$OpenBSD: patch-authenticate_c,v 1.1 2001/02/19 15:00:55 danh Exp $
--- authenticate.c.orig	Tue Jan 30 12:43:55 2001
+++ authenticate.c	Tue Jan 30 12:43:55 2001
@@ -28,7 +28,7 @@ static /*const*/char rcsid[]=
 #else
 #include "config.h"
 
-#define _XOPEN_SOURCE
+/* #define _XOPEN_SOURCE */
 
 #include <sys/types.h>
 #include <unistd.h>
@@ -50,7 +50,7 @@ static /*const*/char rcsid[]=
 #define VIRTUALUSER	"vpop"
 
 #ifndef MAILSPOOLDIR
-#define MAILSPOOLDIR	"/var/spool/mail/"	     /* watch the trailing / */
+#define MAILSPOOLDIR	"/var/mail/"	     /* watch the trailing / */
 #endif
 #ifndef MAILSPOOLHASH
 #define MAILSPOOLHASH	0      /* 2 would deliver to /var/spool/mail/b/a/bar */
@@ -100,6 +100,7 @@ static void getlogname(user,sock)const c
   struct sockaddr_in sockname;
 #endif
   int namelen=sizeof sockname;const char*retval="";
+  void *p;
   if(!getsockname(sock,(struct sockaddr*)&sockname,&namelen))
    {
 #ifdef INET6
@@ -115,16 +116,17 @@ static void getlogname(user,sock)const c
 	retval=hent->h_name;
 #endif
    }
-  if(auth_logname=			   /* memory leak when out of memory */
-   realloc(auth_logname,(namelen=strlen(retval))+1+strlen(user)+1))
-   { strcpy(auth_logname,retval)[namelen]='/';
+  if(p=realloc(auth_logname,(namelen=strlen(retval))+1+strlen(user)+1))
+   { auth_logname=p;
+     strcpy(auth_logname,retval)[namelen]='/';
      strcpy(auth_logname+namelen+1,user);
-   }
+   } else { free(auth_logname); auth_logname=NULL; }
 }
 
 static const struct passwd*cgetpwnam(user,sock)const char*user;
  const int sock;
 {
+  void *p;
 #ifdef VIRTUALSERVER
   DB_ENV dbenv;DB*db;
   memset(&dbenv,0,sizeof dbenv);
@@ -155,14 +157,18 @@ freesec:       { free(authi.usersecret);
 novirt:	      strcpy(auth_logname,user);
 	 }
 	db->close(db,0);
-      }					   /* memory leak when out of memory */
-     else if(auth_logname=realloc(auth_logname,strlen(user)+1))
-	strcpy(auth_logname,user);			 /* DB doesn't exist */
+      }
+     else if(p=realloc(auth_logname,strlen(user)+1))
+      { auth_logname=p;
+        strcpy(auth_logname,user);			 /* DB doesn't exist */
+      } else { free(auth_logname); auth_logname=NULL; }
      db_appexit(&dbenv);
    }
   else						     /* DB subsystem problem */
-   { if(auth_logname=realloc(auth_logname,strlen(user)+1))
-	strcpy(auth_logname,user);
+   { if(p=realloc(auth_logname,strlen(user)+1))
+	 { auth_logname=p;
+	   strcpy(auth_logname,user);
+	 } else { free(auth_logname); auth_logname=NULL; }
    }
 #endif
   return getpwnam(user);	       /* this should be selfexplanatory :-) */