Mysql_free_result () called twice to free same result

If you've made a patch to quick fix a bug or to add a new feature not yet in the main tree then post it here so others can try it out.
Post Reply
Paranoid
Posts: 129
Joined: Thu Feb 05, 2009 10:40 pm

Mysql_free_result () called twice to free same result

Post by Paranoid »

The zmLoadUser function in zm_user.cpp has this section of code:

Code: Select all

  if ( mysql_num_rows(result) == 1 ) {
    MYSQL_ROW dbrow = mysql_fetch_row(result);
    User *user = new User(dbrow);
    mysql_free_result(result);

    if ( 
        (! password )  // relay type must be none
        ||
        verifyPassword(username, password, user->getPassword()) ) {
      Info("Authenticated user '%s'", user->getUsername());
      return user;
    } 
  }  // end if 1 result from db
  mysql_free_result(result);
If you use a valid username but an incorrect password then mysql_free_result() gets called twice. Once in the first if construct and again when the if finishes.
The code should be:

Code: Select all

  if ( mysql_num_rows(result) == 1 ) {
    MYSQL_ROW dbrow = mysql_fetch_row(result);
    User *user = new User(dbrow);

    if ( 
        (! password )  // relay type must be none
        ||
        verifyPassword(username, password, user->getPassword()) ) {
      mysql_free_result(result);
      Info("Authenticated user '%s'", user->getUsername());
      return user;
    } 
  }  // end if 1 result from db
  mysql_free_result(result);
Post Reply