discovery: fix an use-after-free in SFB user credentials

The base64 decoded username and password strings given to stun_usage_turn_create() should not freed immediately, since they remain used when handling the following related inbound stun replies.
author: Fabrice Bellet <fabrice@bellet.info> 2019-06-09 13:13:43 +0200
committer: Olivier Crête <olivier.crete@collabora.com> 2019-07-04 17:03:43 -0400
commit: 8e5809b7f709f8f2b49022610e0da7c8e761d322 (patch)
tree: c33d8815d315285f26adfccbf3c8a73b1284694d /agent/candidate.h
parent: 17170c9a393041157f69a3d4ae4eca5a1aaf9a7a (diff)
download: libnice-8e5809b7f709f8f2b49022610e0da7c8e761d322.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/agent/candidate.h b/agent/candidate.h
index e556c16..3418219 100644
--- a/agent/candidate.h
+++ b/agent/candidate.h
@@ -141,6 +141,10 @@ typedef struct _TurnServer TurnServer;
  * @server: The #NiceAddress of the TURN server
  * @username: The TURN username
  * @password: The TURN password
+ * @decoded_username: The base64 decoded TURN username
+ * @decoded_password: The base64 decoded TURN password
+ * @decoded_username_len: The length of @decoded_username
+ * @decoded_password_len: The length of @decoded_password
  * @type: The #NiceRelayType of the server
  *
  * A structure to store the TURN relay settings
@@ -152,6 +156,10 @@ struct _TurnServer
   NiceAddress server;
   gchar *username;
   gchar *password;
+  uint8_t *decoded_username;
+  uint8_t *decoded_password;
+  gsize decoded_username_len;
+  gsize decoded_password_len;
   NiceRelayType type;
 };
author	Fabrice Bellet <fabrice@bellet.info>	2019-06-09 13:13:43 +0200
committer	Olivier Crête <olivier.crete@collabora.com>	2019-07-04 17:03:43 -0400
commit	8e5809b7f709f8f2b49022610e0da7c8e761d322 (patch)
tree	c33d8815d315285f26adfccbf3c8a73b1284694d /agent/candidate.h
parent	17170c9a393041157f69a3d4ae4eca5a1aaf9a7a (diff)
download	libnice-8e5809b7f709f8f2b49022610e0da7c8e761d322.tar.gz