresh_token (Oauth2Service provider, OAUTH2Data *OAUTH2Data)
body = g_strconcat (body, "&state=", g_uri_escape_string (OAUTH2info[i][OA2_STATE], NULL, FALSE), NULL);
if(OAUTH2info[i][OA2_HEADER_AUTH_BASIC][0]){
- tmp_hd = g_strconcat(client_id, ":", client_secret, NULL);
- header = g_strconcat ("Authorization: Basic ", g_base64_encode (tmp_hd, strlen(tmp_hd)), NULL);
+ tmp_hd = g_strconcat(client_id, ":", client_secret, NULL);
+ tmp_hd_encoded = g_base64_encode (tmp_hd, strlen(tmp_hd));
+ header = g_strconcat ("Authorization: Basic ", tmp_hd_encoded, NULL);
+ g_free(tmp_hd_encoded);
g_free(tmp_hd);
}else{
header = g_strconcat ("", NULL);
@@ -432,6 +441,7 @@ gint oauth2_use_refresh_token (Oauth2Service provider, OAUTH2Data *OAUTH2Data)
g_free(response);
g_free(client_id);
g_free(client_secret);
+ g_free(access_token);
return (ret);
}
@@ -515,6 +525,7 @@ gint oauth2_check_passwds (PrefsAccount *ac_prefs)
gint expiry;
OAUTH2Data *OAUTH2Data = g_malloc(sizeof(* OAUTH2Data));
gint ret;
+ gchar *acc;
oauth2_init (OAUTH2Data);
@@ -522,10 +533,13 @@ gint oauth2_check_passwds (PrefsAccount *ac_prefs)
OAUTH2Data->custom_client_secret = ac_prefs->oauth2_client_secret;
if(passwd_store_has_password(PWS_ACCOUNT, uid, PWS_ACCOUNT_OAUTH2_EXPIRY)) {
- expiry = atoi(passwd_store_get_account(ac_prefs->account_id, PWS_ACCOUNT_OAUTH2_EXPIRY));
+ acc = passwd_store_get_account(ac_prefs->account_id, PWS_ACCOUNT_OAUTH2_EXPIRY);
+ expiry = atoi(acc);
+ g_free(acc);
if (expiry > (g_get_real_time () / G_USEC_PER_SEC)){
g_free(OAUTH2Data);
log_message(LOG_PROTOCOL, _("OAuth2 access token still fresh\n"));
+ g_free(uid);
return (0);
}
}
@@ -536,8 +550,9 @@ gint oauth2_check_passwds (PrefsAccount *ac_prefs)
ret = oauth2_use_refresh_token (ac_prefs->oauth2_provider, OAUTH2Data);
}else if (passwd_store_has_password(PWS_ACCOUNT, uid, PWS_ACCOUNT_OAUTH2_AUTH)) {
log_message(LOG_PROTOCOL, _("OAuth2 trying for fresh access token with authorization code\n"));
- ret = oauth2_obtain_tokens (ac_prefs->oauth2_provider, OAUTH2Data,
- passwd_store_get_account(ac_prefs->account_id, PWS_ACCOUNT_OAUTH2_AUTH));
+ acc = passwd_store_get_account(ac_prefs->account_id, PWS_ACCOUNT_OAUTH2_AUTH);
+ ret = oauth2_obtain_tokens (ac_prefs->oauth2_provider, OAUTH2Data, acc);
+ g_free(acc);
}else{
ret = 1;
}
@@ -553,6 +568,7 @@ gint oauth2_check_passwds (PrefsAccount *ac_prefs)
}
g_free(OAUTH2Data);
+ g_free(uid);
return (ret);
}
-----------------------------------------------------------------------
hooks/post-receive
--
Claws Mail
More information about the Commits
mailing list