diff options
author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2014-06-08 12:15:01 +0200 |
---|---|---|
committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2014-06-08 12:32:10 +0200 |
commit | 5def9c160b5a293b11f6380436d8e99dc3fd5a19 (patch) | |
tree | 619453da3a864eabe7f5a03ae52812bfb23b1de8 | |
parent | 7d514b67fc548b0a1b2287776d6791de71ea0627 (diff) | |
download | lasso-5def9c160b5a293b11f6380436d8e99dc3fd5a19.tar.gz lasso-5def9c160b5a293b11f6380436d8e99dc3fd5a19.tar.xz lasso-5def9c160b5a293b11f6380436d8e99dc3fd5a19.zip |
saml-2.0/profile: fix leak of xmlSecKey when building signed query strings
-rw-r--r-- | lasso/saml-2.0/profile.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lasso/saml-2.0/profile.c b/lasso/saml-2.0/profile.c index 22a2fe3b..cf3f45c2 100644 --- a/lasso/saml-2.0/profile.c +++ b/lasso/saml-2.0/profile.c @@ -1169,9 +1169,7 @@ lasso_saml20_profile_build_http_redirect(LassoProfile *profile, goto_cleanup_if_fail_with_rc (url != NULL, LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL); /* if message is signed, remove XML signature, add query signature */ - context = lasso_node_get_signature(msg); - /* We must duplicate the key since lasso_node_remove_signature will free it. */ - context.signature_key = xmlSecKeyDuplicate(context.signature_key); + lasso_assign_signature_context(context, lasso_node_get_signature(msg)); if (lasso_validate_signature_method(context.signature_method)) { lasso_node_remove_signature(msg); } @@ -1180,6 +1178,7 @@ lasso_saml20_profile_build_http_redirect(LassoProfile *profile, lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query)); lasso_release(profile->msg_body); lasso_release(query); + lasso_assign_new_signature_context(context, LASSO_SIGNATURE_CONTEXT_NONE); cleanup: return rc; |