diff options
author | Florian Dold <florian.dold@gmail.com> | 2018-01-17 03:37:06 +0100 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2018-01-17 03:37:06 +0100 |
commit | a2a1f52beced12e6319546ff09b925c49c7d2561 (patch) | |
tree | a5bbbc1396b9eb1e48470edd799c7a89dcb500a4 | |
parent | 8e2a1cf439f575505338c11b3bd339d9e8661df4 (diff) | |
download | merchant-a2a1f52beced12e6319546ff09b925c49c7d2561.tar.gz merchant-a2a1f52beced12e6319546ff09b925c49c7d2561.tar.bz2 merchant-a2a1f52beced12e6319546ff09b925c49c7d2561.zip |
fix use after free (copy strings properly)
-rw-r--r-- | src/backend/taler-merchant-httpd_pay.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/backend/taler-merchant-httpd_pay.c b/src/backend/taler-merchant-httpd_pay.c index 6db69e76..539a1941 100644 --- a/src/backend/taler-merchant-httpd_pay.c +++ b/src/backend/taler-merchant-httpd_pay.c @@ -354,12 +354,12 @@ struct PayContext * Optional session id given in @e root. * NULL if not given. */ - const char *session_id; + char *session_id; /** * Transaction ID given in @e root. */ - const char *order_id; + char *order_id; }; @@ -594,6 +594,8 @@ pay_context_cleanup (struct TM_HandlerContext *hc) json_decref (pc->contract_terms); pc->contract_terms = NULL; } + GNUNET_free_non_null (pc->order_id); + GNUNET_free_non_null (pc->session_id); GNUNET_CONTAINER_DLL_remove (pc_head, pc_tail, pc); @@ -1306,9 +1308,12 @@ parse_pay (struct MHD_Connection *connection, return res; } - pc->session_id = json_string_value (json_object_get (root, - "session_id")); - pc->order_id = order_id; + const char *session_id = json_string_value (json_object_get (root, + "session_id")); + if (NULL != session_id) { + pc->session_id = GNUNET_strdup (session_id); + } + pc->order_id = GNUNET_strdup (order_id); GNUNET_assert (NULL == pc->contract_terms); qs = db->find_contract_terms (db->cls, &pc->contract_terms, |