> > diff --git a/src/modules/raop/raop-client.c b/src/modules/raop/raop-client.c
> > index 4c3083e..03558f6 100644
> > --- a/src/modules/raop/raop-client.c
> > +++ b/src/modules/raop/raop-client.c
> > @@ -1223,7 +1223,7 @@ static void rtsp_auth_cb(pa_rtsp_client *rtsp, pa_rtsp_state_t state, pa_rtsp_st
> > static bool waiting = false;
> > const char *current = NULL;
> > char space[] = " ";
> > - char *token,*ath = NULL;
> > + char *token, *ath = NULL;
> > char *publ, *wath, *mth, *val;
>
> Should we initialize mth to NULL here to prevent freeing a random address later?
> This could happen when `wath = pa_xstrdup(pa_headerlist_gets(headers, "WWW-Authenticate"));` becomes NULL.
>
> > char *realm = NULL, *nonce = NULL, *response = NULL;
> > char comma[] = ",";
> > @@ -1260,9 +1260,6 @@ static void rtsp_auth_cb(pa_rtsp_client *rtsp, pa_rtsp_state_t state, pa_rtsp_st
> > pa_raop_basic_response(DEFAULT_USER_NAME, c->password, &response);
> > ath = pa_sprintf_malloc("Basic %s",
> > response);
> > -
> > - pa_xfree(response);
> > - pa_xfree(realm);
> > } else if (pa_safe_streq(mth, "Digest")) {
> > rtrim_char(realm, '\"');
> > rtrim_char(nonce, '\"');
yes, this is addressed in a followup patch
thanks, regards, p.
--
Peter Meerwald-Stadler
Mobile: +43 664 24 44 418
